Update mongoose requirement from ^4.1.5 to ^5.6.10

[dependabot-preview]

Updates the requirements on mongoose to permit the latest version.

Changelog

Sourced from mongoose's changelog.

5.6.10 / 2019-08-20

• fix(schema): fix require() path to work around yet another bug in Jest #8053
• fix(document): skip casting when initing a populated path #8062
• fix(document): prevent double-calling validators on mixed objects with nested properties #8067
• fix(query): handle schematype with null options when checking immutability #8070 rich-earth
• fix(schema): support Schema#path() to get schema path underneath doc array #8057
• docs(faq): add disable color instruction #8066

5.6.9 / 2019-08-07

• fix(model): delete versionError after saving to prevent memory leak #8048
• fix(cursor): correctly handle batchSize option with query cursor #8039
• fix(populate): handle virtual populate with count = 0 if virtual embedded in doc array #7573
• fix(schema): allow declaring ObjectId array with { type: 'ObjectID' }, last 'D' case insensitive #8034

5.6.8 / 2019-08-02

• fix(aggregate): allow modifying pipeline in pre('aggregate') hooks #8017
• fix(query): make findOneAndReplace() work with orFail() #8030
• fix(document): allow saving an unchanged document if required populated path is null #8018
• fix(debug): support disabling colors in debug mode #8033 Mangosteen-Yang
• docs: add async-await guide #8028 Rossh87
• docs(plugins): rewrite plugins docs to be more modern and not use strange = exports syntax #8026
• docs(transactions): clarify relationship between session in docs and MongoDB driver ClientSession class, link to driver docs #8009

5.6.7 / 2019-07-26

• fix(document): support validators on nested arrays #7926
• fix(timestamps): handle timestamps: false in child schema #8007
• fix(query): consistently support new option to findOneAndX() as an alternative to returnOriginal #7846
• fix(document): make inspect() never return null, because a document or nested path is never == null #7942
• docs(query+lean): add links to mongoose-lean-virtuals, mongoose-lean-getters, mongoose-lean-defaults #5606
• docs: add example for Schema#pre(Array) #8022 Mangosteen-Yang
• docs(schematype): updated comment from Schema.path to proper s.path #8013 chrisweilacker
• chore: upgrade nyc #8015 kolya182

5.6.6 / 2019-07-22

• fix(populate): handle refPath returning a virtual with Query#populate() #7341
• fix(populate): handle refPath in discriminator when populating top-level model #5109
• fix(mongoose): ensure destucturing and named imports work for Mongoose singleton methods like set(), etc. #6039
• fix(query): add missing options for deleteOne and deleteMany in Query #8004 Fonger
• fix(schema): make embedded discriminators instanceof their parent types #5005
• fix(array): make validators a private property that doesn't show up in for/in #6572
• docs(api): fix array API docs that vanished because of #7798 #7979
• docs(discriminators+api): add single nested discriminator to discriminator docs and API docs #7983
• docs(connection+mongoose): make option lists consistent between mongoose.connect(), mongoose.createConnection(), and conn.openUri() #7976
• docs(validation): clarify resolve(false) vs reject() for promise-based async custom validators #7761
• docs(guide): use correct mongoose.set() instead of mongoose.use() #7998

... (truncated)

Commits

• 3847007 chore: release 5.6.10
• 3feb60b docs(query): add findByIdAndReplace() to docs
• 5c2fbc5 test: fix tests re: #8073
• 20fa775 refactor: remove async.parallel() calls
• 5595ead chore: add ghostinspector as sponsor from opencollective
• cbdadf2 Merge pull request #8070 from rich-earth/master
• d0fba5e fix: fix tests re: #8062
• aa5e737 fix(document): skip casting when initing a populated path
• 5f416bf test(document): repro #8062
• e98d2f7 refactor(document): remove async.each() dependencies
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[dependabot-preview]

Superseded by #22.