Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade knex from 0.16.5 to 0.95.12 #173

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade knex from 0.16.5 to 0.95.12.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 89 versions ahead of your current version.
  • The recommended version was released 22 days ago, on 2021-10-27.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
SQL Injection
SNYK-JS-KNEX-471962
704/1000
Why? Has a fix available, CVSS 9.8
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: knex
  • 0.95.12 - 2021-10-27

    0.95.12 - 28 October, 2021

    New features:

    • New dialect: CockroachDB #4742
    • New dialect: pg-native #4327
    • CockroachDB: add support for upsert #4767
    • PostgreSQL: Support SELECT .. FOR NO KEY UPDATE / KEY SHARE row level locking clauses #4755
    • PostgreSQL: Add support for 'CASCADE' in PostgreSQL 'DROP SCHEMA' queries #4713
    • MySQL: Add storage engine index Type support to index() and unique() schema #4756
    • MSSQL: Support table.primary, table.unique variant with options object #4710
    • SQLite: Add setNullable support to SQLite #4684
    • Add geometry column building #4776
    • Add support for creating table copies #1373
    • Implement support for views and materialized views #1626
    • Implement partial index support #4768
    • Support for 'is null' in 'order by' #3667

    Bug fixes:

    • Fix support for Oracle connections passed via knex.connection() #4757
    • Avoid inserting multiple locks if a migration lock already exists #4694

    Typings:

    • Some TableBuilder methods return wrong types #4764
    • Update JoinRaw bindings type to accept arrays #4752
    • fix onDelete/onUpdate for ColumnBuilder #4656
  • 0.95.12-rc6 - 2021-10-27
  • 0.95.12-rc5 - 2021-10-25
  • 0.95.12-rc4 - 2021-10-20
  • 0.95.12-rc3 - 2021-10-16
  • 0.95.12-rc2 - 2021-10-15
  • 0.95.12-rc1 - 2021-10-15
  • 0.95.11 - 2021-09-03

    0.95.11 - 03 September, 2021

    New features:

    • Add support for nullability modification via schema builder (table.setNullable() and table.dropNullable()) #4657
    • MySQL: Add support for mysql/mariadb-client JSON parameters in connectionURIs #4629
    • MSSQL: Support comments as MS_Description properties #4632

    Bug fixes:

    • Fix Analytic orderBy and partitionBy to follow the SQL documentation #4602
    • CLI: fix migrate:up for migrations disabling transactions #4550
    • SQLite: Fix adding a column with a foreign key constraint in SQLite #4649
    • MSSQL: columnInfo() support case-sensitive database collations #4633
    • MSSQL: Generate valid SQL for withRecursive() #4514
    • Oracle: withRecursive: omit invalid RECURSIVE keyword, include column list #4514

    Improvements:

    • Add .mjs migration and seed stubs #4631
    • SQLite: Clean up DDL handling and move all operations to the parser-based approach #4648
  • 0.95.10 - 2021-08-20

    Improvements:

    • Use sys info function instead of connection db name #4623

    Typings:

    • Deferrable and withkeyName should not be in ColumnBuilder #4600
    • Add TypeScript support for deferrable, new Primary/Unique syntax #4589

    New features:

    • Oracle: support specifying schema for dropTable and dropSequence #4596
    • Oracle: support specifying schema for autoincrement #4594
  • 0.95.9 - 2021-07-31
  • 0.95.8 - 2021-07-25

    New features:

    • Add deferrable support for constraint #4584
    • Implement delete with join #4568
    • Add DPI error codes for Oracle #4536

    Bug fixes:

    • Fixing PostgreSQL datetime and timestamp column created with wrong format #4578

    Typings:

    • Improve analytic types #4576
    • MSSQL: Add trustServerCertificate option #4500
  • 0.95.7 - 2021-07-10
  • 0.95.6 - 2021-05-17
  • 0.95.5 - 2021-05-11

    New features:

    • SQLite: Add support for file open flags #4446
    • Add .cjs extension to Seeder.js to support Node ESM #4381 #4382

    Bug fixes:

    • Remove peerDependencies to avoid auto-install on npm 7 #4480

    Typings:

    • Fix typing for increments and bigIncrements #4406
    • Add typings for on JoinClause for onVal #4436
    • Adding Type Definition for isTransaction #4418
    • Export client class from knex namespace #4479
  • 0.95.4 - 2021-03-26
  • 0.95.3 - 2021-03-25

    New features:

    • PostgreSQL: Add "same" as operator #4372
    • MSSQL: Improve an estimate of the max comment length #4362
    • Throw an error if negative offset is provided #4361

    Bug fixes:

    • Fix timeout method #4324
    • SQLite: prevent dropForeign from being silently ignored #4376

    Typings:

    • Allow config.client to be non-client instance #4367
    • Add dropForeign arg type for single column #4363
    • Update typings for TypePreservingAggregation and stream #4377
  • 0.95.2 - 2021-03-11

    0.95.2 - 11 March, 2021

    New features:

    • Improve ESM import support #4350

    Bug fixes:

    • CLI: update ts.stub files to new TypeScript namespace #4344
    • CLI: fix TypeScript migration stub after 0.95.0 changes #4366

    Typings:

    • Move QueryBuilder and KnexTimeoutError into knex namespace #4358

    Test / internal changes:

    • Unify db test helpers #4356

    0.95.1 - 04 March, 2021

    Bug fixes:

    • CLI: fix knex init not finding default knexfile #4339
  • 0.95.1 - 2021-03-04
  • 0.95.0 - 2021-03-03
    Read more
  • 0.95.0-next3 - 2021-02-18
  • 0.95.0-next2 - 2021-02-15
  • 0.95.0-next1 - 2021-02-08
  • 0.21.21 - 2021-08-10
  • 0.21.20 - 2021-08-07
  • 0.21.19 - 2021-03-02
  • 0.21.18 - 2021-02-22
  • 0.21.17 - 2021-01-30
    Read more
  • 0.21.16 - 2021-01-17
  • 0.21.15 - 2020-12-26
  • 0.21.14 - 2020-12-18
  • 0.21.13 - 2020-12-11
  • 0.21.12 - 2020-11-02
  • 0.21.11 - 2020-11-01
  • 0.21.10 - 2020-10-31
  • 0.21.9 - 2020-10-29
  • 0.21.8 - 2020-10-27
  • 0.21.7 - 2020-10-25
  • 0.21.6 - 2020-09-27
  • 0.21.5 - 2020-08-17
  • 0.21.5-next2 - 2020-08-16
  • 0.21.5-next1 - 2020-08-15
  • 0.21.4 - 2020-08-10
  • 0.21.3 - 2020-08-08
  • 0.21.2 - 2020-07-09
  • 0.21.1 - 2020-04-27
  • 0.21.0 - 2020-04-18
  • 0.20.15 - 2020-04-15
  • 0.20.14 - 2020-04-14
  • 0.20.13 - 2020-03-23
  • 0.20.12 - 2020-03-19
  • 0.20.11 - 2020-03-05
  • 0.20.10 - 2020-02-16
  • 0.20.9 - 2020-02-08
  • 0.20.8 - 2020-01-14
  • 0.20.7 - 2020-01-07
  • 0.20.6 - 2019-12-29
  • 0.20.4 - 2019-12-07
  • 0.20.3 - 2019-11-27
  • 0.20.2 - 2019-11-14
  • 0.20.1 - 2019-10-29
  • 0.20.0 - 2019-10-25
  • 0.19.5 - 2019-10-06
  • 0.19.4 - 2019-09-09
  • 0.19.3 - 2019-08-28
  • 0.19.2 - 2019-08-17
  • 0.19.1 - 2019-07-23
  • 0.19.0 - 2019-07-11
  • 0.18.4 - 2019-07-10
  • 0.18.3 - 2019-07-04
  • 0.18.2 - 2019-07-02
  • 0.18.1 - 2019-06-30
  • 0.18.0 - 2019-06-26
  • 0.18.0-next4 - 2019-06-23
  • 0.18.0-next2 - 2019-06-19
  • 0.18.0-next1 - 2019-06-17
  • 0.17.6 - 2019-06-13
  • 0.17.5 - 2019-06-08
  • 0.17.4 - 2019-06-08
  • 0.17.3 - 2019-06-02
  • 0.17.2 - 2019-06-01
  • 0.17.1 - 2019-05-31
  • 0.17.1-next - 2019-05-30
  • 0.17.0 - 2019-05-28
  • 0.17.0-next6 - 2019-05-27
  • 0.17.0-next5 - 2019-05-22
  • 0.17.0-next4 - 2019-05-19
  • 0.17.0-next2 - 2019-05-16
  • 0.17.0-next - 2019-05-13
  • 0.16.6-oracle-fix - 2019-04-12
  • 0.16.5 - 2019-04-11
from knex GitHub release notes
Commit messages
Package name: knex

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant