840dde2b17
Fixes https://github.com/payloadcms/payload/issues/9729. The current version has vulnerability https://avd.aquasec.com/nvd/2024/cve-2024-53900/. Technically, Payload doesn't use described in the report [`$where`](https://www.mongodb.com/docs/manual/reference/operator/query/where/#op._S_where) property in its queries at all, but it may affect those who access mongoose via `payload.db.collections` directly
Payload MongoDB Adapter
Official MongoDB adapter for Payload.
Installation
npm install @payloadcms/db-mongodb
Usage
import { buildConfig } from 'payload'
import { mongooseAdapter } from '@payloadcms/db-mongodb'
export default buildConfig({
db: mongooseAdapter({
url: process.env.DATABASE_URI,
}),
// ...rest of config
})
More detailed usage can be found in the Payload Docs.