search

laposa / onyx

Web content management system and built in eCommerce
https://laposa.ie
Other
14 stars 9 forks source link

Bump doctrine/dbal from 3.0.0 to 3.1.4 #45

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps doctrine/dbal from 3.0.0 to 3.1.4.

Release notes

Sourced from doctrine/dbal's releases.

3.1.4

Release 3.1.4

SECURITY RELEASE: All users are advised to upgrade when using doctrine/dbal 3.0.0 - 3.1.3 due to a critical SQL injection that was fixed: https://github.com/doctrine/dbal/security/advisories/GHSA-r7cj-8hjg-x622

3.1.4

  • Total issues resolved: 6
  • Total pull requests resolved: 20
  • Total contributors: 13

Bug,oci8

Connections,Test Suite

Bug,QueryBuilder

Bug,Prepared Statements,Regression,SQL Parser

Documentation

Bug,MySQL,Schema Introspection

CI

Bug,Connections,Test Suite,pdo_oci

... (truncated)

Commits
  • 821b4f0 Merge pull request #4995 from derrabus/bugfix/oci8-server-version
  • f804b21 Fix getServerVersion for OCI8 when assertions are disabled
  • fa27901 Merge pull request #4991 from morozov/optimize-sharing-test-connection
  • 8fb8105 Close the non-shared connection instead of marking it non-reusable
  • 06f5925 Optimize sharing test connection
  • 10df50f Merge pull request #4978 from AndreasA/bugfix/4971
  • 1b768e9 Use correct column order for composite foreign keys
  • 4c63afa Merge branch '2.13.x' into 3.1.x
  • 483a518 Merge pull request #4984 from morozov/cast-limit-offset-to-int
  • 0ae1aa5 Bump to 2.13.6
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/laposa/onyx/network/alerts).
dependabot[bot] commented 2 years ago

Looks like doctrine/dbal is up-to-date now, so this is no longer needed.