fix(deps): update dependency knex to v2 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
knex (source)	0.95.14 → 2.4.0

GitHub Vulnerability Alerts

CVE-2016-20018

Knex Knex.js through 2.3.0 has a limited SQL injection vulnerability that can be exploited to ignore the WHERE clause of a SQL query. This vulnerability has been fixed in version 2.4.0.

---

Release Notes

knex/knex (knex)

v2.4.0

Compare Source

New features:

• Support partial unique indexes #​5316
• Make compiling SQL in error message optional #​5282

Bug fixes

• Insert array into json column #​5321
• Fix unexpected max acquire-timeout #​5377
• Fix: orWhereJson #​5361
• MySQL: Add assertion for basic where clause not to be object or array #​1227
• SQLite: Fix changing the default value of a boolean column in SQLite #​5319

Typings:

• add missing type for 'expirationChecker' on PgConnectionConfig #​5334

v2.3.0

Compare Source

New features:

• PostgreSQL: Explicit jsonb support for custom pg clients #​5201
• SQLite: Support returning with sqlite3 and better-sqlite3 #​5285
• MSSQL: Implement mapBinding mssql dialect option #​5292

Typings:

• Update types for TS 4.8 #​5279
• Fix typo #​5267
• Fix WhereJsonObject withCompositeTableType #​5306
• Fix AnalyticFunction type #​5304
• Infer specific column value type in aggregations #​5297

v2.2.0

Compare Source

New features:

• Inline primary key creation for postgres flavours #​5233
• SQLite: Add warning for undefined connection file #​5223
• MSSQL: Add JSON parameter support for connection #​5200

Bug fixes:

• PostgreSQL: add primaryKey option for uuid #​5212

Typings:

• Add promisable and better types #​5222
• Update raw query bind parameter type #​5208

v2.1.0

Compare Source

New features:

• Improve bundling experience to safely import dialects while using static paths #​5142
• Implement extendable builders #​5041
• PostgreSQL: Refresh materialized view concurrently #​5166

Bug fixes:

• Use correct paths in package.json browser field #​5174
• MariaDB: Fix 'NULL' returned instead of NULL on MariaDB 10.2.6+ #​5181
• MySQL: fix hasColumn Error (hasColumn ('a_id') is true, but hasColumn('a_Id') is false) #​5148
• MSSQL: Fix .hasTable result when using .withSchema #​5176
• Oracle: correctly INSERTS Buffer #​4869

Typings:

• Update type definitions for pg connection #​5139

v2.0.0

Compare Source

Breaking changes

• Restore sqlite3 package #​5136

Test / internal changes:

• Migrate Husky from 4 to 7 #​5137
• Migrate Jake to 10.8.5 #​5138

v1.0.7

Compare Source

Bug fixes:

• CLI: Fix cli migrate:make SQLite dependency #​5106

v1.0.6

Compare Source

Bug fixes:

• PostgreSQL: Wait for search path to be set before returning connection #​5107
• CLI: No client override during migrate:make #​5109

v1.0.5

Compare Source

New features:

• Override knexfile options with CLI options #​4047

Bug fixes:

• Stringify json value in update #​5063
• Fix isModuleType() for yarn #​4447
• Wrapped Unions Fixes #​5072
• SQLite: Fix @​vscode-sqlite3 error message #​5081
• CLI: Fix completed migration listing #​5060

Typings:

• Make default generic parameters of Knex match the generic parameter types of knex #​5021
• Update knex types for TS 4.7 #​5095

v1.0.4

Compare Source

New features:

• Add whereLike functions #​5044

Bug fixes:

• Fix orWhereJsonPath clause #​5022
• Subquery in on clause missing parenthesis #​5049
• Rework Union Wrapping #​5030
• Oracle: Fix batch inserts with DEFAULT values with OracleDB #​2592 #​5037

Typings:

• Fix types for "returning" methods #​5031
• createTableLike callback should be optional #​5055

Documentation:

• Website URL changed to https://knex.github.io/documentation/

v1.0.3

Compare Source

Bug fixes:

• Fix error message for missing migration files #​4937
• Add withMaterialized and withNotMaterialized to method-constants #​5009
• PostgreSQL: Fix whereJsonPath queries #​5011
• PostgreSQL: Fix delete joins #​5016
• CockroachDB: Fix whereJsonPath queries #​5011
• MySQL: Create primary keys in same statement #​5017

Typings:

• Fix type definition for getMigration in MigrationSource #​4998
• Fix argument type of alter method #​4996

Improvements:

• Use async / await syntax in seeds as default #​5005

Documentation:

• Add Firebird dialect to ECOSYSTEM.md #​5003

v1.0.2

Compare Source

New features:

• Support of MATERIALIZED and NOT MATERIALIZED with WITH/CTE #​4940
• Add raw support in onConflict clause #​4960
• Alter nullable constraint when alterNullable is set to true #​4730
• Add alterType parameter for alter function #​4967
• Support string json in json values #​4988
• MySQL: add with clause #​4508

Bug fixes:

• Fix error message for missing migration files #​4937
• Move deferrable to after on update/on delete #​4976
• Do not use sys.tables to find if a table exists #​2328
• PostgreSQL: Fix Order nulls #​4989
• MySQL: Fix collation when renaming column #​2666
• SQLite: Same boolean handling in better-sqlite3 as in sqlite3 #​4982

Typings:

• WhereILike - fix typo #​4941

v1.0.1

Compare Source

Bug fixes:

• Fix package.json metadata

v1.0.0

Compare Source

Breaking changes

• Dropped support for Node 10;
• Replaced unsupported sqlite3 driver with @vscode/sqlite3;
• Changed data structure from RETURNING operation to be consistent with SELECT;
• Changed Migrator to return list of migrations as objects consistently.

New features:

• Support fromRaw #​4781
• Support zero precision in timestamp/datetime #​4784
• Support whereLike and whereILike #​4779
• Add JSDoc (TS flavor) to stub files #​4809
• Allow skip binding in limit and offset #​4811
• Support creating a new table in the database based on another table #​4821
• Accept Raw on onIn joins #​4830
• Implement support for custom seed sources #​4842
• Add binary uuid option #​4836
• ForUpdate array parameter #​4882
• Add camel case to timestamps method #​4803
• Advanced JSON support #​4859
• Add type to TypeScript knexfile #​4909
• Checks Constraints Support #​4874
• Support creating multiple PKs with increments #​4903
• Enable wrapIdentifier for SQLite .hasTable #​4915
• MSSQL: Add support for unique constraint #​4887
• SQLite: New dialect, using better-sqlite3 driver #​4871
• SQLite: Switch to @​vscode/sqlite3 #​4866
• SQLite: Support createViewOrReplace #​4856
• SQLite: Support RETURNING statements for better-sqlite3 driver #​4934
• PostgreSQL: Support JOIN and USING syntax for Delete Statement #​4800

Bug fixes:

• Fix overzealous warning on use of whereNot with "in" or "between" #​4780
• Fix Union all + first syntax error #​4799
• Make view columns optional in create view like #​4829
• Insert lock row fix during migration #​4865
• Fix for createViewOrReplace #​4856
• SQLite: Fix foreign key constraints when altering a table #​4189
• MySQL: Validate connection fix #​4794
• MySQL: Set comment size warning limit to 1024 #​4867

Typings:

• Allow string indexType in index creation #​4791
• Add missing ints typings #​4832
• Returning method types #​4881
• Improve columnInfo type #​4868

v0.95.15

Compare Source

Bug fixes:

• Oracle:
• MariaDB: lock row fix during migration in MariaDB and Oracle #​4865

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.