π Update dependency typeorm to v0.2.25 [SECURITY] - abandoned #92
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.2.13
->0.2.25
GitHub Vulnerability Alerts
CVE-2020-8158
Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
Release Notes
typeorm/typeorm
v0.2.25
Compare Source
Bug Fixes
getUpsertedIds()
(#β5878) (2ab88c2)Features
Performance Improvements
v0.2.24
Compare Source
Bug Fixes
Features
v0.2.23
Compare Source
Bug Fixes
Features
v0.2.22
Compare Source
Bug Fixes
Features
BREAKING CHANGES
Fix: avoid collisions by using longest possible hash.
Retain more entropy by not using only 8 characters of hashed aliases.
v0.2.21
Compare Source
Bug Fixes
Features
v0.2.20
Compare Source
Bug Fixes
Features
v0.2.19
Compare Source
Bug Fixes
FindConditions<?>
andFindConditions<?>
problem (#β4470) (7a0beed)Features
set
datatype support for MySQL/MariaDB (#β4538) (19e2179), closes #β2779useUnifiedTopology
config parameter (#β4684) (92e4270)v0.2.18
Compare Source
Bug fixes
Features
typeorm migration:show
command (#β4173)readonly
option in favor ofupdate
andinsert
options (#β4035)orUpdate
in SQLlite (#β4097)dirty_read
(NOLOCK) in SQLServer (#β4133)@OneToMany
) now also acceptstring
instead oftypeFunction
, which prevents circular dependency issues in the frontend/browser (issue #β4190)sqlJsConfig
to input config when initializing sql.js (issue #β4559)v0.2.17
Compare Source
Bug fixes
(#β3931)
Features
v0.2.16
Compare Source
Bug fixes
insert
,update
,delete
methods (#β3888)Features
lock
option inFindOptions
v0.2.15
Compare Source
Bug fixes
connection.dropDatabase
method (#β1414)() =>
syntax) in parameters to prevent security considerationsFeatures
uuidExtension
option to Postgres connection options, which allows TypeORM to use the newerpgcrypto
extension to generate UUIDsv0.2.14
Compare Source
Bug fixes
Features
package.json
(3583)useLocalForage
option to Sql.js connection options, which enables asynchronous load and save operations of the datatbase from the indexedDB (#β3554)Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about these updates again.
This PR has been generated by Mend Renovate. View repository job log here.