Skip to content

fix(deps): update dependency mysql2 to v3.19.1#458

Open
abrain-bot wants to merge 1 commit intodevelopfrom
renovate/mysql2-3.x
Open

fix(deps): update dependency mysql2 to v3.19.1#458
abrain-bot wants to merge 1 commit intodevelopfrom
renovate/mysql2-3.x

Conversation

@abrain-bot
Copy link
Collaborator

@abrain-bot abrain-bot commented Feb 28, 2026
edited
Loading

This PR contains the following updates:

Package Type Update Change Pending
mysql2 (source) dependencies minor 3.16.3 -> 3.19.1 3.20.0

Release Notes

sidorares/node-mysql2 (mysql2)

v3.19.1

Compare Source

Bug Fixes
  • bound null-terminated string read to packet end (fixes a potential OOB read reported by Doruk Tan Ozturk (peaktwilight)) (#​4161) (91c5229)
  • handle malformed geometry payloads (fixes a potential DoS vulnerability reported by Doruk Tan Ozturk (peaktwilight)) (#​4164) (1869215)
  • prevent query param override of URL-defined connection options (fixes a potential config injection vulnerability reported by Doruk Tan Ozturk (peaktwilight)) (#​4162) (3123b4e)
  • validate buffer bounds in geometry parser (fixes a potential DoS vulnerability reported by Doruk Tan Ozturk (peaktwilight)) (#​4159) (7c2ae00)

v3.19.0

Compare Source

Features
  • use server's preferred auth method to eliminate auth switch roundtrip (#​4140) (b57c671)
Bug Fixes

v3.18.2

Compare Source

Bug Fixes
  • types: add supportBigNumbers, bigNumberStrings, dateStrings, and timezone options to QueryOptions (#​4127) (b274e72)
  • types: extend QueryValues to callback-based methods (#​4129) (2ad5f0b)
  • types: improve ExecuteValues "nested" params (#​4133) (3f94950)
  • types: support Raw and Uint8Array params (#​4132) (bde9aec)

v3.18.1

Compare Source

Bug Fixes
  • types: ensure optional params in query and execute methods (#​4123) (3f4bbca)

v3.18.0

Compare Source

Features
  • add Symbol.dispose and Symbol.asyncDispose support for Connections, Pools, and Pool Clusters (#​4112) (1e612dc)

v3.17.5

Compare Source

Bug Fixes

v3.17.4

Compare Source

Bug Fixes

v3.17.3

Compare Source

Bug Fixes
  • fix PoolConnection.end callback and promise resolution (#​3937) (18ff2c6)

v3.17.2

Compare Source

Bug Fixes
  • distinguish delimiters in queries from SQL comments (#​4084) (454ba10)
  • pool: discard connection on error 1290 (Aurora read-only failure) (#​4075) (9188963)
  • pool: handle all read-only errors during Aurora failover (#​4082) (ce98d8e)

v3.17.1

Compare Source

Bug Fixes
  • expand object params after ON DUPLICATE KEY UPDATE preceded by SET (#​4076) (4d2b930)

v3.17.0

Compare Source

Bug Fixes
  • security: resolve a potential SQL injection bypass through objects (#​4054) (7f133cc)

Configuration

📅 Schedule: Branch creation - Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@codecov
Copy link

codecov bot commented Feb 28, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 63.68%. Comparing base (224cd95) to head (4e147cc).

Additional details and impacted files 
@@           Coverage Diff            @@
##           develop     #458   +/-   ##
========================================
  Coverage    63.68%   63.68%           
========================================
  Files           83       83           
  Lines         1005     1005           
  Branches        89       89           
========================================
  Hits           640      640           
  Misses         351      351           
  Partials        14       14
Flag Coverage Δ
server 63.68% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@abrain-bot abrain-bot changed the title fix(deps): update dependency mysql2 to v3.18.0 fix(deps): update dependency mysql2 to v3.18.1 Feb 28, 2026
@abrain-bot abrain-bot force-pushed the renovate/mysql2-3.x branch from 0890a49 to 9707a87 Compare March 1, 2026 18:25
@abrain-bot abrain-bot changed the title fix(deps): update dependency mysql2 to v3.18.1 fix(deps): update dependency mysql2 to v3.18.2 Mar 1, 2026
@abrain-bot abrain-bot force-pushed the renovate/mysql2-3.x branch from 9707a87 to dd17e9d Compare March 8, 2026 15:26
@abrain-bot abrain-bot changed the title fix(deps): update dependency mysql2 to v3.18.2 fix(deps): update dependency mysql2 to v3.19.0 Mar 8, 2026
@abrain-bot abrain-bot force-pushed the renovate/mysql2-3.x branch from dd17e9d to 4e147cc Compare March 12, 2026 17:26
@abrain-bot abrain-bot changed the title fix(deps): update dependency mysql2 to v3.19.0 fix(deps): update dependency mysql2 to v3.19.1 Mar 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@abrain-bot @renovate-bot