search

digi-serve / ab_service_file_processor

An AppBuilder service to manage uploaded files.
0 stars 0 forks source link

Bump the npm_and_yarn group across 1 directory with 4 updates #67

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 6 months ago

Bumps the npm_and_yarn group with 4 updates in the / directory: knex, socket.io-parser, xml2js and parse-bmfont-xml.

Updates knex from 0.95.15 to 2.4.0

Release notes

Sourced from knex's releases.

2.4.0

New features:

  • Support partial unique indexes #5316
  • Make compiling SQL in error message optional #5282

Bug fixes

  • Insert array into json column #5321
  • Fix unexpected max acquire-timeout #5377
  • Fix: orWhereJson #5361
  • MySQL: Add assertion for basic where clause not to be object or array #1227
  • SQLite: Fix changing the default value of a boolean column in SQLite #5319

Typings:

  • add missing type for 'expirationChecker' on PgConnectionConfig #5334

2.3.0

New features:

  • PostgreSQL: Explicit jsonb support for custom pg clients #5201
  • SQLite: Support returning with sqlite3 and better-sqlite3 #5285
  • MSSQL: Implement mapBinding mssql dialect option #5292

Typings:

  • Update types for TS 4.8 #5279
  • Fix typo #5267
  • Fix WhereJsonObject withCompositeTableType #5306
  • Fix AnalyticFunction type #5304
  • Infer specific column value type in aggregations #5297

2.2.0

New features:

  • Inline primary key creation for postgres flavours #5233
  • SQLite: Add warning for undefined connection file #5223
  • MSSQL: Add JSON parameter support for connection #5200

Bug fixes:

  • PostgreSQL: add primaryKey option for uuid #5212

Typings:

  • Add promisable and better types #5222
  • Update raw query bind parameter type #5208

2.1.0 - 26 May, 2022

... (truncated)

Changelog

Sourced from knex's changelog.

2.4.0 - 06 January, 2023

New features:

  • Support partial unique indexes #5316
  • Make compiling SQL in error message optional #5282

Bug fixes

  • Insert array into json column #5321
  • Fix unexpected max acquire-timeout #5377
  • Fix: orWhereJson #5361
  • MySQL: Add assertion for basic where clause not to be object or array #1227
  • SQLite: Fix changing the default value of a boolean column in SQLite #5319

Typings:

  • add missing type for 'expirationChecker' on PgConnectionConfig #5334

2.3.0 - 31 August, 2022

New features:

  • PostgreSQL: Explicit jsonb support for custom pg clients #5201
  • SQLite: Support returning with sqlite3 and better-sqlite3 #5285
  • MSSQL: Implement mapBinding mssql dialect option #5292

Typings:

  • Update types for TS 4.8 #5279
  • Fix typo #5267
  • Fix WhereJsonObject withCompositeTableType #5306
  • Fix AnalyticFunction type #5304
  • Infer specific column value type in aggregations #5297

2.2.0 - 19 July, 2022

New features:

  • Inline primary key creation for postgres flavours #5233
  • SQLite: Add warning for undefined connection file #5223
  • MSSQL: Add JSON parameter support for connection #5200

Bug fixes:

  • PostgreSQL: add primaryKey option for uuid #5212

Typings:

  • Add promisable and better types #5222

... (truncated)

Commits


Updates socket.io-parser from 3.4.2 to 3.4.3

Release notes

Sourced from socket.io-parser's releases.

3.4.3

:warning: This release contains an important security fix :warning:

A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

TypeError: Cannot convert object to primitive value
       at Socket.emit (node:events:507:25)
       at .../node_modules/socket.io/lib/socket.js:531:14

Please upgrade as soon as possible.

Bug Fixes

  • check the format of the event name (2dc3c92)

Links

Changelog

Sourced from socket.io-parser's changelog.

3.4.3 (2023-05-22)

Bug Fixes

  • check the format of the event name (2dc3c92)

4.2.3 (2023-05-22)

Bug Fixes

  • check the format of the event name (3b78117)

4.2.2 (2023-01-19)

Bug Fixes

  • calling destroy() should clear all internal state (22c42e3)
  • do not modify the input packet upon encoding (ae8dd88)

3.3.3 (2022-11-09)

Bug Fixes

  • check the format of the index of each attachment (fb21e42)
Commits


Updates xml2js from 0.4.23 to 0.5.0

Commits


Updates parse-bmfont-xml from 1.1.4 to 1.1.6

Commits


You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/digi-serve/ab_service_file_processor/network/alerts).

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] commented 4 months ago

Superseded by #68.