[Snyk] Upgrade knex from 2.3.0 to 2.4.2

[imskyyc]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade knex from 2.3.0 to 2.4.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 3 versions ahead of your current version.
• The recommended version was released 5 months ago, on 2023-01-22.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	SQL Injection SNYK-JS-KNEX-3175610	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: knex

• 2.4.2 - 2023-01-22
  

  2.4.2 - 22 January, 2023

  Bug fixes

  CLI: Fix incorrent EOL causing errors on Linux #5455

• 2.4.1 - 2023-01-18
  

  2.4.1 - 18 January, 2023

  Bug fixes

  • Fix Postgres Malformed array literal 2.4.0 Regression - #5439
• 2.4.0 - 2023-01-06
  

  New features:

  • Support partial unique indexes #5316
  • Make compiling SQL in error message optional #5282

  Bug fixes

  • Insert array into json column #5321
  • Fix unexpected max acquire-timeout #5377
  • Fix: orWhereJson #5361
  • MySQL: Add assertion for basic where clause not to be object or array #1227
  • SQLite: Fix changing the default value of a boolean column in SQLite #5319

  Typings:

  • add missing type for 'expirationChecker' on PgConnectionConfig #5334
• 2.3.0 - 2022-08-31
  

  New features:

  • PostgreSQL: Explicit jsonb support for custom pg clients #5201
  • SQLite: Support returning with sqlite3 and better-sqlite3 #5285
  • MSSQL: Implement mapBinding mssql dialect option #5292

  Typings:

  • Update types for TS 4.8 #5279
  • Fix typo #5267
  • Fix WhereJsonObject withCompositeTableType #5306
  • Fix AnalyticFunction type #5304
  • Infer specific column value type in aggregations #5297

from knex GitHub release notes

Commit messages

Package name: knex

• 0d27bcb Update changelog
• 73a3e33 Prepare to release 2.4.2
• 9a6c5ba Additional lint checks before publishing (#5459)
• 5caf526 tests(insert): add tests for json, text array, integer array (#5451)
• d102fe3 Prepare to release 2.4.1
• 1f2de49 Fix Postgres Malformed array literal 2.4.0 Regression (#5439)
• 3475d81 Prepare to release 2.4.0
• e97f922 Bump tsd from 0.24.1 to 0.25.0 (#5396)
• e145322 1227: add assertion for basic where clause values (#5417)
• 962bb0a Bump sinon from 14.0.2 to 15.0.1 (#5413)
• ab45314 Add JSDoc (TS Flavour) to mjs stub file (#5390)
• 72bd1f7 Fix: orWhereJson (#5361)
• 4fc939a Fixes unexpected max acquire-timeout (#5377)
• 5c4837c Fix lib/.gitignore path separator on Windows. (#5325)
• 7dbbd00 Bump actions/setup-node from 3.4.1 to 3.5.1 (#5356)
• d39051f fix: add missing type for 'expirationChecker' on PgConnectionConfig (#5334)
• f7ccde8 Make compiling SQL in error message optional (#5282)
• 82610ca Bump tsd from 0.23.0 to 0.24.1 (#5329)
• cb5be88 Bump typescript from 4.8.2 to 4.8.3 (#5324)
• dc6dbbf fix: insert array into json column (#5321)
• 864530c feat: support partial unique indexes (#5316)
• 6bed5e9 Fix changing the default value of a boolean column in SQLite (#5319)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs