Skip to content
This repository has been archived by the owner on Jul 24, 2024. It is now read-only.

build(deps): bump mysql2 from 2.3.3 to 3.10.0 in /server #2490

Closed
wants to merge 1 commit into from
Closed

build(deps): bump mysql2 from 2.3.3 to 3.10.0 in /server #2490

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 2, 2024

Bumps mysql2 from 2.3.3 to 3.10.0.

Release notes

Sourced from mysql2's releases.

v3.10.0

3.10.0 (2024-05-30)

Features

Bug Fixes

  • stream: reads should emit the dataset number for each dataset (#2496, #2628) (4dab4ca)

v3.9.9

3.9.9 (2024-05-29)

Bug Fixes

  • connection config: remove keepAliveInitialDelay default value (#2712) (688ebab)

v3.9.8

3.9.8 (2024-05-26)

Bug Fixes

  • security: sanitize fields and tables when using nestTables (#2702) (efe3db5)
  • support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2704) (2e03694)
  • typings: typo from jonServerPublicKey to onServerPublicKey (#2699) (8b5f691)

v3.9.7

3.9.7 (2024-04-21)

Bug Fixes

  • security: sanitize timezone parameter value to prevent code injection - report by zhaoyudi (Nebulalab) (#2608) (7d4b098)

v3.9.6

3.9.6 (2024-04-18)

Bug Fixes

  • binary parser sometimes reads out of packet bounds when results contain null and typecast is false (#2601) (705835d)

v3.9.5

3.9.5 (2024-04-17)

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.10.0 (2024-05-30)

Features

Bug Fixes

  • stream: reads should emit the dataset number for each dataset (#2628) (4dab4ca)

3.9.9 (2024-05-29)

Bug Fixes

  • connection config: remove keepAliveInitialDelay default value (#2712) (688ebab)

3.9.8 (2024-05-26)

Bug Fixes

  • security: sanitize fields and tables when using nestTables (#2702) (efe3db5)
  • support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2704) (2e03694)
  • typings: typo from jonServerPublicKey to onServerPublicKey (#2699) (8b5f691)

3.9.7 (2024-04-21)

Bug Fixes

  • security: sanitize timezone parameter value to prevent code injection (#2608) (7d4b098)

3.9.6 (2024-04-18)

Bug Fixes

  • binary parser sometimes reads out of packet bounds when results contain null and typecast is false (#2601) (705835d)

3.9.5 (2024-04-17)

Bug Fixes

  • revert breaking change in results creation (#2591) (f7c60d0)

3.9.4 (2024-04-09)

... (truncated)

Commits
  • e87ffb7 chore(master): release 3.10.0 (#2719)
  • 4dab4ca fix(stream): reads should emit the dataset number for each dataset (#2628)
  • b5df699 ci: add tests to JSON parsers (#2720)
  • 9820fe5 feat: add jsonStrings option (#2642)
  • 05cb8bf build(deps): bump sass from 1.77.2 to 1.77.3 in /website (#2718)
  • d9cc1b2 build(deps): bump lucide-react from 0.379.0 to 0.381.0 in /website (#2716)
  • c1b5310 build(deps-dev): bump poku from 1.13.0 to 1.14.0 in /website (#2717)
  • e1fbc3a build(deps-dev): bump @​types/node from 20.12.12 to 20.12.13 (#2715)
  • 702df32 ci(deno): run the entire test suite with Deno (#2714)
  • 693c05f chore(master): release 3.9.9 (#2713)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump mysql2 from 2.3.3 to 3.10.0 in /server
bb33179 
Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 2.3.3 to 3.10.0.
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v2.3.3...v3.10.0)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 2, 2024
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 16, 2024

Superseded by #2497.

@dependabot dependabot bot closed this Jun 16, 2024
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/server/mysql2-3.10.0 branch June 16, 2024 17:17
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants