search

stargate / data-api

JSON document API for Apache Cassandra (formerly known as JSON API)
https://stargate.io
Apache License 2.0
14 stars 16 forks source link

Forbid the use of $in for Table updateOne and deleteOne command #1688

Closed Yuqi-Du closed 1 week ago

Yuqi-Du commented 1 week ago

By using $in in table filters, updateOne and deleteOne can affect multiple rows. Need to ban $in from these two commands.

Yuqi-Du commented 1 week ago

fixed:

1693