Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade mariadb from 3.0.2 to 3.3.1 #3

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade mariadb from 3.0.2 to 3.3.1 #3

wants to merge 1 commit into from

Conversation

gregory567
Copy link
Owner

snyk-top-banner

Snyk has created this PR to upgrade mariadb from 3.0.2 to 3.3.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 9 versions ahead of your current version.

  • The recommended version was released on 3 months ago.

Release notes
Package name: mariadb
  • 3.3.1 - 2024-06-05

    3.3.1 (May 2024)

    Full Changelog

    Issues Fixed

    • CONJS-288 ensure pool timeout error give details #268
    • CONJS-289 connection possibly staying in hanging state after batch execution #281
    • CONJS-290 possible ECONRESET when executing batch #281
    • CONJS-292 ensure String object parameter
    • CONJS-286 exchanges stop when closing prepare and prepareCacheLength is set to 0
    • CONJS-287 typescript missing queryoption for prepare command
  • 3.3.0 - 2024-03-21

    3.3.0 (Mar 2024)

    Full Changelog

    Notable changes

    • CONJS-284 pipeline PREPARE and EXECUTE
    • CONJS-264 TLS ephemeral certificate automatic implementation
    • CONJS-279 Improve text encoding decoding

    Issues Fixed

    • CONJS-281 cannot connect to 11.3+ server with character-set-collations = utf8mb4=uca1400_ai_ci
    • CONJS-277 using connection.importFile when connection is not connected to database result in error
    • CONJS-278 Possible buffer overwrite when sending query bigger than 16M
    • CONJS-282 error when using mysql_clear_test password authentication plugin
    • CONJS-283 wrong decoding of binary unsigned MEDIUMINT
    • CONJS-285 DECIMAL field wrong decoding with deprecated option 'supportBigNumbers' set
  • 3.2.3 - 2023-12-19

    3.2.3 (Dec 2023)

    Full Changelog

    • CONJS-207 Add support for connection redirection
    • CONJS-271 wrong binary decoding of 00:00:00 TIME values
    • CONJS-272 Error doesn't always have parameters according to option
    • CONJS-273 Bulk insert error when last bunch of parameters is reaching max_allowed_packet
    • CONJS-274 permit disabling BULK insert for one batch
    • CONJS-207 Add support for connection redirection
  • 3.2.2 - 2023-10-16

    3.2.2 (Oct 2023)

    Full Changelog

    Issues Fixed

    • CONJS-270 Always send connection attributes, even when connectAttributes is not set
    • CONJS-269 avoid useless "set names utf8mb4" on connection creation if not needed
    • CONJS-268 importFile method doesn't always throw error when imported commands fails #253
    • CONJS-267 Ensure that option collation with id > 255 are respected
  • 3.2.1 - 2023-09-14

    3.2.1 (Sep 2023)

    Full Changelog

    Notable changes

    • CONJS-262 Binary result-set parsing performance improvement, avoiding to chromium slow issue https://bugs.chromium.org/p/v8/issues/detail?id=7161
    • CONJS-265 permit configuration of console warning message to be exported
    • CONJS-266 Option infileStreamFactory addition for compatibility

    Issues Fixed

    • CONJS-261 TypeScript missing logParam connection option
    • CONJS-263 ensure respecting server collation
  • 3.2.0 - 2023-06-19

    3.2.0 (Jun 2023)

    Full Changelog

    Notable changes

    • CONJS-250 'undefined' parameters are now permitted, for compatibility with mysql/mysql2 behavior
    • CONJS-257 permit to import sql file directly

    new APIs:

    importFile(options) → Promise
    connection.importFile({file:'...', 'database': '...'}) → Promise
    pool.importFile({file:'...', 'database': '...'}) → Promise

    example:

        await conn.importFile({
        file: '/tmp/someFile.sql', 
        database: 'myDb'
    });

    Issues Fixed

    • CONSJ-252 missing deprecated option supportBigNumbers and bigNumberStrings in Typescript
    • CONJS-254 ensuring option connectTimeout is respected : timeout is removed when socket is successfully established, in place of returning connection object. Wasn't set when using pipe/unix socket
    • CONJS-255 In some case, pipelining was use even option explicitly disable it
    • CONJS-256 method changeUser can lead to error when using multi-authentication and pipelining
    • CONJS-258 All eventEmitters methods are not available on connections
  • 3.1.2 - 2023-05-03

    3.1.2 (May 2023)

    Full Changelog

    Notable changes

    • CONJS-249 add connection.listeners function to permit TypeORM compatibility

    Issues Fixed

    • CONJS-247 Improve error message when having set named parameter option and executing standard question mark command
    • CONJS-248 Ensuring not using importing file after pool.end()
  • 3.1.1 - 2023-03-17

    3.1.1 (Mar 2023)

    Full Changelog

    Issues Fixed

    • CONJS-246 pool not listening to 'error' event might exit application on error
    • CONJS-240 Repeating calling the same procedure gets a release prepare error.
    • CONJS-244 correction for node.js 12 compatibility
    • CONJS-245 batch failing when using bulk and metaAsArray
  • 3.1.0 - 2023-02-15

    3.1.0 (Feb 2023)

    Full Changelog

    Notable changes

    Timezone handling (CONJS-237)

    Connector now set session timezone, solving issue with time function,
    removing needs of client side conversion.

    This requires that when using timezone options, to having server TZ data filled in case client timezone differ from server.

    Performance

    • CONJS-230 better metadata parsing performance
    • CONJS-229 performance improvement when parsing lots of parameter
    • CONJS-238 faster execution for known length packet

    Other changes

    • CONJS-225 Make result set's meta property non-enumerable
    • CONJS-235 Allow to pass TypeScript generic types without need of "as"

    Issues Fixed

    • CONJS-231 executing batch and when parameter can be too long to fit in one mysql packet, parameter can have 4 byte missing
    • CONJS-236 datatype TIME wrong binary decoding when not having microseconds
    • CONJS-239 When using connection with callback, pre-commands (like initSql) might not always be executed first
    • CONJS-232 in case of a long query running, connection.destroy() will close connection, but leaving server still running query for some time
    • CONJS-240 adding a Prepare result wrapper to avoid multiple close issue with cache
    • CONJS-241 metaAsArray missing option in typescript description
  • 3.0.2 - 2022-10-27

    3.0.2 (Oct 2022)

    Full Changelog

    Notable changes

    • CONJS-222 permit streaming prepare statement result
      example :
    const prepare = await shareConn.prepare('SELECT * FROM mysql.user where host = ?');
const stream = prepare.executeStream(['localhost']);    
try {
  for await (const row of stream) {
    console.log(row);
  }
} catch (e) {
  queryStream.close();
}
prepare.close();

    Issues Fixed

    • CONJS-223 Metadata column name gets sporadic corrupted
    • CONJS-211 Session timezone unset on connection re-use with connection pool
    • CONJS-212 when throwing an error when using option leakDetectionTimeout, might result in throwing wrong error with Cannot read properties of null (reading 'leaked')
    • CONJS-217 caching_sha2_password never succeed using FAST AUTHENTICATION. With correction, one less exchanges is done when connecting to a MySQL server
    • CONJS-219 prepare cache was not limited to prepareCacheLength but can increase up to 2x the prepareCacheLength value, leading to possible ER_MAX_PREPARED_STMT_COUNT_REACHED
    • CONJS-228 improving prepare cache performance
    • CONJS-226 missing typescript metaAsArray option and documentation
    • CONJS-213 update error code with recent MariaDB server
    • CONJS-215 Executing after prepare close throw an undescriptive error
    • CONJS-221 option debugLen and logParam are not documented
    • CONJS-227 Allow setting idleTimeout to 0
    • CONJS-214 missing pool.closed typescript definition
    • CONJS-216 remove please-upgrade-node dependency
    • CONJS-224 missing typescript checkNumberRange option definition
from mariadb GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade mariadb from 3.0.2 to 3.3.1
e98364a 
Snyk has created this PR to upgrade mariadb from 3.0.2 to 3.3.1.

See this package in npm:
mariadb

See this project in Snyk:
https://app.snyk.io/org/gregory567/project/e7276164-604f-4bb1-8deb-655ab8458cd1?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gregory567 @snyk-bot