chore(deps): bump mongoose from 8.16.0 to 8.24.0

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps mongoose from 8.16.0 to 8.24.0.

Release notes

Sourced from mongoose's releases.

8.24.0 / 2026-05-14

• feat(aggregate): add pipelineForUnionWith() helper to allow reusing pipelines with $unionWith in TypeScript #16247 #16041 #16033
• fix(connection): handle calling watch() on disconnected connection #16246 #16034
• types: handle compiling with exactOptionalPropertyTypes #16286 #16273

8.23.1 / 2026-04-23

• fix(model): support sort option in Model.bulkWrite() updateOne and replaceOne operations #16091 #16079
• fix(setDefaultsOnInsert): check child filter paths before applying defaults (backport #16031 to 8.x) #16219 marklai1998
• fix(schema): always pass raw string value to error validators, only trim to 30 chars for maxlength validator #16238 #16236 #15550 #15571

8.23.0 / 2026-02-09

• feat(document): add flattenUUIDs option to toObject() and toJSON() (backport #15021 to 8.x)

8.22.1 / 2025-02-04

• fix: handle other top-level query operators in sanitizeFilter
• fix(document): when cloning a doc with subdocs, make sure the subdocs parent is the cloned doc #15904 #15901
• types(models): support Mongoose query casting in AnyBulkWriteOperation filter property #15910
• types: add toBSON() to documents #15927

8.22.0 / 2026-01-27

• feat(model): allow passing strict option to hydrate() #15944 #15940

8.21.1

• fix(clone): fix parent doc for map subdocuments and array subdocuments #15958 AbdelrahmanHafez
• fix(document): when cloning a doc with subdocs, make sure the subdocs parent is the cloned doc #15904 #15901
• fix: respect currentTime schema option in bulkWrite updates #15976 sderrow
• types(models): support Mongoose query casting in AnyBulkWriteOperation filter property #15910
• types: add toBSON() to documents #15927

8.21.0 / 2025-12-29

• feat(document): add support for getAtomics() to allow custom container types to utilize atomics #15817
• feat(document+model): pass options to pre('deleteOne') and update+options to pre('updateOne') hooks #15908 #15870
• fix: add support for typescript style enums #15914 #15913 mjfwebb

8.20.4 / 2025-12-18

• fix(model): ensure $isDeleted is set after calling doc.deleteOne() successfully #15898
• fix(document): use bitwise OR to accumulate version mode flags #15893 #15888 AbdelrahmanHafez

8.20.3 / 2025-12-15

• perf: use Object.hasOwn instead of Object#hasOwnProperty #15875 AbdelrahmanHafez
• fix: improve error when calling Document.prototype.init() with null/undefined #15812 Vegapunk-debug
• types(schema): avoid treating paths with default: null as required #15889

... (truncated)

Changelog

Sourced from mongoose's changelog.

8.24.0 / 2026-05-14

• feat(aggregate): add pipelineForUnionWith() helper to allow reusing pipelines with $unionWith in TypeScript #16247 #16041 #16033
• fix(connection): handle calling watch() on disconnected connection #16246 #16034
• types: handle compiling with exactOptionalPropertyTypes #16286 #16273

9.6.2 / 2026-05-08

• fix(document): correctly handle modified subpaths when parent path is unset after modifying #16271 #16252
• types: handle compiling with exactOptionalPropertyTypes #16277 #16273
• chore: align Node version docs and types #16270 AbdelrahmanHafez

9.6.1 / 2026-04-29

• types(objectid): fix _id getter helper on ObjectId #16251 noseworthy

9.6.0 / 2026-04-28

• feat: upgrade mongodb node driver to 7.2 #16245
• feat(schematype): support allowNull option to disallow null values even if not required #16237 #15905
• types(query): make QueryFilter respect string unions and enums #16242 #16240
• types: export Projector and ArrayProjectionOperators #16243 #16235

8.23.1 / 2026-04-23

• fix(model): support sort option in Model.bulkWrite() updateOne and replaceOne operations #16091 #16079
• fix(setDefaultsOnInsert): check child filter paths before applying defaults (backport #16031 to 8.x) #16219 marklai1998
• fix(schema): always pass raw string value to error validators, only trim to 30 chars for maxlength validator #16238 #16236 #15550 #15571

9.5.0 / 2026-04-20

• feat(debug): add timestamp option to debug output #16216 rejunp
• feat(query): add cloneUpdate option to explicitly disable update cloning #16230 #16202
• feat(query): extend defaults query option to find() #16226 sderrow
• fix(query): avoid cloning update until absolutely necessary to better support updates with __proto__ #16230 #16202
• fix(query): avoid treating documents with a $set() method as objects with a $set property when casting updates #16230
• fix(queryHelpers): pass default options to discriminators #16227 #16226
• fix(document): handle including and excluding nested paths with optimistic concurrency #16177 #16054
• fix(model): throw ObjectParameterError in insertOne() if doc is not an object #16221 IshitaSingh0822
• fix(cast): preserve reason in CastError message after setModel() #16167 White-Devil2839
• perf(model): remove unnecessary clone in findOneAndUpdate() #16230
• perf: use kareem 3.3.0 mongoosejs/kareem#45 #16229
• chore: use TSTyche assertions #16222 mrazauskas

9.4.1 / 2026-04-03

• Revert "fix(setDefaultsOnInsert): run setters on default values during upsert" #16218 #16051

9.4.0 / 2026-04-03

... (truncated)

Commits

• 89ca7f2 chore: release 8.24.0
• 6922aa4 Merge pull request #16286 from Automattic/vkarpov15/gh-16273-8x
• 4295eff types: handle compiling with exactOptionalPropertyTypes
• f712fdb Merge pull request #16246 from Automattic/vkarpov15/gh-16034
• 8200228 Merge pull request #16247 from Automattic/vkarpov15/gh-16041
• 265c698 chore: use mongodb-client-encryption@6.x in tests to resolve test failures
• 11593cb Update lib/aggregate.js
• db99fc3 feat(aggregate): add pipelineForUnionWith() helper to allow reusing pipelines...
• 3040559 address copilot code review comments re: null callback error handling
• b92df2a undo uuid upgrade
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for mongoose since your current version.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: c915af319b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Restore lockfile entries for submodule apps

This lockfile was generated with the app submodules absent: the repo still has apps/* workspaces and git submodule status shows apps like apps/accruals-gateway, but their workspace lock entries are removed here. In a checkout with submodules initialized, Yarn will discover those package.json files again and need to rewrite yarn.lock, so CI/deploy installs using --immutable will fail and the deleted app dependencies will no longer be pinned. Please regenerate the mongoose bump after initializing the submodules, rather than dropping their workspace sections.

Useful? React with 👍 / 👎.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud