vercel[bot]
commented
1 year ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated |
|---|---|---|---|---|
| hap | ✅ Ready (Inspect) | Visit Preview | 💬 Add your feedback | Jan 8, 2023 at 8:21PM (UTC) |
| hapdev | ✅ Ready (Inspect) | Visit Preview | 💬 Add your feedback | Jan 8, 2023 at 8:21PM (UTC) |
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
#### Changes included in this PR - Changes to the following files to upgrade the vulnerable dependencies to a fixed version: - services/server/package.json #### Vulnerabilities that will be fixed ##### With an upgrade: Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:-------------------------  | **823/1000****Why?** Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.6 | SQL Injection
[SNYK-JS-KNEX-3175610](https://snyk.io/vuln/SNYK-JS-KNEX-3175610) | Yes | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: knex
The new version differs by 203 commits.- 3475d81 Prepare to release 2.4.0
- e97f922 Bump tsd from 0.24.1 to 0.25.0 (#5396)
- e145322 1227: add assertion for basic where clause values (#5417)
- 962bb0a Bump sinon from 14.0.2 to 15.0.1 (#5413)
- ab45314 Add JSDoc (TS Flavour) to mjs stub file (#5390)
- 72bd1f7 Fix: orWhereJson (#5361)
- 4fc939a Fixes unexpected max acquire-timeout (#5377)
- 5c4837c Fix lib/.gitignore path separator on Windows. (#5325)
- 7dbbd00 Bump actions/setup-node from 3.4.1 to 3.5.1 (#5356)
- d39051f fix: add missing type for 'expirationChecker' on PgConnectionConfig (#5334)
- f7ccde8 Make compiling SQL in error message optional (#5282)
- 82610ca Bump tsd from 0.23.0 to 0.24.1 (#5329)
- cb5be88 Bump typescript from 4.8.2 to 4.8.3 (#5324)
- dc6dbbf fix: insert array into json column (#5321)
- 864530c feat: support partial unique indexes (#5316)
- 6bed5e9 Fix changing the default value of a boolean column in SQLite (#5319)
- f52b2c5 Merge remote-tracking branch 'origin/master'
- 05c4707 Prepare to release 2.3.0
- 13b61c0 Update dependencies (#5317)
- 97fccdf Explicit jsonb support for custom pg clients (#5201)
- 1cc1df9 chore: remove bindingHolder for proper scoping (#5235)
- e0c0fa9 Implement mapBinding mssql dialect option (#5292)
- 29283a1 Bump tsd from 0.22.0 to 0.23.0 (#5314)
- 57692d3 Infer specific column value type in aggregations (#5297)
See the full diff