build(deps): bump typeorm from 0.2.37 to 0.3.0 in /api

[dependabot[bot]]

Bumps typeorm from 0.2.37 to 0.3.0.

Release notes

Sourced from typeorm's releases.

0.3.0

Changes in the version includes changes from the next branch and typeorm@next version. They were pending their migration from 2018. Finally, they are in the master branch and master version.

Features

• compilation target now is es2020. This requires Node.JS version 14+

• TypeORM now properly works when installed within different node_modules contexts (often happen if TypeORM is a dependency of another library or TypeORM is heavily used in monorepo projects)

• Connection was renamed to DataSource. Old Connection is still there, but now it's deprecated. It will be completely removed in next version. New API:

export const dataSource = new DataSource({
    // ... options ...
})
// load entities, establish db connection, sync schema, etc.
await dataSource.connect()

Previously, you could use new Connection(), createConnection(), getConnectionManager().create(), etc. They all deprecated in favour of new syntax you can see above.

New way gives you more flexibility and simplicity in usage.

• new custom repositories syntax:

export const UserRepository = myDataSource.getRepository(UserEntity).extend({
    findUsersWithPhotos() {
        return this.find({
            relations: {
                photos: true
            }
        })
    }
})

Old ways of custom repository creation were dropped.

• added new option on relation load strategy called relationLoadStrategy. Relation load strategy is used on entity load and determines how relations must be loaded when you query entities and their relations from the database. Used on find* methods and QueryBuilder. Value can be set to join or query.

  • join - loads relations using SQL JOIN expression

... (truncated)

Changelog

Sourced from typeorm's changelog.

0.3.0 (2022-03-17)

Changes in the version includes changes from the next branch and typeorm@next version. They were pending their migration from 2018. Finally, they are in the master branch and master version.

Features

• compilation target now is es2020. This requires Node.JS version 14+

• TypeORM now properly works when installed within different node_modules contexts (often happen if TypeORM is a dependency of another library or TypeORM is heavily used in monorepo projects)

• Connection was renamed to DataSource. Old Connection is still there, but now it's deprecated. It will be completely removed in next version. New API:

export const dataSource = new DataSource({
    // ... options ...
})
// load entities, establish db connection, sync schema, etc.
await dataSource.connect()

Previously, you could use new Connection(), createConnection(), getConnectionManager().create(), etc. They all deprecated in favour of new syntax you can see above.

New way gives you more flexibility and simplicity in usage.

• new custom repositories syntax:

export const UserRepository = myDataSource.getRepository(UserEntity).extend({
    findUsersWithPhotos() {
        return this.find({
            relations: {
                photos: true,
            },
        })
    },
})

Old ways of custom repository creation were dropped.

• added new option on relation load strategy called relationLoadStrategy. Relation load strategy is used on entity load and determines how relations must be loaded when you query entities and their relations from the database. Used on find* methods and QueryBuilder. Value can be set to join or query.

... (truncated)

Commits

• 941b584 version bump
• 3b8a031 0.3.0 (#8616)
• 5608956 refactor: remove spaces for consistency (#8751)
• 486f8c5 version bump
• 0fc093d fix: discard duplicated columns on update (#8724)
• f3cfdd2 fix: allow clearing database inside a transaction (#8712)
• 96ac8f7 feat: add transformer to ViewColumnOptions (#8717)
• 32549fe refactor: DefaultNamingStrategy#getTableName should be protected, not private...
• 411fa54 fix: force web bundlers to ignore index.mjs and use the browser ESM version d...
• 10f46d9 fixing failing test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ever-co/ever-traduora/network/alerts).

[vercel[bot]]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name	Status	Preview	Comments	Updated (UTC)
traduora-docs-co	❌ Failed (Inspect)			Mar 21, 2024 7:28pm

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[socket-security[bot]]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@babel/core@7.15.5	environment, filesystem, unsafe	+30	2.94 MB	nicolo-ribaudo
npm/@babel/generator@7.15.4	None	+1	150 kB	nicolo-ribaudo
npm/@nestjs/axios@0.0.5	Transitive: environment, network	+1	416 kB	nestjscore
npm/@nestjs/common@8.0.7	Transitive: environment, network	+2	792 kB	nestjscore
npm/@nestjs/core@8.0.6	Transitive: environment, filesystem, network, shell	+12	1.25 MB	nestjscore
npm/@nestjs/jwt@8.0.0	None	+1	53.4 kB	nestjscore
npm/@nestjs/passport@8.0.1	None	0	37.3 kB	nestjscore
npm/@nestjs/platform-express@8.0.6	network Transitive: environment, eval, filesystem	+49	2.25 MB	nestjscore
npm/@nestjs/swagger@5.0.9	None	+2	285 kB	nestjscore
npm/@nestjs/testing@8.0.6	None	+1	28.9 kB	nestjscore
npm/@nestjs/typeorm@8.0.2	Transitive: environment, eval, filesystem, network, shell, unsafe	+29	21.9 MB	nestjscore
npm/@types/babel__core@7.1.16	None	+2	50 kB	types
npm/@types/babel__traverse@7.14.2	None	0	123 kB	types
npm/@types/bcrypt@5.0.0	None	0	10.2 kB	types
npm/@types/csv-stringify@3.1.0	None	0	1.78 kB	types
npm/@types/express@4.17.13	None	+7	132 kB	types
npm/@types/handlebars@4.1.0	None	0	1.75 kB	types
npm/@types/iconv-lite@0.0.1	None	0	3.09 kB	types
npm/@types/istanbul-lib-coverage@2.0.3	None	0	5.91 kB	types
npm/@types/jest@26.0.24	None	+3	213 kB	types
npm/@types/js-yaml@4.0.3	None	0	9.14 kB	types
npm/@types/moment@2.13.0	None	0	508 B	types
npm/@types/morgan@1.9.3	None	0	13.8 kB	types
npm/@types/node@15.14.9	None	0	806 kB	types
npm/@types/nodemailer@6.4.4	None	0	88.8 kB	types
npm/@types/supertest@2.0.11	None	+2	24.5 kB	types
npm/asap@2.0.6	None	0	33.9 kB	kriskowal
npm/bcrypt@5.0.1	Transitive: environment, filesystem, network, shell	+40	1.81 MB	amitosh
npm/class-transformer@0.4.0	None	0	740 kB	typestack-release-bot
npm/class-validator@0.13.1	None	+3	10.8 MB	typestack-release-bot
npm/copyfiles@2.4.1	filesystem Transitive: environment	+14	217 kB	cwmma
npm/cross-env@7.0.3	environment	0	29.1 kB	kentcdodds
npm/cross-spawn@7.0.3	environment, filesystem, shell	+4	47.5 kB	satazor
npm/csv-stringify@6.0.5	None	0	1.27 MB	david
npm/csv@5.5.3	None	+5	3.03 MB	david
npm/ejs@3.1.7	eval, filesystem Transitive: environment, shell	+3	1.15 MB	mde
npm/figlet@1.5.2	filesystem, network	0	6.01 MB	patorjk
npm/generate-password@1.6.1	None	0	22.7 kB	brendanashworth
npm/gettext-parser@4.0.4	Transitive: environment	+4	226 kB	smhg
npm/graceful-fs@4.2.8	environment, filesystem	0	31.6 kB	isaacs
npm/handlebars@4.7.7	filesystem Transitive: environment, eval	+2	3.93 MB	knappi
npm/he@1.2.0	None	0	124 kB	mathias
npm/ini@1.3.7	None	0	9.39 kB	isaacs
npm/jest-util@27.2.0	environment	+7	171 kB	simenb
npm/jest@27.2.0	Transitive: environment, eval, filesystem, network, shell, unsafe	+210	13 MB	simenb
npm/js-yaml@4.1.0	Transitive: environment, filesystem	+1	576 kB	vitaly
npm/jsonwebtoken@8.5.1	None	+13	261 kB	ziluvatar
npm/lowercase-keys@1.0.1	None	0	2.46 kB	sindresorhus
npm/mimic-response@1.0.1	None	0	3.58 kB	sindresorhus
npm/minimist@1.2.6	None	0	33.2 kB	substack
npm/moment@2.29.4	None	0	4.23 MB	ichernev
npm/moo@0.5.1	None	0	31.8 kB	tjvr
npm/morgan@1.10.0	eval Transitive: environment	+4	79.5 kB	dougwilson
npm/mysql@2.18.1	filesystem, network	+4	908 kB	dougwilson
npm/node-native2ascii@0.2.0	None	+2	53.4 kB	neocotic
npm/nodemailer@6.6.3	environment, filesystem, network, shell	0	474 kB	andris
npm/nodemon@2.0.12	environment, filesystem, shell Transitive: network	+79	1.22 MB	remy
npm/parent-require@1.0.0	None	0	5.96 kB	jaredhanson
npm/passport-jwt@4.0.0	None	0	52 kB	themikenicholson
npm/passport-strategy@1.0.0	None	0	5.1 kB	jaredhanson
npm/passport@0.4.1	network	+1	48.3 kB	jaredhanson
npm/path-key@3.1.1	None	0	4.55 kB	sindresorhus
npm/php-array-parser@1.0.1	None	+1	2.57 MB	rmariuzzo
npm/prettier@2.4.0	environment, eval, filesystem, unsafe	0	20.7 MB	sosukesuzuki
npm/pretty-format@26.6.2	Transitive: environment	+7	200 kB	simenb
npm/preview-email@3.0.5	filesystem Transitive: environment, eval, network, shell	+54	4.03 MB	niftylettuce
npm/properties@1.2.1	filesystem	0	47 kB	gagle
npm/pug-runtime@3.0.1	filesystem	0	17 kB	pug-bot
npm/punycode@2.1.1	None	0	32.4 kB	mathias
npm/query-string@7.0.1	None	+4	59.7 kB	sindresorhus
npm/querystring@0.2.1	None	0	9.39 kB	medikoo
npm/reflect-metadata@0.1.13	None	0	293 kB	rbuckton
npm/resolve@1.20.0	filesystem	+4	169 kB	ljharb
npm/rimraf@3.0.2	filesystem	0	17.3 kB	isaacs
npm/rxjs@7.3.0	None	+1	4.48 MB	blesh
npm/safe-buffer@5.1.2	None	0	31.7 kB	feross
npm/safer-buffer@2.1.2	None	0	42.3 kB	chalker
npm/sax@1.2.4	None	0	54.6 kB	isaacs
npm/semver-regex@4.0.3	None	0	3.86 kB	sindresorhus
npm/semver@7.3.5	None	0	88.2 kB	isaacs
npm/signal-exit@3.0.3	None	0	9.87 kB	bcoe
npm/source-map-support@0.5.20	filesystem	+1	90.2 kB	linusu
npm/statuses@1.5.0	None	0	11 kB	dougwilson
npm/string-width@4.2.2	None	+1	53.4 kB	sindresorhus
npm/strings-file@0.0.5	filesystem	0	5.39 kB	alkal
npm/strip-ansi@6.0.0	None	+1	9.72 kB	sindresorhus
npm/supertest@6.2.2	network Transitive: environment, eval, filesystem	+22	1.56 MB	niftylettuce
npm/swagger-ui-express@4.3.0	Transitive: environment, eval, filesystem, network	+35	19.3 MB	scottie1984
npm/tapable@2.2.1	None	0	46.9 kB	sokra
npm/ts-jest@27.0.5	environment, filesystem Transitive: eval, network, shell, unsafe	+50	1.31 MB	kul
npm/ts-loader@9.2.5	filesystem	0	247 kB	johnnyreilly
npm/ts-node@10.2.1	environment, filesystem, unsafe	+11	1.1 MB	cspotcode
npm/tsconfig-paths@3.11.0	environment, filesystem, unsafe	+3	182 kB	jonaskello
npm/tslib@2.3.1	None	0	39.1 kB	typescript-bot
npm/tslint@6.1.3	filesystem Transitive: environment	+7	2.81 MB	palantir
npm/type-is@1.6.18	None	+1	29.6 kB	dougwilson
npm/typeorm@0.3.20	environment, eval, filesystem Transitive: network, shell, unsafe	+54	27.8 MB	pleerock
npm/typescript@4.2.3	None	0	59.2 MB	typescript-bot
npm/unpipe@1.0.0	None	0	4.31 kB	dougwilson
npm/util-deprecate@1.0.2	None	0	5.48 kB	tootallnate
npm/uuid@8.3.2	None	0	116 kB	ctavan
npm/vary@1.1.2	None	0	8.75 kB	dougwilson
npm/webpack-cli@4.8.0	environment, filesystem, unsafe Transitive: eval, shell	+30	876 kB	evilebottnawi
npm/webpack-node-externals@1.7.2	filesystem	0	12.5 kB	liady
npm/webpack@5.52.1	environment, filesystem, network, unsafe Transitive: eval	+39	7.87 MB	sokra
npm/whatwg-url@8.7.0	None	+2	327 kB	domenic
npm/xliff@5.6.2	None	0	543 kB	adrai
npm/xml-js@1.6.11	None	0	421 kB	nashwaan
npm/xtend@4.0.2	None	0	6.46 kB	raynos
npm/yargonaut@1.1.4	Transitive: environment	+3	51.8 kB	jjoselv
npm/yargs-parser@20.2.9	environment, filesystem	0	124 kB	oss-bot

🚮 Removed packages: npm/@angular/animations@12.2.5, npm/@angular/cli@12.2.5, npm/@angular/common@12.2.5, npm/@angular/compiler-cli@12.2.5, npm/@angular/compiler@12.2.5, npm/@angular/core@12.2.5, npm/@angular/forms@12.2.5, npm/@angular/language-service@12.2.5, npm/@angular/localize@12.2.5, npm/@angular/platform-browser-dynamic@12.2.5, npm/@angular/platform-browser@12.2.5, npm/@angular/router@12.2.5, npm/@babel/core@7.14.8, npm/@babel/generator@7.14.8, npm/@babel/helper-annotate-as-pure@7.14.5, npm/@babel/helper-create-class-features-plugin@7.15.4, npm/@babel/helper-function-name@7.15.4, npm/@babel/helper-remap-async-to-generator@7.15.4, npm/@babel/helper-skip-transparent-expression-wrappers@7.15.4, npm/@babel/plugin-proposal-async-generator-functions@7.14.7, npm/@babel/plugin-proposal-unicode-property-regex@7.14.5, npm/@babel/plugin-transform-async-to-generator@7.14.5, npm/@babel/plugin-transform-dotall-regex@7.14.5, npm/@babel/plugin-transform-parameters@7.15.4, npm/@babel/runtime@7.14.8, npm/@babel/template@7.14.5, npm/@gar/promisify@1.1.2, npm/@ng-bootstrap/ng-bootstrap@10.0.0, npm/@ngxs/devtools-plugin@3.7.2, npm/@ngxs/router-plugin@3.7.2, npm/@ngxs/store@3.7.2, npm/@nodelib/fs.stat@2.0.5, npm/@npmcli/fs@1.0.0, npm/@npmcli/promise-spawn@1.3.2, npm/@socket.io/base64-arraybuffer@1.0.2, npm/@types/file-saver@2.0.3, npm/@types/jasmine@3.9.0, npm/@types/jasminewd2@2.0.10, npm/@types/jwt-decode@3.1.0, npm/@types/lodash@4.14.172, npm/@types/node@16.9.1, npm/accepts@1.3.8, npm/ajv@8.6.2, npm/assert-plus@1.0.0, npm/base64id@2.0.0, npm/bootstrap@4.6.0, npm/cacache@15.2.0, npm/codelyzer@6.0.2, npm/colord@2.7.0, npm/core-js-compat@3.17.3, npm/core-js@3.17.3, npm/css-tree@1.1.3, npm/debug@4.3.2, npm/engine.io-parser@5.0.4, npm/engine.io@6.1.2, npm/errno@0.1.8, npm/extend@3.0.2, npm/extsprintf@1.3.0, npm/fast-glob@3.2.7, npm/file-saver@2.0.5, npm/find-cache-dir@3.3.1, npm/flag-icon-css@3.5.0, npm/get-value@2.0.6, npm/graceful-fs@4.2.9, npm/http-proxy@1.18.1, npm/icss-utils@5.1.0, npm/ip@1.1.5, npm/is-descriptor@1.0.2, npm/jasmine-core@3.9.0, npm/jasmine-spec-reporter@7.0.0, npm/jwt-decode@3.1.2, npm/karma-chrome-launcher@3.1.0, npm/karma-coverage-istanbul-reporter@3.0.3, npm/karma-jasmine-html-reporter@1.7.0, npm/karma@6.3.16, npm/loader-utils@2.0.0, npm/magic-string@0.25.7, npm/mime@2.5.2, npm/minimist@1.2.7, npm/minipass-fetch@1.4.1, npm/minipass-pipeline@1.2.4, npm/normalize.css@8.0.1, npm/normalizecss@3.0.0, npm/npm-package-arg@8.1.5, npm/npm-pick-manifest@6.1.1, npm/object-keys@1.1.1, npm/obuf@1.1.2, npm/ora@5.4.1, npm/os-tmpdir@1.0.2, npm/pako@1.0.11, npm/path-is-inside@1.0.2, npm/path-key@2.0.1, npm/postcss@8.3.6

View full report↗︎

[socket-security[bot]]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source
Install scripts	npm/nodemon@2.0.12	Install script: postinstall Source: node bin/postinstall || exit 0	api/package.json
Install scripts	npm/bcrypt@5.0.1	Install script: install Source: node-pre-gyp install --fallback-to-build	api/package.json
Install scripts	npm/@nestjs/core@8.0.6	Install script: postinstall Source: opencollective || exit 0	api/package.json

View full report↗︎

Next steps

What is an install script?

Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts.

Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/nodemon@2.0.12
• @SocketSecurity ignore npm/bcrypt@5.0.1
• @SocketSecurity ignore npm/@nestjs/core@8.0.6