search

PhilWaldmann / openrecord

Make ORMs great again!
https://openrecord.js.org
MIT License
486 stars 38 forks source link

Publish a new release with latest dependency #101

Closed bitinn closed 4 years ago

bitinn commented 4 years ago

This commit to update knex addresses a vulnerability (even though the vulnerability only affects MSSQL), I would love to see a new release so that my code isn't stuck at vulnerable due to openrecord 2.10.2 still depends on older vulnerable version of knex.

bitinn commented 4 years ago

Missed the commit link:

https://github.com/PhilWaldmann/openrecord/commit/5022e06c1469407bd0ff828cad5b0cdd3e5c4736

Vulnerability link:

https://github.com/advisories/GHSA-58v4-qwx5-7f59

PhilWaldmann commented 4 years ago

I've just published openrecord@2.10.4 with knex version 0.20.2

Thanks, Philipp