Closed dependabot[bot] closed 5 months ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/mysql2@3.9.7 | environment, network Transitive: eval | +10 |
1.74 MB | sidorares |
🚮 Removed packages: npm/mysql2@3.9.3
Bumps mysql2 from 3.9.3 to 3.9.7.
Release notes
Sourced from mysql2's releases.
Changelog
Sourced from mysql2's changelog.
Commits
2d3cad8
chore(master): release 3.9.7 (#2609)7d4b098
fix(security): sanitize timezone parameter value to prevent code injection (#...2efd6ab
build(deps): bump lucide-react from 0.371.0 to 0.372.0 in /website (#2606)e3391ed
build(deps): bump lucide-react from 0.368.0 to 0.371.0 in /website (#2604)4f58caa
chore(master): release 3.9.6 (#2603)705835d
fix: binary parser sometimes reads out of packet bounds when results contain ...2129818
chore(master): release 3.9.5 (#2600)f7c60d0
fix: revert breaking change in results creation (#2591)7f5b395
build(deps-dev): bump@typescript-eslint/eslint-plugin
in /website (#2596)a770052
build(deps-dev): bump@typescript-eslint/parser
in /website (#2595)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show