Snyk has created this PR to upgrade typeorm from 0.2.24 to 0.3.20.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **526 versions** ahead of your current version.
- The recommended version was released on **5 months ago**.
#### Issues fixed by the recommended upgrade:
| | Issue | Score | Exploit Maturity |
:-------------------------:|:-------------------------|:-------------------------|:-------------------------
![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Prototype Pollution [SNYK-JS-TYPEORM-590152](https://snyk.io/vuln/SNYK-JS-TYPEORM-590152) | **290** | Mature
![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Prototype Pollution [SNYK-JS-HIGHLIGHTJS-1045326](https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1045326) | **290** | No Known Exploit
![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Regular Expression Denial of Service (ReDoS) [SNYK-JS-HIGHLIGHTJS-1048676](https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1048676) | **290** | No Known Exploit
![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Prototype Pollution [SNYK-JS-XML2JS-5414874](https://snyk.io/vuln/SNYK-JS-XML2JS-5414874) | **290** | Proof of Concept
Release notes Package name: typeorm
new nullable embeds feature introduced a breaking change which might enforce you to update types on your entities to | null,
if all columns in your embed entity are nullable. Since database queries now return embedded property as null if all its column values are null.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade typeorm from 0.2.24 to 0.3.20.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.- The recommended version is **526 versions** ahead of your current version. - The recommended version was released on **5 months ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:------------------------- ![high severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/h.png 'high severity') | Prototype Pollution
[SNYK-JS-TYPEORM-590152](https://snyk.io/vuln/SNYK-JS-TYPEORM-590152) | **290** | Mature ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Prototype Pollution
[SNYK-JS-HIGHLIGHTJS-1045326](https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1045326) | **290** | No Known Exploit ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-HIGHLIGHTJS-1048676](https://snyk.io/vuln/SNYK-JS-HIGHLIGHTJS-1048676) | **290** | No Known Exploit ![medium severity](https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png 'medium severity') | Prototype Pollution
[SNYK-JS-XML2JS-5414874](https://snyk.io/vuln/SNYK-JS-XML2JS-5414874) | **290** | Proof of Concept
Release notes
Package name: typeorm
Bug Fixes
Features
Reverts
Bug Fixes
Cannot read properties of undefined (reading 'sync')
caused after glob package upgradeBug Fixes
@ VirtualColumn
(#10432) (b53e410), closes #10431update: false
in persistence (#10250) (f8fa1fd), closes #10249date-fns
in favor ofDayJs
(#10306) (cf7147f)Features
Performance Improvements
BREAKING CHANGES
See: https://github.com/mongodb/node-mongodb-native/blob/HEAD/etc/notes/CHANGES_6.0.0.md
| null
,if all columns in your embed entity are nullable. Since database queries now return embedded property as
null
if all its column values are null.Bug Fixes
0.3.16 (2023-05-09)
Bug Fixes
trustServerCertificate
option toSqlServerConnectionOptions
(#9985) (0305805), closes #8093Features
Reverts
Bug Fixes
Features
Bug Fixes
Features
Bug Fixes
Features
Bug Fixes
FindOptionsWhere
behavior with union types (#9607) (7726f5a)