pipedrive-bot-eventsink
commented
1 year ago Closed snyk-bot closed 1 year ago
pipedrive-bot-eventsink
commented
1 year ago 
pipedrive-bot-dora
commented
1 year ago | Namespace status |
|---|
| Error: namespace is not defined |
| Workflow file | Job name | Actual runs-on value | Expected runs-on value |
|---|---|---|---|
| lint.yml | test |
ubuntu-latest |
Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute] |
| Workflow file | Job name | Actual runs-on value | Expected runs-on value |
|---|---|---|---|
| functional-test.yml | docker |
ubuntu-latest |
Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute] |
| Workflow file | Job name | Actual runs-on value | Expected runs-on value |
|---|---|---|---|
| unit-test.yml | test |
ubuntu-latest |
Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute] |
| Workflow file | Job name | Actual runs-on value | Expected runs-on value |
|---|---|---|---|
| integration-test.yml | test |
ubuntu-latest |
Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute] |
| Workflow file | Job name | Actual runs-on value | Expected runs-on value |
|---|---|---|---|
| perf-test.yml | docker |
ubuntu-latest |
Any of [eks-runner, eks-runner-php, eks-runner-nano, eks-runner-debug, eks-runner-compute] |
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 8.6
SNYK-JS-KNEX-3175610
(*) Note that the real score may have changed since the PR was raised.
Commit messages
Package name: knex
The new version differs by 50 commits.- 3475d81 Prepare to release 2.4.0
- e97f922 Bump tsd from 0.24.1 to 0.25.0 (#5396)
- e145322 1227: add assertion for basic where clause values (#5417)
- 962bb0a Bump sinon from 14.0.2 to 15.0.1 (#5413)
- ab45314 Add JSDoc (TS Flavour) to mjs stub file (#5390)
- 72bd1f7 Fix: orWhereJson (#5361)
- 4fc939a Fixes unexpected max acquire-timeout (#5377)
- 5c4837c Fix lib/.gitignore path separator on Windows. (#5325)
- 7dbbd00 Bump actions/setup-node from 3.4.1 to 3.5.1 (#5356)
- d39051f fix: add missing type for 'expirationChecker' on PgConnectionConfig (#5334)
- f7ccde8 Make compiling SQL in error message optional (#5282)
- 82610ca Bump tsd from 0.23.0 to 0.24.1 (#5329)
- cb5be88 Bump typescript from 4.8.2 to 4.8.3 (#5324)
- dc6dbbf fix: insert array into json column (#5321)
- 864530c feat: support partial unique indexes (#5316)
- 6bed5e9 Fix changing the default value of a boolean column in SQLite (#5319)
- f52b2c5 Merge remote-tracking branch 'origin/master'
- 05c4707 Prepare to release 2.3.0
- 13b61c0 Update dependencies (#5317)
- 97fccdf Explicit jsonb support for custom pg clients (#5201)
- 1cc1df9 chore: remove bindingHolder for proper scoping (#5235)
- e0c0fa9 Implement mapBinding mssql dialect option (#5292)
- 29283a1 Bump tsd from 0.22.0 to 0.23.0 (#5314)
- 57692d3 Infer specific column value type in aggregations (#5297)
See the full diffCheck the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
đ§ View latest project report
đ Adjust project settings
đ Read more about Snyk's upgrade and patch logic
Learn how to fix vulnerabilities with free interactive lessons:
đŚ SQL Injection