Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency knex to v2 [SECURITY] #586

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 11, 2019

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
knex (source) 0.15.2 -> 2.4.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2019-10757

knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. Identifiers are escaped incorrectly as part of the MSSQL dialect, allowing attackers to craft a malicious query to the host DB.

CVE-2016-20018

Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. This vulnerability has been fixed in version 2.4.0.


Release Notes

knex/knex (knex)

v2.4.0

Compare Source

New features:
  • Support partial unique indexes #​5316
  • Make compiling SQL in error message optional #​5282
Bug fixes
  • Insert array into json column #​5321
  • Fix unexpected max acquire-timeout #​5377
  • Fix: orWhereJson #​5361
  • MySQL: Add assertion for basic where clause not to be object or array #​1227
  • SQLite: Fix changing the default value of a boolean column in SQLite #​5319
Typings:
  • add missing type for 'expirationChecker' on PgConnectionConfig #​5334

v2.3.0

Compare Source

New features:
  • PostgreSQL: Explicit jsonb support for custom pg clients #​5201
  • SQLite: Support returning with sqlite3 and better-sqlite3 #​5285
  • MSSQL: Implement mapBinding mssql dialect option #​5292
Typings:

v2.2.0

Compare Source

New features:
  • Inline primary key creation for postgres flavours #​5233
  • SQLite: Add warning for undefined connection file #​5223
  • MSSQL: Add JSON parameter support for connection #​5200
Bug fixes:
  • PostgreSQL: add primaryKey option for uuid #​5212
Typings:
  • Add promisable and better types #​5222
  • Update raw query bind parameter type #​5208

v2.1.0

Compare Source

New features:
  • Improve bundling experience to safely import dialects while using static paths #​5142
  • Implement extendable builders #​5041
  • PostgreSQL: Refresh materialized view concurrently #​5166
Bug fixes:
  • Use correct paths in package.json browser field #​5174
  • MariaDB: Fix 'NULL' returned instead of NULL on MariaDB 10.2.6+ #​5181
  • MySQL: fix hasColumn Error (hasColumn ('a_id') is true, but hasColumn('a_Id') is false) #​5148
  • MSSQL: Fix .hasTable result when using .withSchema #​5176
  • Oracle: correctly INSERTS Buffer #​4869
Typings:
  • Update type definitions for pg connection #​5139

v2.0.0

Compare Source

Breaking changes
Test / internal changes:

v1.0.7

Compare Source

Bug fixes:
  • CLI: Fix cli migrate:make SQLite dependency #​5106

v1.0.6

Compare Source

Bug fixes:
  • PostgreSQL: Wait for search path to be set before returning connection #​5107
  • CLI: No client override during migrate:make #​5109

v1.0.5

Compare Source

New features:
  • Override knexfile options with CLI options #​4047
Bug fixes:
Typings:
  • Make default generic parameters of Knex match the generic parameter types of knex #​5021
  • Update knex types for TS 4.7 #​5095

v1.0.4

Compare Source

New features:
Bug fixes:
Typings:
  • Fix types for "returning" methods #​5031
  • createTableLike callback should be optional #​5055
Documentation:

v1.0.3

Compare Source

Bug fixes:
  • Fix error message for missing migration files #​4937
  • Add withMaterialized and withNotMaterialized to method-constants #​5009
  • PostgreSQL: Fix whereJsonPath queries #​5011
  • PostgreSQL: Fix delete joins #​5016
  • CockroachDB: Fix whereJsonPath queries #​5011
  • MySQL: Create primary keys in same statement #​5017
Typings:
  • Fix type definition for getMigration in MigrationSource #​4998
  • Fix argument type of alter method #​4996
Improvements:
  • Use async / await syntax in seeds as default #​5005
Documentation:
  • Add Firebird dialect to ECOSYSTEM.md #​5003

v1.0.2

Compare Source

New features:
  • Support of MATERIALIZED and NOT MATERIALIZED with WITH/CTE #​4940
  • Add raw support in onConflict clause #​4960
  • Alter nullable constraint when alterNullable is set to true #​4730
  • Add alterType parameter for alter function #​4967
  • Support string json in json values #​4988
  • MySQL: add with clause #​4508
Bug fixes:
  • Fix error message for missing migration files #​4937
  • Move deferrable to after on update/on delete #​4976
  • Do not use sys.tables to find if a table exists #​2328
  • PostgreSQL: Fix Order nulls #​4989
  • MySQL: Fix collation when renaming column #​2666
  • SQLite: Same boolean handling in better-sqlite3 as in sqlite3 #​4982
Typings:

v1.0.1

Compare Source

Bug fixes:
  • Fix package.json metadata

v1.0.0

Compare Source

Breaking changes
  • Dropped support for Node 10;
  • Replaced unsupported sqlite3 driver with @vscode/sqlite3;
  • Changed data structure from RETURNING operation to be consistent with SELECT;
  • Changed Migrator to return list of migrations as objects consistently.
New features:
  • Support fromRaw #​4781
  • Support zero precision in timestamp/datetime #​4784
  • Support whereLike and whereILike #​4779
  • Add JSDoc (TS flavor) to stub files #​4809
  • Allow skip binding in limit and offset #​4811
  • Support creating a new table in the database based on another table #​4821
  • Accept Raw on onIn joins #​4830
  • Implement support for custom seed sources #​4842
  • Add binary uuid option #​4836
  • ForUpdate array parameter #​4882
  • Add camel case to timestamps method #​4803
  • Advanced JSON support #​4859
  • Add type to TypeScript knexfile #​4909
  • Checks Constraints Support #​4874
  • Support creating multiple PKs with increments #​4903
  • Enable wrapIdentifier for SQLite .hasTable #​4915
  • MSSQL: Add support for unique constraint #​4887
  • SQLite: New dialect, using better-sqlite3 driver #​4871
  • SQLite: Switch to @​vscode/sqlite3 #​4866
  • SQLite: Support createViewOrReplace #​4856
  • SQLite: Support RETURNING statements for better-sqlite3 driver #​4934
  • PostgreSQL: Support JOIN and USING syntax for Delete Statement #​4800
Bug fixes:
  • Fix overzealous warning on use of whereNot with "in" or "between" #​4780
  • Fix Union all + first syntax error #​4799
  • Make view columns optional in create view like #​4829
  • Insert lock row fix during migration #​4865
  • Fix for createViewOrReplace #​4856
  • SQLite: Fix foreign key constraints when altering a table #​4189
  • MySQL: Validate connection fix #​4794
  • MySQL: Set comment size warning limit to 1024 #​4867
Typings:

v0.95.15

Compare Source

Bug fixes:
  • Oracle:
  • MariaDB: lock row fix during migration in MariaDB and Oracle #​4865

v0.95.14

Compare Source

Bug fixes:
  • MySQL: mysql2 dialect validate connection fix #​4794

v0.95.13

Compare Source

Bug fixes:
  • PostgreSQL: Support zero precision in timestamp/datetime #​4784
Typings:
  • Allow string indexType in index creation #​4791

v0.95.12

Compare Source

New features:
  • New dialect: CockroachDB #​4742
  • New dialect: pg-native #​4327
  • CockroachDB: add support for upsert #​4767
  • PostgreSQL: Support SELECT .. FOR NO KEY UPDATE / KEY SHARE row level locking clauses #​4755
  • PostgreSQL: Add support for 'CASCADE' in PostgreSQL 'DROP SCHEMA' queries #​4713
  • MySQL: Add storage engine index Type support to index() and unique() schema #​4756
  • MSSQL: Support table.primary, table.unique variant with options object #​4710
  • SQLite: Add setNullable support to SQLite #​4684
  • Add geometry column building #​4776
  • Add support for creating table copies #​1373
  • Implement support for views and materialized views #​1626
  • Implement partial index support #​4768
  • Support for 'is null' in 'order by' #​3667
Bug fixes:
  • Fix support for Oracle connections passed via knex.connection() #​4757
  • Avoid inserting multiple locks if a migration lock already exists #​4694
Typings:
  • Some TableBuilder methods return wrong types #​4764
  • Update JoinRaw bindings type to accept arrays #​4752
  • fix onDelete/onUpdate for ColumnBuilder #​4656

v0.95.11

Compare Source

New features:
  • Add support for nullability modification via schema builder (table.setNullable() and table.dropNullable()) #​4657
  • MySQL: Add support for mysql/mariadb-client JSON parameters in connectionURIs #​4629
  • MSSQL: Support comments as MS_Description properties #​4632
Bug fixes:
  • Fix Analytic orderBy and partitionBy to follow the SQL documentation #​4602
  • CLI: fix migrate:up for migrations disabling transactions #​4550
  • SQLite: Fix adding a column with a foreign key constraint in SQLite #​4649
  • MSSQL: columnInfo() support case-sensitive database collations #​4633
  • MSSQL: Generate valid SQL for withRecursive() #​4514
  • Oracle: withRecursive: omit invalid RECURSIVE keyword, include column list #​4514
Improvements:
  • Add .mjs migration and seed stubs #​4631
  • SQLite: Clean up DDL handling and move all operations to the parser-based approach #​4648

v0.95.10

Compare Source

Improvements:
  • Use sys info function instead of connection db name #​4623
Typings:
  • Deferrable and withkeyName should not be in ColumnBuilder #​4600

v0.95.9

Compare Source

New features:
  • Oracle: support specifying schema for dropTable and dropSequence #​4596
  • Oracle: support specifying schema for autoincrement #​4594
Typings:
  • Add TypeScript support for deferrable, new Primary/Unique syntax #​4589

v0.95.8

Compare Source

New features:
  • Add deferrable support for constraint #​4584
  • Implement delete with join #​4568
  • Add DPI error codes for Oracle #​4536
Bug fixes:
  • Fixing PostgreSQL datetime and timestamp column created with wrong format #​4578
Typings:
  • Improve analytic types #​4576
  • MSSQL: Add trustServerCertificate option #​4500

v0.95.7

Compare Source

New features:
  • Add ability to omit columns on an onConflict().ignore() #​4557
  • CLI: Log error message #​4534
Typings:
  • Export Knex.TransactionConfig #​4498
  • Include options object in count(Distinct) typings #​4491
  • Add types for analytic functions #​4544

v0.95.6

Compare Source

Typings:
  • Export TransactionProvider type #​4489

v0.95.5

Compare Source

New features:
  • SQLite: Add support for file open flags #​4446
  • Add .cjs extension to Seeder.js to support Node ESM #​4381 #​4382
Bug fixes:
  • Remove peerDependencies to avoid auto-install on npm 7 #​4480
Typings:
  • Fix typing for increments and bigIncrements #​4406
  • Add typings for on JoinClause for onVal #​4436
  • Adding Type Definition for isTransaction #​4418
  • Export client class from knex namespace #​4479

v0.95.4

Compare Source

Typings:

v0.95.3

Compare Source

New features:
  • PostgreSQL: Add "same" as operator #​4372
  • MSSQL: Improve an estimate of the max comment length #​4362
  • Throw an error if negative offset is provided #​4361
Bug fixes:
  • Fix timeout method #​4324
  • SQLite: prevent dropForeign from being silently ignored #​4376
Typings:
  • Allow config.client to be non-client instance #​4367
  • Add dropForeign arg type for single column #​4363
  • Update typings for TypePreservingAggregation and stream #​4377

v0.95.2

Compare Source

New features:
Bug fixes:
  • CLI: update ts.stub files to new TypeScript namespace #​4344
  • CLI: fix TypeScript migration stub after 0.95.0 changes #​4366
Typings:
  • Move QueryBuilder and KnexTimeoutError into knex namespace #​4358
Test / internal changes:

v0.95.1

Compare Source

Bug fixes:
  • Oracle:
  • MariaDB: lock row fix during migration in MariaDB and Oracle #​4865

v0.95.0

Compare Source

Note: there are many breaking changes in this version, particularly in TypeScript support. Please see UPGRADING.md for details.

New features:
  • Add transaction isolation support #​4185
  • Add analytic functions #​4188
  • Change default to not trigger a promise rejection for transactions with a specified handler #​4195
  • Make toSQL().toNative() work for Raw to match the API for QueryBuilder #​4058
  • Allow 'match' operator #​3569
  • Support optimizer hints #​4243
  • Add parameter to prevent autoincrement columns from being primary keys #​4266
  • Make "first" and "pluck" mutually exclusive #​4280
  • Added merge strategy to allow selecting columns to upsert. #​4252
  • Throw error if the array passed to insert is empty #​4289
  • Events: introduce queryContext on query-error #​4301
  • CLI: Use UTC timestamp for new migrations #​4245
  • MSSQL: Replace MSSQL dialect with Tedious.js implementation #​2857 #​4281
  • MSSQL: Use "nvarchar(max)" for ".json()" #​4278
  • MSSQL: Schema builder - add predictable constraint names for default values #​4319
  • MSSQL: Schema builder - attempt to drop default constraints when changing default value on columns #​4321
  • SQLite: Fallback to json for sqlite3 when using jsonb #​4186
  • SQLite: Return complete list of DDL commands for creating foreign keys #​4194
  • SQLite: Support dropping composite foreign keys #​4202
  • SQLite: Recreate indices when altering a table #​4277
  • SQLite: Add support for altering columns #​4322
Bug fixes:
  • Fix issue with .withSchema usage with joins on a subquery #​4267
  • Fix issue with schema usage with FROM clause contain QueryBuilder, function or Raw #​4268
  • CLI: Address raised security warnings by dropping liftoff #​4122
  • CLI: Fix an issue with npm@7 and ESM when type was set to 'module' in package.json #​4295
  • PostgreSQL: Add check to only create native enum once #​3658
  • SQLite: Fix foreign key "on delete" when altering a table #​4225
  • SQLite: Made the constraint detection case-insensitive #​4330
  • MySQL: Keep auto increment after rename #​4266
  • MSSQL: don't raise query-error twice #​4314
  • MSSQL: Alter column must have its own query #​4317
Typings:
  • TypeScript 4.1+ is now required
  • Add missing onConflict overrides #​4182
  • Introduce the "infamous triplet" export #​4181
  • Fix type definition of Transaction #​4172
  • Add typedefinitions for havingNotIn #​4265
  • Include 'name' property in MigratorConfig #​4300
  • Improve join and conflict types #​4318
  • Fix ArrayIfAlready type #​4331
Test / internal changes:

v0.21.21

Compare Source

v0.21.20

Compare Source

v0.21.19

Compare Source

  • SQLite: Made the constraint detection case-insensitive #​4332

v0.21.18

Compare Source

  • CLI: Fix an issue with npm@7 and ESM when type was set to 'module' in package.json #​4295

v0.21.17

Compare Source

Bug fixes:
  • SQLite: Fix SQLite foreign on delete when altering a table #​4261
New features:

v0.21.16

Compare Source

Bug fixes:
  • MSSQL: Avoid passing unsupported pool param. Fixes node-mssql 7+ support #​4236

v0.21.15

Compare Source

New features:
  • SQLite: Add primary/foreign support on alterTable #​4162
  • SQLite: Add dropPrimary/dropForeign support on alterTable #​4162
Typings:
Test / internal changes:
  • Extract knex config resolution logic #​4166
  • Run CI using GitHub Actions #​4168
  • Add Node.js 15 to CI matrix #​4173

v0.21.14

Compare Source

New features:
  • MSSQL: support "returning" on inserts, updates and deletes on tables with triggers #​4152
  • Use esm import if package.json type is "module" #​4158
Bug fixes:
  • Make sure query-response and query-error events contain _knexTxId #​4160
Test / internal changes:
  • Improved integration test framework #​4161

v0.21.13

Compare Source

New features:
  • SQLite: Add support for dropForeign #​4092
  • Add support for WHERE clauses to "upsert" queries #​4148
Bug fixes:
  • MSSQL: Avoid connection getting stuck on socket hangup #​4157
  • Oracle: Support specifying non-default DB port #​4147
  • Oracle: Support inserts with only default values (empty body) #​4092
  • CLI: fix irregular seed file execution order #​4156
  • Fix performance of asyncStackTraces with enable-source-maps node flag #​4154
Typings:
  • PostgreSQL: Add support for application_name #​4153
  • Fix types for insert to allow array #​4105
  • Add types for userParams and withUserParams #​4119
  • Added type for withKeyName #​4139
  • Fix batchInsert definitions #​4131
  • Fix types for WhereIn signature (value or query builder) #​3863
  • Add types for connection config of mysql2 driver #​4144
Test / internal changes:

v0.21.12

Compare Source

Typings:
  • Reintroduce support for globally defining table/record mapping #​4100
  • Add a few missing types for MSSQL Connection #​4103
  • Make .ignore() and .merge() return QueryBuilder rather than QueryInterface #​4102
  • Use tarn config TS types instead of generic-pool #​4064

v0.21.11

Compare Source

Typings:
  • Revert support for globally defining table/record mapping #​4099

v0.21.10

Compare Source

New features:
  • Upsert support (Postgres/MySQL/Sqlite) #​3763
Bug fixes:
  • Switch to non-uuid knexQueryUids to avoid issues when mocking global date #​4089
Typings:
  • Allow to globally define table/record mapping #​4071

v0.21.9

Compare Source

New features:
  • add method clear(statement) to QueryBuilder #​4051
Bug fixes:
  • CLI: fix help text being printed twice #​4072
  • Oracle: columnInfo() no longer requires an Owner User #​4053
  • Add missing "start" event propagation from transaction #​4087

v0.21.8

Compare Source

Bug fixes:
  • MSSQL: Escape properly if literal '?' is needed #​4053
  • Make toQuery behavior consistent with pre-0.21.7 (do not break on empty builder) #​4083
  • Fix comment escaping for MySQL and PostgreSQL #​4084

v0.21.7

Compare Source

New features:
  • CLI: Add migration stub for .cjs extension #​4065
Bug fixes:
  • MSSQL: Add dynamic scaling for decimal values and prevents a UInt64 overflow #​3910
  • MSSQL: Fix apostrophe escaping #​4077
  • Ensure that semicolon is not appended to statements that already end with a semicolon #​4052
Typings:
  • Add arguments to QueryCallback in Where #​4034
Test / internal changes:
  • Replace lodash type-checks with native solutions #​4056
  • Replace mkdirp with native recursive flag #​4060
  • Replace inherits package with builtin utility #​4059

v0.21.6

Compare Source

New features:
  • CLI: New config parameter / CLI flag to prefixing seed filename with timestamp #​3873
  • CLI: throw an error when specific seed file cannot be found #​4011
  • Warn if whereNot is used with 'in' or 'between' #​4038
Bug fixes:
  • CLI: Fix double merging of config for migrator #​4040
Typings:
  • Unify SeedsConfig and SeederConfig #​4003
  • Allow string[] type for directory in SeedsConfig #​4033

v0.21.5

Compare Source

New features:
Test / internal changes:
  • Bump version of dtslint #​3984
  • Test/document esm interop mixed formats (knexfile/migrations/seeds) #​3986

v0.21.4

Compare Source

New features:
  • CLI: Add new option for seed: recursive #​3974
Bug fixes:
  • CLI: Do not load seeds from subfolders recursively by default #​3974

v0.21.3

Compare Source

New features:
  • CLI: Support multiple directories for seeds #​3967
Bug fixes:
  • Ensure DB stream is destroyed when the PassThrough is destroyed #​2324
  • Support postProcessResponse for streams #​3931
  • Fix ESM module interop for calling module/package of type 'module' #​3938
  • CLI: Fix migration source name in rollback all #​3956
  • Fix getMergedConfig calls to include client logger #​3920
  • Escape single quoted values passed to defaultTo function #​3899
Typings:
  • Add .timeout(ms) to .raw()'s typescript typings #​3885
  • Add typing for double table column builder #​3950
  • Add a phantom tag to Ref type to mark received type parameters as used #​3934
  • Add null as valid binding type #​3946
Test / internal changes:
  • Change query lab link to https #​3933

v0.21.2

Compare Source

New features:
  • Warn user if custom migration source is being reset #​3839
  • Prefer void as return type on migration generator ts stub #​3865
  • MSSQL: Added the removal of a columns default constraint, before dropping the column #​3855
Typings:
  • Fix definition for raw querybuilders #​3846
Test / internal changes:
  • Refactor migration logic to use async/await #​3838

v0.21.1

Compare Source

  • SQLite: Made the constraint detection case-insensitive #​4332

v0.21.0

Compare Source

Improvements
  • Reduce size of lodash in bundle #​3804
Breaking changes
  • Dropped support for Node 8
  • Breaking upstream change in pg-query-stream: Changed stream.close to stream.destroy which is the official way to terminate a readable stream. This is a breaking change if you rely on the stream.close method on pg-query-stream...though should be just a find/replace type operation to upgrade as the semantics remain very similar (not exactly the same, since internals are rewritten, but more in line with how streams are "supposed" to behave).
Test / internal changes:
  • Updated Tarn.js to a version 3.0.0
  • Updated mkdirp to a version 1.0.4
  • Updated examples to use ES2015 style #​3810

v0.20.15

Compare Source

Bug fixes:
  • Support for .finally(..) on knex's Promise-alikes #​3800
Typings:

v0.20.14

Compare Source

New features:
  • CLI: adds support for asynchronous knexfile loading #​3748
  • Add clearGroup method #​3771
Typings:
  • Support Raw types for insert, where, update #​3730
  • Add typings for MigrationSource #​3756
  • Update signature of orderBy to support QueryBuilder inside array #​3757
  • Add toSQL and toString to SchemaBuilder #​3758
  • interface Knex and function Knex should have the same types #​3787
  • Fix minor issues around typings #​3765
Test / internal changes:
  • Minor test internal enhancements #​3747
  • Minor improvements on the usage of fs utilities #​3749
  • Split tests in groups #​3785

v0.20.13

Compare Source

Bug fixes:
  • Correctly handle dateToString escaping without timezone passed #​3742
  • Make protocol length check more defensive #​3744
Typings:
  • Make the ChainableInterface conform to Promise #​3724

v0.20.12

Compare Source

Bug fixes:
  • Added missing call to _reject in Transactor#transaction #​3706
  • Fix method binding on knex proxy #​3717
  • Oracle: Transaction_OracleDB can use config.connection #​3731
Typings:
  • Fix incorrect type signature of Having #​3719
Test / internal changes:
  • Cleanup/remove transaction stalling #​3716
  • Rewrote Transaction#acquireConnection() methods to use async #​3707

v0.20.11

Compare Source

Breaking changes:
  • Knex returns native JS promises instead of Bluebird ones. This means that you no longer use such methods as map, spread and reduce on QueryBuilder instance.
New features:
  • Oracle: Add OracleDB handling for buffer type in fetchAsString #​3685
Bug fixes:
  • Fix race condition in non-container transactions #​3671
Typings:
  • Mark knex arguments of composite/collection types to be readonly #​3680
Test / internal changes:
  • Remove dependency on Bluebird methods from sources #​3683
  • Cleanup and extract Transaction Workflow logic #​3674

v0.20.10

Compare Source

Bug fixes:
  • Oracle: commit was a no-op causing race conditions #​3668
  • CLI: Knex calls process.chdir() before opening Knexfile #​3661
  • Fixed unresolved promise in cancelQuery() #​3666
Typings:
  • fn.now takes optionally a precision argument. #​3662
  • PG: Include SSL in connection definition #​3659
Test / internal changes:

v0.20.9

Compare Source

Bug fixes:
  • CLI: Imp

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/npm-knex-vulnerability branch from 1792878 to 8564724 Compare March 16, 2023 07:54
@renovate renovate bot changed the title Update dependency knex to v0.19.5 [SECURITY] Update dependency knex to v2 [SECURITY] Mar 16, 2023
@renovate renovate bot changed the title Update dependency knex to v2 [SECURITY] Update dependency knex to 2.4.0 [SECURITY] Apr 20, 2023
@renovate renovate bot changed the title Update dependency knex to 2.4.0 [SECURITY] Update dependency knex to v2 [SECURITY] May 28, 2023
@renovate renovate bot changed the title Update dependency knex to v2 [SECURITY] Update dependency knex to v2 [SECURITY] - autoclosed Apr 3, 2024
@renovate renovate bot closed this Apr 3, 2024
@renovate renovate bot deleted the renovate/npm-knex-vulnerability branch April 3, 2024 13:26
@renovate renovate bot changed the title Update dependency knex to v2 [SECURITY] - autoclosed Update dependency knex to v2 [SECURITY] Apr 3, 2024
@renovate renovate bot reopened this Apr 3, 2024
@renovate renovate bot restored the renovate/npm-knex-vulnerability branch April 3, 2024 17:15
@renovate renovate bot force-pushed the renovate/npm-knex-vulnerability branch from 8564724 to 14f4eec Compare April 3, 2024 17:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants