search

google / sqlcommenter

Apache License 2.0
604 stars 81 forks source link

Bump the npm_and_yarn group across 4 directories with 22 updates #277

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 5 months ago

Bumps the npm_and_yarn group with 8 updates in the /nodejs/sqlcommenter-nodejs/packages/sqlcommenter-knex directory:

Package From To
express 4.17.1 4.19.2
knex 0.19.5 2.4.0
sequelize 6.3.5 6.29.0
browserify-sign 4.2.1 4.2.3
dottie 2.0.2 2.0.6
minimatch 3.0.4 5.0.1
mocha 8.2.1 10.4.0
pathval 1.1.0 1.1.1

Bumps the npm_and_yarn group with 7 updates in the /nodejs/sqlcommenter-nodejs/packages/sqlcommenter-sequelize directory:

Package From To
express 4.18.1 4.19.2
sequelize 6.21.4 6.29.0
browserify-sign 4.2.1 4.2.3
dottie 2.0.2 2.0.6
flat 4.1.1 5.0.2
mocha 6.2.3 10.4.0
validator 13.7.0 13.12.0

Bumps the npm_and_yarn group with 12 updates in the /nodejs/sqlcommenter-nodejs/samples/express-opentelemetry directory:

Package From To
express 4.17.1 4.19.2
knex 0.21.15 2.4.0
sequelize 6.3.5 6.29.0
dottie 2.0.2 2.0.6
minimatch 3.0.4 3.1.2
minimist 1.2.6 1.2.8
semver 5.7.1 5.7.2
@grpc/grpc-js 1.2.3 1.8.22
protobufjs 6.10.2 6.11.4
node-forge 0.10.0 1.3.1
google-p12-pem 3.0.3 3.1.4
underscore 1.12.0 1.13.6

Bumps the npm_and_yarn group with 1 update in the /php/sqlcommenter-php/samples/sqlcommenter-laravel directory: axios.

Updates express from 4.17.1 to 4.19.2

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2

4.19.1

What's Changed

Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1

4.19.0

What's Changed

New Contributors

Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0

4.18.3

Main Changes

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5
    • deps: raw-body@2.5.2

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

4.18.3 / 2024-02-29

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5
    • deps: raw-body@2.5.2
  • deps: cookie@0.6.0
    • Add partitioned option

4.18.2 / 2022-10-08

  • Fix regression routing a large stack in a single route
  • deps: body-parser@1.20.1
    • deps: qs@6.11.0
    • perf: remove unnecessary object clone
  • deps: qs@6.11.0

4.18.1 / 2022-04-29

  • Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

  • Add "root" option to res.download
  • Allow options without filename in res.download
  • Deprecate string and non-integer arguments to res.status
  • Fix behavior of null/undefined as maxAge in res.cookie
  • Fix handling very large stacks of sync middleware
  • Ignore Object.prototype values in settings through app.set/app.get

... (truncated)

Commits
  • 04bc627 4.19.2
  • da4d763 Improved fix for open redirect allow list bypass
  • 4f0f6cc 4.19.1
  • a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
  • a1fa90f fixed un-edited version in history.md for 4.19.0
  • 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
  • 084e365 4.19.0
  • 0867302 Prevent open redirect allow list bypass due to encodeurl
  • 567c9c6 Add note on how to update docs for new release (#5541)
  • 69a4cf2 deps: cookie@0.6.0
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.


Updates knex from 0.19.5 to 2.4.0

Release notes

Sourced from knex's releases.

2.4.0

New features:

  • Support partial unique indexes #5316
  • Make compiling SQL in error message optional #5282

Bug fixes

  • Insert array into json column #5321
  • Fix unexpected max acquire-timeout #5377
  • Fix: orWhereJson #5361
  • MySQL: Add assertion for basic where clause not to be object or array #1227
  • SQLite: Fix changing the default value of a boolean column in SQLite #5319

Typings:

  • add missing type for 'expirationChecker' on PgConnectionConfig #5334

2.3.0

New features:

  • PostgreSQL: Explicit jsonb support for custom pg clients #5201
  • SQLite: Support returning with sqlite3 and better-sqlite3 #5285
  • MSSQL: Implement mapBinding mssql dialect option #5292

Typings:

  • Update types for TS 4.8 #5279
  • Fix typo #5267
  • Fix WhereJsonObject withCompositeTableType #5306
  • Fix AnalyticFunction type #5304
  • Infer specific column value type in aggregations #5297

2.2.0

New features:

  • Inline primary key creation for postgres flavours #5233
  • SQLite: Add warning for undefined connection file #5223
  • MSSQL: Add JSON parameter support for connection #5200

Bug fixes:

  • PostgreSQL: add primaryKey option for uuid #5212

Typings:

  • Add promisable and better types #5222
  • Update raw query bind parameter type #5208

2.1.0 - 26 May, 2022

... (truncated)

Changelog

Sourced from knex's changelog.

2.4.0 - 06 January, 2023

New features:

  • Support partial unique indexes #5316
  • Make compiling SQL in error message optional #5282

Bug fixes

  • Insert array into json column #5321
  • Fix unexpected max acquire-timeout #5377
  • Fix: orWhereJson #5361
  • MySQL: Add assertion for basic where clause not to be object or array #1227
  • SQLite: Fix changing the default value of a boolean column in SQLite #5319

Typings:

  • add missing type for 'expirationChecker' on PgConnectionConfig #5334

2.3.0 - 31 August, 2022

New features:

  • PostgreSQL: Explicit jsonb support for custom pg clients #5201
  • SQLite: Support returning with sqlite3 and better-sqlite3 #5285
  • MSSQL: Implement mapBinding mssql dialect option #5292

Typings:

  • Update types for TS 4.8 #5279
  • Fix typo #5267
  • Fix WhereJsonObject withCompositeTableType #5306
  • Fix AnalyticFunction type #5304
  • Infer specific column value type in aggregations #5297

2.2.0 - 19 July, 2022

New features:

  • Inline primary key creation for postgres flavours #5233
  • SQLite: Add warning for undefined connection file #5223
  • MSSQL: Add JSON parameter support for connection #5200

Bug fixes:

  • PostgreSQL: add primaryKey option for uuid #5212

Typings:

  • Add promisable and better types #5222

... (truncated)

Commits


Updates sequelize from 6.3.5 to 6.29.0

Release notes

Sourced from sequelize's releases.

v6.29.0

6.29.0 (2023-02-23)

Features

  • throw an error if attribute includes parentheses (fixes CVE-2023-22578) (#15710) (d3f5b5a)

v6.28.2

6.28.2 (2023-02-22)

Bug Fixes

v6.28.1

6.28.1 (2023-02-21)

Bug Fixes

v6.28.0

6.28.0 (2022-12-20)

Features

  • types: use retry-as-promised types for retry options to match documentation (#15484) (fd4afa6)

v6.27.0

6.27.0 (2022-12-12)

Features

v6.26.0

6.26.0 (2022-11-29)

Features

v6.25.8

... (truncated)

Commits
  • d3f5b5a feat: throw an error if attribute includes parentheses (fixes CVE-2023-22578)...
  • 53bd9b7 meta: fix null test getWhereConditions (#15705)
  • 13f2e89 fix: accept undefined in where (#15703)
  • d9e0728 fix: throw if where receives an invalid value (#15699)
  • 48d6193 fix: update moment-timezone version (#15685)
  • fd4afa6 feat(types): use retry-as-promised types for retry options to match documenta...
  • 1247c01 feat: add support for bigints (backport of #14485) (#15413)
  • 94beace feat(postgres): add support for lock_timeout #15345 (#15355)
  • 7885000 fix(oracle): remove hardcoded maxRows value (#15323)
  • bc39fd6 fix: fix parameters not being replaced when after $$ strings (#15307)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by sdepold, a new releaser for sequelize since your current version.


Updates qs from 6.7.0 to 6.11.0

Changelog

Sourced from qs's changelog.

6.11.0

  • [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
  • [readme] fix version badge

6.10.5

  • [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

6.10.4

  • [Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
  • [meta] use npmignore to autogenerate an npmignore file
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

6.10.3

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [actions] reuse common workflows
  • [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

6.10.2

  • [Fix] stringify: actually fix cyclic references (#426)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#408)
  • [actions] update codecov uploader
  • [actions] update workflows
  • [Tests] clean up stringify tests slightly
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

6.10.1

  • [Fix] stringify: avoid exception on repeated object values (#402)

6.10.0

  • [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
  • [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
  • [meta] fix README.md (#399)
  • [meta] only run npm run dist in publish, not install
  • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
  • [Tests] fix tests on node v0.6
  • [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
  • [Tests] Revert "[meta] ignore eclint transitive audit warning"

6.9.7

  • [Fix] parse: ignore __proto__ keys (#428)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
  • [Robustness] stringify: avoid relying on a global undefined (#427)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#408)
  • [Tests] clean up stringify tests slightly
  • [meta] fix README.md (#399)
  • Revert "[meta] ignore eclint transitive audit warning"

... (truncated)

Commits
  • 56763c1 v6.11.0
  • ddd3e29 [readme] fix version badge
  • c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
  • 95bc018 v6.10.5
  • 0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
  • ba9703c v6.10.4
  • 4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
  • 113b990 [Dev Deps] update object-inspect
  • c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
  • 2cf45b2 [meta] use npmignore to autogenerate an npmignore file
  • Additional commits viewable in compare view


Updates browserify-sign from 4.2.1 to 4.2.3

Changelog

Sourced from browserify-sign's changelog.

v4.2.3 - 2024-03-05

Commits

v4.2.2 - 2023-10-25

Fixed

Commits

  • Only apps should have lockfiles 09a8995
  • [eslint] switch to eslint 83fe463
  • [meta] add npmignore and auto-changelog 4418183
  • [meta] fix package.json indentation 9ac5a5e
  • [Tests] migrate from travis to github actions d845d85
  • [Fix] sign: throw on unsupported padding scheme 8767739
  • [Fix] properly check the upper bound for DSA signatures 85994cd
  • [Tests] handle openSSL not supporting a scheme f5f17c2
  • [Deps] update bn.js, browserify-rsa, elliptic, parse-asn1, readable-stream, safe-buffer a67d0eb
  • [Dev Deps] update nyc, standard, tape cc5350b
  • [Tests] always run coverage; downgrade nyc 75ce1d5
  • [meta] add safe-publish-latest dcf49ce
  • [Tests] add npm run posttest 75dd8fd
  • [Dev Deps] update tape 3aec038
  • [Tests] skip unsupported schemes 703c83e
  • [Tests] node < 6 lacks array includes 3aa43cf
  • [Dev Deps] fix eslint range 98d4e0d
Commits
  • bf2c3ec v4.2.3
  • 9247adf [patch] widen support to 0.12
  • f427270 [Deps] update `parse-asn1
  • 87f3a35 [Dev Deps] update aud, npmignore, tape
  • fb261ce [Deps] update elliptic
  • 4d0ee49 [patch] drop minimum node support to v1
  • 9e2bf12 [Deps] pin hash-base to ~3.0, due to a breaking change
  • 168e16f [Deps] pin elliptic due to a breaking change
  • 37a4758 [actions] remove redundant finisher
  • 4af5a90 v4.2.2
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for browserify-sign since your current version.


Updates dottie from 2.0.2 to 2.0.6

Release notes

Sourced from dottie's releases.

v2.0.3

null values can now be overriden thanks to @​slavivanov (mickhansen/dottie.js#37)

Commits


Updates minimatch from 3.0.4 to 5.0.1

Changelog

Sourced from minimatch's changelog.

change log

9.0

  • No default export, only named exports.

8.0

  • Recursive descent parser for extglob, allowing correct support for arbitrarily nested extglob expressions
  • Bump required Node.js version

7.4

  • Add escape() method
  • Add unescape() method
  • Add Minimatch.hasMagic() method

7.3

  • Add support for posix character classes in a unicode-aware way.

7.2

  • Add windowsNoMagicRoot option

7.1

  • Add optimizationLevel configuration option, and revert the default back to the 6.2 style minimal optimizations, making the advanced transforms introduced in 7.0 opt-in. Also, process provided file paths in the same way in optimizationLevel:2 mode, so most things that matched with optimizationLevel 1 or 0 should match with level 2 as well. However, level 1 is the default, out of an abundance of caution.

7.0

  • Preprocess patterns to simplify complicated patterns and reduce out .. pattern portions where possible. Note that this means a pattern like a/b/../* will be equivalent to a/*, and will not match the string a/b/../c. If this causes problems, it can be addressed in a patch release by resolving .. portions in the test string.

6.2

  • Add nocaseMagicOnly flag

6.1

... (truncated)

Commits
  • 9f49616 5.0.1
  • cdc3188 don't load the whole path module just for the sep
  • dfa4f22 test unix path so win32 has full coverage
  • a000988 remove unused npmignore file
  • 0b2d3ba mention fnmatch(3) in impl comparison
  • 8c3f5f4 skip tests on windows that rely on \ being a valid path char
  • fc44f5f 5.0.0
  • 9104d8d Expect exclusively forward slash as path sep, same as node-glob
  • 58b72d3 fix(brace-expansion): ignore only blocks that begins with $
  • 048ada0 4.2.1
  • Additional commits viewable in compare view


Updates mocha from 8.2.1 to 10.4.0

Release notes

Sourced from mocha's releases.

v10.4.0

10.4.0 / 2024-03-26

:tada: Enhancements

:bug: Fixes

:nut_and_bolt: Other

v10.3.0

This is a stable release equivalent to v10.3.0-preminor.0.

What's Changed

... (truncated)

Changelog

Sourced from mocha's changelog.

10.4.0 / 2024-03-26

:tada: Enhancements

:bug: Fixes

:nut_and_bolt: Other

10.3.0 / 2024-02-08

This is a stable release equivalent to 10.30.0-prerelease.

10.3.0-prerelease / 2024-01-18

This is a prerelease version to test our ability to release. Other than removing or updating dependencies, it contains no intended user-facing changes.

:nut_and_bolt: Other

... (truncated)

Commits
dependabot[bot] commented 5 months ago

Superseded by #278.