Bump the npm_and_yarn group across 5 directories with 13 updates

[dependabot]

Bumps the npm_and_yarn group with 12 updates in the / directory:

Package	From	To
axios	0.24.0	0.28.0
passport-saml	3.2.0	3.2.4
redis	3.0.2	3.1.1
ws	8.17.1	8.18.0
handsontable	6.2.2	10.0.0
mongodb	4.16.0	4.17.0
mysql2	2.2.5	3.9.8
typeorm	0.2.45	0.3.0
async	2.6.3	2.6.4
loader-utils	2.0.2	2.0.4
shell-quote	1.7.2	1.8.1
word-wrap	1.2.3	1.2.5

Bumps the npm_and_yarn group with 3 updates in the /apps/app directory: redis, handsontable and mongodb.
Bumps the npm_and_yarn group with 2 updates in the /apps/slackbot-proxy directory: mysql2 and typeorm.
Bumps the npm_and_yarn group with 1 update in the /packages/remark-attachment-refs directory: axios.
Bumps the npm_and_yarn group with 1 update in the /packages/slack directory: axios.

Updates axios from 0.24.0 to 0.28.0

Release notes

Sourced from axios's releases.

Release v0.28.0

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745
• Fixed timeout error message for HTTP 4738
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 #4728
• Adding types for progress event callbacks #4675
• Fixed max body length defaults #4731
• Added data URL support for node.js (#4725)
• Added isCancel type assert (#4293)
• Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
• Add string[] to AxiosRequestHeaders type (#4322)
• Allow type definition for axios instance methods (#4224)
• Fixed AxiosError stack capturing; (#4718)
• Fixed AxiosError status code type; (#4717)
• Adding Canceler parameters config and request (#4711)
• fix(types): allow to specify partial default headers for instance creation (#4185)
• Added blob to the list of protocols supported by the browser (#4678)
• Fixing Z_BUF_ERROR when no content (#4701)
• Fixed race condition on immediate requests cancellation (#4261)
• Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248
• Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
• Fix TS definition for AxiosRequestTransformer (#4201)
• Use type alias instead of interface for AxiosPromise (#4505)
• Include request and config when creating a CanceledError instance (#4659)
• Added generic TS types for the exposed toFormData helper (#4668)
• Optimized the code that checks cancellation (#4587)
• Replaced webpack with rollup (#4596)
• Added stack trace to AxiosError (#4624)
• Updated AxiosError.config to be optional in the type definition (#4665)
• Removed incorrect argument for NetworkError constructor (#4656)

v0.27.2

Fixes and Functionality:

• Fixed FormData posting in browser environment by reverting #3785 (#4640)
• Enhanced protocol parsing implementation (#4639)
• Fixed bundle size

v0.27.1

Fixes and Functionality:

• Removed import of url module in browser build due to huge size overhead and builds being broken (#4594)
• Bumped follow-redirects to ^1.14.9 (#4615)

... (truncated)

Changelog

Sourced from axios's changelog.

0.28.0 (2024-02-12)

Release notes:

Bug Fixes

• fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to v0.x (#6091)

Backports from v1.x:

• Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• Fixing content-type header repeated #4745
• Fixed timeout error message for HTTP 4738
• Added axios.formToJSON method (#4735)
• URL params serializer (#4734)
• Fixed toFormData Blob issue on node>v17 #4728
• Adding types for progress event callbacks #4675
• Fixed max body length defaults #4731
• Added data URL support for node.js (#4725)
• Added isCancel type assert (#4293)
• Added the ability for the url-encoded-form serializer to respect the formSerializer config (#4721)
• Add string[] to AxiosRequestHeaders type (#4322)
• Allow type definition for axios instance methods (#4224)
• Fixed AxiosError stack capturing; (#4718)
• Fixed AxiosError status code type; (#4717)
• Adding Canceler parameters config and request (#4711)
• fix(types): allow to specify partial default headers for instance creation (#4185)
• Added blob to the list of protocols supported by the browser (#4678)
• Fixing Z_BUF_ERROR when no content (#4701)
• Fixed race condition on immediate requests cancellation (#4261)
• Added a clear() function to the request and response interceptors object so a user can ensure that all interceptors have been removed from an Axios instance axios/axios#4248
• Added generic AxiosAbortSignal TS interface to avoid importing AbortController polyfill (#4229)
• Fix TS definition for AxiosRequestTransformer (#4201)
• Use type alias instead of interface for AxiosPromise (#4505)
• Include request and config when creating a CanceledError instance (#4659)
• Added generic TS types for the exposed toFormData helper (#4668)
• Optimized the code that checks cancellation (#4587)
• Replaced webpack with rollup (#4596)
• Added stack trace to AxiosError (#4624)
• Updated AxiosError.config to be optional in the type definition (#4665)
• Removed incorrect argument for NetworkError constructor (#4656)

0.27.2 (April 27, 2022)

Fixes and Functionality:

• Fixed FormData posting in browser environment by reverting #3785 (#4640)
• Enhanced protocol parsing implementation (#4639)
• Fixed bundle size

0.27.1 (April 26, 2022)

... (truncated)

Commits

• 3b7635a [Release] v0.28.0 (#6211)
• 27c0076 feat(backport): added ability for paramsSerializer to handle function; (#6227)
• 80c3d74 chore(ci): backported publish action; (#6224)
• 2755df5 fix(security): fixed CVE-2023-45857 by backporting withXSRFToken option to ...
• 880b42e docs: Fix a typo in README
• c4bf0a4 Allow null indexes on formSerializer and paramsSerializer v0.x (#4961)
• 1e2679f fix: [Types] Type of header in AxiosRequestConfig / for Axios.create is incor...
• 80b546c fix: loosing request header (#4858) (#4871)
• 6acb5ef feat: brower platform add data protocol. (#4814)
• bbb2264 fix(typing): axios response headers can be undefined (#4813)
• Additional commits viewable in compare view

Updates passport-saml from 3.2.0 to 3.2.4

Release notes

Sourced from passport-saml's releases.

v3.2.4

• Update @​xlmdom/xmldom to v0.7.6 (#795) (8816748)

v3.2.3

• Update changelog and related tools (#791) (28c8c4c)

v3.2.2

• Merge pull request from GHSA-m974-647v-whv7 (8b7e3f5)

v3.2.1

• deps: upgrade release-it, npm dedupe (8f3ffcd)
• deps: npm audit fix (b81c36c)
• Export AuthenticateOptions type (#657) (ef1dcfc)
• test: update error message to match new xml-encryption format. (3e908fa)
• Update xml-encryption to get rid of vulnerable node-forge (#667) (b9de63b)

Changelog

Sourced from passport-saml's changelog.

v3.2.4 (2022-10-21)

🔗 Dependencies:

• Update @​xlmdom/xmldom to v0.7.6 #795

---

v3.2.3 (2022-10-13)

📚 Documentation:

• Update changelog and related tools #791

---

v3.2.2 (2022-10-11)

🐛 Bug Fixes:

• [security] Fix CVE-2022-39299 GHSA-m974-647v-whv7

---

v3.2.1 (2022-01-21)

🚀 Minor Changes:

• Simplify typings #657

🔗 Dependencies:

• Update xml-encryption to get rid of vulnerable node-forge #667

---

Commits

• 51f8e6b Release 3.2.4
• 8816748 Update @​xlmdom/xmldom to v0.7.6 (#795)
• 7b1f232 Release 3.2.3
• 28c8c4c Update changelog and related tools (#791)
• 8b6b2f2 Release 3.2.2
• 8b7e3f5 Merge pull request from GHSA-m974-647v-whv7
• 6ba76ba Release 3.2.1
• 8f3ffcd deps: upgrade release-it, npm dedupe
• b81c36c deps: npm audit fix
• ef1dcfc Export AuthenticateOptions type (#657)
• Additional commits viewable in compare view

Updates redis from 3.0.2 to 3.1.1

Changelog

Sourced from redis's changelog.

v3.1.1

Enhancements

• Upgrade node and dependencies

Fixes

• Fix a potential exponential regex in monitor mode

v3.1.0 - 31 Mar, 2021

Enhancements

• Upgrade node and dependencies and redis-commands to support Redis 6
• Add support for Redis 6 auth pass [user]

v3.0.0 - 09 Feb, 2020

This version is mainly a release to distribute all the unreleased changes on master since 2017 and additionally removes a lot of old deprecated features and old internals in preparation for an upcoming modernization refactor (v4).

Breaking Changes

• Dropped support for Node.js < 6
• Dropped support for hiredis (no longer required)
• Removed previously deprecated drain event
• Removed previously deprecated idle event
• Removed previously deprecated parser option
• Removed previously deprecated max_delay option
• Removed previously deprecated max_attempts option
• Removed previously deprecated socket_no_delay option

Bug Fixes

• Removed development files from published package (#1370)
• Duplicate function now allows db param to be passed (#1311)

Features

• Upgraded to latest redis-commands package
• Upgraded to latest redis-parser package, v3.0.0, which brings performance improvements
• Replaced double-ended-queue with denque, which brings performance improvements
• Add timestamps to debug traces
• Add socket_initial_delay option for socket.setKeepAlive (#1396)
• Add support for rediss protocol in url (#1282)

v2.8.0 - 31 Jul, 2017

Features

... (truncated)

Commits

• fc28860 Bump version to 3.1.1 (#1597)
• 2d11b6d fix #1569 - improve monitor_regex (#1595)
• 7e77de8 Add Chat (#1594)
• 5d3e995 Merge branch 'master' of https://github.com/NodeRedis/node-redis
• b797cf2 add user to README.md
• 79f34c2 Bump version to 3.1.0 (#1590)
• 7fdc54e fix for 428e1c8a7b2322c2650294638cb1663ac5692728 - fix auth retry when redis ...
• 09f0fe8 "fix" tests
• 428e1c8 Add support for Redis 6 auth pass [user] (#1508)
• bb208d0 Add codeclimate badge (#1572)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by leibale, a new releaser for redis since your current version.

Updates ws from 8.17.1 to 8.18.0

Release notes

Sourced from ws's releases.

8.18.0

Features

• Added support for Blob (#2229).

Commits

• 976c53c [dist] 8.18.0
• 59b9629 [feature] Add support for Blob (#2229)
• 0d1b5e6 [security] Use more descriptive text for 2017 vulnerability link
• 15f11a0 [security] Add new DoS vulnerability to SECURITY.md
• See full diff in compare view

Updates handsontable from 6.2.2 to 10.0.0

Release notes

Sourced from handsontable's releases.

10.0.0

Changed

• Unified the naming and description of the fourth argument, controller, for selection manipulation in the beforeOnCellMouseDown and beforeOnCellMouseOver hooks. #4996 (Breaking change)
• Changed what the beforeRender and afterRender hooks are, and when they are triggered. Added two new hooks: beforeViewRender and afterViewRender. #6303 (Breaking change)
• Changed the optional HyperFormula dependency from 0.6.2 to ^1.1.0, which introduces breaking changes for the Formulas plugin users. #8502 (Breaking change)
• Changed the default values for the rowsLimit and columnsLimit options of the CopyPaste plugin. #8660 (Breaking change)
• Added a default font family, size, weight and color. #8661 (Breaking change)
• Changed the autoWrapRow and autoWrapCol options` default values from true to false. #8662 (Breaking change)
• Improved the performance of the getCellMeta() method. #6303
• Improved the documentation and TypeScript definition of the selectOptions option. #8488
• Improved the arguments forwarding in the hooks #8668
• Added a Github Actions workflow covering the testing of Handsontable and all of the wrappers. #8652

Fixed

• Fixed an issue of not resetting the date picker's configuration. #6636
• An error won't be thrown while inserting a new row for nested rows in a specific case. #7137
• Fixed a few problems with the NestedRows plugin, occurring with the Formulas plugin enabled. #8048
• Fixed errors being thrown in the Formulas plugin if a provided sheet name contained a dash character. #8057
• Fixed multiple bugs related to undo/redo actions while using the Formulas plugin. #8078
• Fixed an issue where autofill was not able to be blocked/changed with the beforeChange hook when the Formulas plugin was enabled #8107
• Data stored by the NestedRows plugin won't be corrupted by some actions. #8180
• Collapsed parents won't be expanded after inserting rows. #8181
• Fixed the cooperation of the dropdown menu and column sorting (menu closing on click). #8232
• Data won't be corrupted anymore when some alterations are performed. #8614
• Adjusted directories and files related to dataMap, to prevent potential circular references. #8704
• Improved the performance of the regular expression used to detect numeric values, and fixed major code smells. #8752

9.0.2

Fixed

• Fixed an issue with an error being thrown when lazy loading columns on a setup with Nested Headers + Hidden Columns. #7160
• Fixed column header sizes not being updated on updateSettings calls containing columns. #7689
• Fixed functional keys' behavior, to prevent unexpected editing. #7838
• Fixed missing collapsible indicator on IE. #8028
• Fixed support for row and column headers in the parseTable utility. #8041
• Fixed a bug where not providing a data object with the nestedRows plugin enabled crashed the table. #8171
• Vue: Fixed an issue where adding rows to a Handsontable instance wrapped for Vue resulted in additional rows being inserted at the end of the table. #8148
• Vue: Fixed a problem in the Vue wrapper, where destroying the underlying Handsontable instance caused it to throw errors and crash. #8311
• React: Fixed a problem in the React wrapper, where destroying the underlying Handsontable instance caused it to throw errors and crash. #8311
• Angular: Fixed a problem in the Angular wrapper, where destroying the underlying Handsontable instance caused it to throw errors and crash. #8311

Added

• Added new documentation engine #7624

9.0.1

Fixed

• Fixed an issue where the validator function was called twice when the Formulas plugin was enabled. #8138
• Introduced a new CSS style for cells of the checkbox type to restore previous behaviour. #8196

Removed

• Removed the redundant internal jsonpatch library from the source code. #8140

... (truncated)

Changelog

Sourced from handsontable's changelog.

[10.0.0] - 2021-09-29

Changed

• Breaking change: Unified the naming and description of the fourth argument, controller, for selection manipulation in the beforeOnCellMouseDown and beforeOnCellMouseOver hooks. #4996
• Breaking change: Changed what the beforeRender and afterRender hooks are, and when they are triggered. Added two new hooks: beforeViewRender and afterViewRender. #6303
• Breaking change: Changed the optional HyperFormula dependency from 0.6.2 to ^1.1.0, which introduces breaking changes for the Formulas plugin users. #8502
• Breaking change: Changed the default values for the rowsLimit and columnsLimit options of the CopyPaste plugin. #8660
• Breaking change: Added a default font family, size, weight and color. #8661
• Breaking change: Changed the autoWrapRow and autoWrapCol options` default values from true to false. #8662
• Improved the performance of the getCellMeta() method. #6303
• Improved the documentation and TypeScript definition of the selectOptions option. #8488
• Improved the arguments forwarding in the hooks #8668
• Added a Github Actions workflow covering the testing of Handsontable and all of the wrappers. #8652

Fixed

• Fixed an issue of not resetting the date picker's configuration. #6636
• An error won't be thrown while inserting a new row for nested rows in a specific case. #7137
• Fixed a few problems with the NestedRows plugin, occurring with the Formulas plugin enabled. #8048
• Fixed errors being thrown in the Formulas plugin if a provided sheet name contained a dash character. #8057
• Fixed multiple bugs related to undo/redo actions while using the Formulas plugin. #8078
• Fixed an issue where autofill was not able to be blocked/changed with the beforeChange hook when the Formulas plugin was enabled #8107
• Data stored by the NestedRows plugin won't be corrupted by some actions. #8180
• Collapsed parents won't be expanded after inserting rows. #8181
• Fixed the cooperation of the dropdown menu and column sorting (menu closing on click). #8232
• Data won't be corrupted anymore when some alterations are performed.

... (truncated)

Commits

• 1443e4e Merge branch 'release/10.0.0'
• ea6598f 10.0.0
• 272c1e0 Generating the 10.0 docs
• 8ad9e39 Docs: Updating the release notes (#8766)
• fb6d3e5 Docs: adding HoT 10.0.0 docs (#8745)
• 31ce87a Correct a typo in CHANGELOG.md.
• 4e1e84f Update the CHANGELOG.md file for 10.0.0.
• 1ddef0e 10.0.0
• b310bd8 Fix one file omitted in #8754.
• 43e0a6f Modify the audit GHA workflow to check only the production dependencies. (#8755)
• Additional commits viewable in compare view

Updates mongodb from 4.16.0 to 4.17.0

Release notes

Sourced from mongodb's releases.

v4.17.0

4.17.0 (2023-08-17)

The MongoDB Node.js team is pleased to announce version 4.17.0 of the mongodb package!

Release Notes

mongodb-js/saslprep is now installed by default

Until v6, the driver included the saslprep package as an optional dependency for SCRAM-SHA-256 authentication. saslprep breaks when bundled with webpack because it attempted to read a file relative to the package location and consequently the driver would throw errors when using SCRAM-SHA-256 if it were bundled.

The driver now depends on mongodb-js/saslprep, a fork of saslprep that can be bundled with webpack because it includes the necessary saslprep data in memory upon loading. This will be installed by default but will only be used if SCRAM-SHA-256 authentication is used.

Remove credential availability on ConnectionPoolCreatedEvent

In order to avoid mistakenly printing credentials the ConnectionPoolCreatedEvent will replace the credentials option with an empty object. The credentials are still accessble via MongoClient options: client.options.credentials.

Features

• NODE-5272: do not create or drop ecc collections (#3678) (d26ad61)
• NODE-5398: use mongodb-js/saslprep instead of saslprep (#3820) (5244711)

Bug Fixes

• NODE-5262: AWS Lambda metadata detection logic is too permissive (#3683) (c0c3d99)
• NODE-5311: construct error messages for AggregateErrors in Node16+ (#3683) (98b7bdf)
• NODE-5316: prevent parallel topology creation in MongoClient.connect (#3696) (e13038d)
  • Thank you @​clemclx for contributing this fix! 🎉
• NODE-5356: prevent scram auth from throwing TypeError if saslprep is not a function (#3732) (2d028af)
• NODE-5536: remove credentials from ConnectionPoolCreatedEvent options (#3812) (2910dca)

Documentation

• Reference
• API
• Changelog

We invite you to try the mongodb library immediately, and report any issues to the NODE project.

Changelog

Sourced from mongodb's changelog.

4.17.0 (2023-08-17)

Features

• NODE-5272: do not create or drop ecc collections (#3678) (d26ad61)
• NODE-5398: use mongodb-js/saslprep instead of saslprep (#3820) (5244711)

Bug Fixes

• NODE-5262: AWS Lambda metadata detection logic is too permissive (#3683) (c0c3d99)
• NODE-5311: construct error messages for AggregateErrors in Node16+ (#3683) (98b7bdf)
• NODE-5316: prevent parallel topology creation in MongoClient.connect (#3696) (e13038d)
• NODE-5356: prevent scram auth from throwing TypeError if saslprep is not a function (#3732) (2d028af)
• NODE-5536: remove credentials from ConnectionPoolCreatedEvent options (#3812) (2910dca)

Commits

• c83a801 chore(4.x): release 4.17.0 [skip-ci] (#3763)
• 1b59955 chore: update release automation scripts 4.x (#3824)
• 5244711 feat(NODE-5398): use mongodb-js/saslprep instead of saslprep (#3820)
• 2910dca fix(NODE-5536): remove credentials from ConnectionPoolCreatedEvent options (#...
• 0c1b654 chore(NODE-5400): add @​octokit/core as a devDep (#3750)
• 4adff37 chore(NODE-5382): backport release automation scripts (#3747)
• 2d028af fix(NODE-5356): prevent scram auth from throwing TypeError if saslprep is not...
• 0e1afc0 ci(Node 5335): clean up instance profile from instance after CI runs (#3719)
• 7f5b334 ci(NODE-5334): install npm to node_artifacts directory in CI (#3709)
• e13038d fix(NODE-5316): prevent parallel topology creation in MongoClient.connect (#3...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by dbx-node, a new releaser for mongodb since your current version.

Updates mysql2 from 2.2.5 to 3.9.8

Release notes

Sourced from mysql2's releases.

v3.9.8

3.9.8 (2024-05-26)

Bug Fixes

• security: sanitize fields and tables when using nestTables (#2702) (efe3db5)
• support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2704) (2e03694)
• typings: typo from jonServerPublicKey to onServerPublicKey (#2699) (8b5f691)

v3.9.7

3.9.7 (2024-04-21)

Bug Fixes

• security: sanitize timezone parameter value to prevent code injection - report by zhaoyudi (Nebulalab) (#2608) (7d4b098)

v3.9.6

3.9.6 (2024-04-18)

Bug Fixes

• binary parser sometimes reads out of packet bounds when results contain null and typecast is false (#2601) (705835d)

v3.9.5

3.9.5 (2024-04-17)

Bug Fixes

• revert breaking change in results creation (#2591) (f7c60d0)

v3.9.4

3.9.4 (2024-04-09)

Bug Fixes

• SSL: separate each certificate into an individual item #2542 (63f1055)
• security: improve supportBigNumbers and bigNumberStrings sanitization (#2572) (74abf9e)
  • Fixes a potential RCE attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab
• security: improve results object creation (#2574) (4a964a3)
  • Fixes a potential Prototype Pollution attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab
• docs: improve the contribution guidelines (#2552) (8a818ce)

v3.9.3

3.9.3 (2024-03-26)

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.9.8 (2024-05-26)

Bug Fixes

• security: sanitize fields and tables when using nestTables (#2702) (efe3db5)
• support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2704) (2e03694)
• typings: typo from jonServerPublicKey to onServerPublicKey (#2699) (8b5f691)

3.9.7 (2024-04-21)

Bug Fixes

• security: sanitize timezone parameter value to prevent code injection (#2608) (7d4b098)

3.9.6 (2024-04-18)

Bug Fixes

• binary parser sometimes reads out of packet bounds when results contain null and typecast is false (#2601) (705835d)

3.9.5 (2024-04-17)

Bug Fixes

• revert breaking change in results creation (#2591) (f7c60d0)

3.9.4 (2024-04-09)

Bug Fixes

• docs: improve the contribution guidelines (#2552) (8a818ce)
• security: improve results object creation (#2574) (4a964a3)
• security: improve supportBigNumbers and bigNumberStrings sanitization (#2572) (74abf9e)

3.9.3 (2024-03-26)

Bug Fixes

• security: improve cache key formation (#2424) (0d54b0c)
  • Fixes a potential parser cache poisoning attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab
• update Amazon RDS SSL CA cert (#2131) (d9dccfd)

3.9.2 (2024-02-26)

... (truncated)

Commits

• f637d3f chore(master): release 3.9.8 (#2700)
• efe3db5 fix(security): sanitize fields and tables when using nestTables (#2702)
• 2e03694 fix: support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2...
• 8b5f691 fix(typings): typo from jonServerPublicKey to onServerPublicKey (#2699)
• 5c75802 build(deps-dev): bump tsx from 4.10.5 to 4.11.0 in /website (#2695)
• 179769f build(deps): bump @​easyops-cn/docusaurus-search-local in /website (#2696)
• 56289e2 build(deps-dev): bump poku from 1.12.1 to 1.13.0 (#2698)
• b029308 build(deps-dev): bump poku from 1.12.1 to 1.13.0 in /website (#2697)
• 539acb8 build(deps): bump lucide-react from 0.378.0 to 0.379.0 in /website (#2693)
• dc80580 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.9.0 to 7.10.0 i...
• Additional commits viewable in compare view

Updates typeorm from 0.2.45 to 0.3.0

Release notes

Sourced from typeorm's releases.

0.3.0

Changes in the version includes changes from the next branch and typeorm@next version. They were pending their migration from 2018. Finally, they are in the master branch and master version.

Features

• compilation target now is es2020. This requires Node.JS version 14+

• TypeORM now properly works when installed within different node_modules contexts (often happen if TypeORM is a dependency of another library or TypeORM is heavily used in monorepo projects)

• Connection was renamed to DataSource. Old Connection is still there, but now it's deprecated. It will be completely removed in next version. New API:

export const dataSource = new DataSource({
    // ... options ...
})
// load entities, establish db connection, sync schema, etc.
await dataSource.connect()

Previously, you could use new Connection(), createConnection(), getConnectionManager().create(), etc. They all deprecated in favour of new syntax you can see above.

New way gives you more flexibility and simplicity in usage.

• new custom repositories syntax:

export const UserRepository = myDataSource.getRepository(UserEntity).extend({
    findUsersWithPhotos() {
        return this.find({
            relations: {
                photos: true
            }
        })
    }
})

Old ways of custom repository creation were dropped.

• added new option on relation load strategy called relationLoadStrategy. Relation load strategy is used on entity load and determines how relations must be loaded when you query entities and their relations from the database. Used on find* methods and QueryBuilder. Value can be set to join or query.

  • join - loads relations using SQL JOIN expression

... (truncated)

Changelog

Sourced from typeorm's changelog.

0.3.0 (2022-03-17)

Changes in the version includes changes from the next branch and typeorm@next version. They were pending their migration from 2018. Finally, they are in the master branch and master version.

Features

• compilation target now is es2020. This requires Node.JS version 14+

• TypeORM now properly works when installed within different node_modules contexts (often happen if TypeORM is a dependency of another library or TypeORM is heavily used in monorepo projects)

• Connection was renamed to DataSource. Old Connection is still there, but now it's deprecated. It will be completel...

  Description has been truncated