fix(deps): update dependency typeorm to v0.2.25 [security]

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
typeorm	0.2.18 -> 0.2.25

GitHub Vulnerability Alerts

CVE-2020-8158

Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.

---

Release Notes

typeorm/typeorm

v0.2.25

Compare Source

Bug Fixes

• 'in' clause case for ORACLE (#​5345) (8977365)
• calling EntityManager.insert() with an empty array of entities (#​5745) (f8c52f3), closes #​5734 #​5734 #​5734
• columns with transformer should be normalized for update (#​5700) (4ef6b65), closes #​2703
• escape column comment in mysql driver (#​6056) (5fc802d)
• expo sqlite driver disconnect() (#​6027) (61d59ca)
• HANA - SSL options, column delta detection mechanism (#​5938) (2fd0a8a)
• handle URL objects as column field values (#​5771) (50a0641), closes #​5762 #​5762
• insert and update query builder to handle mssql geometry column correctly (#​5947) (87cc6f4)
• migrations being generated for FK even if there are no changes (#​5869) (416e419)
• multiple assignments to same column on UPDATE #​2651 (#​5598) (334e17e)
• prevent TypeError when calling bind function with sql.js 1.2.X (#​5789) (c6cbddc)
• prototype pollution issue (#​6096) (db9d0fa)
• provide a default empty array for parameters. (#​5677) (9e8a8cf)
• redundant undefined parameters are not generated in migration files anymore (#​5690) (d5cde49)
• replacing instanceof Array checks to Array.isArray because instanceof Array seems to be problematic on some platforms (#​5606) (b99b4ad)
• respect database from connection urls (#​5640) (ed75d59), closes #​2096
• sha.js import (#​5728) (8c3f48a)
• Unknown fields are stripped from WHERE clause (issue #​3416) (#​5603) (215f106)
• update dependency mkdirp to 1.x (#​5748) (edeb561)
• update Entity decorator return type to ClassDecorator (#​5776) (7d8a1ca)
• use an empty string enum as the type of a primary key column (#​6063) (8e0d817), closes #​3874
• use correct typings for the result of getUpsertedIds() (#​5878) (2ab88c2)
• wrong table name parameter when not using default schema (#​5801) (327144a)

Features

• add FOR NO KEY UPDATE lock mode for postgresql (#​5971) (360122f)
• add name option to view column (#​5962) (3cfcc50), closes #​5708
• Add soft remove and recover methods to entity (#​5854) (9d2b8e0)
• added support for NOWAIT & SKIP LOCKED in Postgres (#​5927) (2c90e1c)
• Aurora Data API - Postgres Support (#​5651) (e584297)
• aurora Data API - Support for AWS configuration options through aurora driver (#​5754) (1829f96)
• create-column, update-column, version-column column kinds now support user specified values (#​5867) (5a2eb30), closes #​3271
• names of extra columns for specific tree types moved to NamingStrategy (#​5737) (ec3be41)
• PG allow providing a function for password (#​5673) (265d1ae)
• update cli migration up and down from any to void (#​5630) (76e165d)
• UpdateResult returns affected rows in mysql (#​5628) (17f2fff), closes #​1308

Performance Improvements

• An optimized version of EntityMetadata#compareIds() for the common case (#​5419) (a9bdb37)

v0.2.24

Compare Source

Bug Fixes

• .synchronize() drops json column on mariadb (#​5391) (e3c78c1), closes typeorm/typeorm#​3636
• (base-entity) set create return type to T[] (#​5400) (ceff897)
• add the enableArithAbort option to the sql server connection option typings (#​5526) (d19dbc6)
• bug when default value in mssql were not updated if previous default was already set (9fc8329)
• change OrmUtils.mergeDeep to not merge RegExp objects (#​5182) (0f51836), closes #​3534
• fk on update should not use attributes of on delete (2baa934)
• load typeorm-aurora-data-api-driver correctly when using webpack (#​4788) (#​5302) (9da0d34)
• not to make typeorm generate alter query on geometry column when that column was not changed (#​5525) (ee57557)
• Oracle sql expression for date column (#​5305) (40e9d3a), closes #​4452 #​4452
• refactoring instance of with Array.isArray() (#​5539) (1e1595e)
• Return NULL when normalize default null value (#​5517) (1826b75), closes #​5509
• SAP HANA driver fixes (#​5445) (87b161f)
• update foreign keys when table name changes (#​5482) (7157cb3)
• use OUTPUT INTO on SqlServer for returning columns (#​5361) (6bac3ca), closes #​5160 #​5160
• use sha.js instead of crypto for hash calculation (#​5270) (b380a7f)

Features

• Add basic support for custom cache providers (#​5309) (6c6bde7)
• add fulltext parser option (#​5380) (dd73395)

v0.2.23

Compare Source

Bug Fixes

• .synchronize() drops json column on mariadb (#​5391) (e3c78c1), closes typeorm/typeorm#​3636
• (base-entity) set create return type to T[] (#​5400) (ceff897)
• add the enableArithAbort option to the sql server connection option typings (#​5526) (d19dbc6)
• bug when default value in mssql were not updated if previous default was already set (9fc8329)
• change OrmUtils.mergeDeep to not merge RegExp objects (#​5182) (0f51836), closes #​3534
• fk on update should not use attributes of on delete (2baa934)
• load typeorm-aurora-data-api-driver correctly when using webpack (#​4788) (#​5302) (9da0d34)
• not to make typeorm generate alter query on geometry column when that column was not changed (#​5525) (ee57557)
• Oracle sql expression for date column (#​5305) (40e9d3a), closes #​4452 #​4452
• refactoring instance of with Array.isArray() (#​5539) (1e1595e)
• Return NULL when normalize default null value (#​5517) (1826b75), closes #​5509
• SAP HANA driver fixes (#​5445) (87b161f)
• update foreign keys when table name changes (#​5482) (7157cb3)
• use OUTPUT INTO on SqlServer for returning columns (#​5361) (6bac3ca), closes #​5160 #​5160
• use sha.js instead of crypto for hash calculation (#​5270) (b380a7f)

Features

• Add basic support for custom cache providers (#​5309) (6c6bde7)
• add fulltext parser option (#​5380) (dd73395)

v0.2.22

Compare Source

Bug Fixes

• use a prefix on SelectQueryBuilder internal parameters (#​5178) (cacb08b), closes #​5174 #​5174

Features

• hash aliases to avoid conflicts (#​5227) (edc8e6d)
• implement driver options for NativeScript (#​5217) (3e58426)
• SAP Hana support (#​5246) (ec90341)
• speed ​​up id search in buildChildrenEntityTree (#​5202) (2e628c3)

BREAKING CHANGES

• aliases for very long relation names may be replaced with hashed strings. Fix: avoid collisions by using longest possible hash. Retain more entropy by not using only 8 characters of hashed aliases.

v0.2.21

Compare Source

Bug Fixes

• allow expireAfterSeconds 0 in Index decorator (close #​5004) (#​5005) (d05467c)
• do not mutate connection options (#​5078) (1047989)
• mysql driver query streaming (#​5036) (aff2f56)
• remove consrc usage (postgres,cockroachdb) (#​4333) (ce7cb16), closes #​4332
• repo for app-root-path in lock file (#​5052) (f0fd192)
• resolve MySQL unique index check when bigNumberStrings is false (#​4822) (d205574), closes #​2737
• resolve sorting bug for several mongo vesions with typeorm migration (#​5121) (cb771a1), closes #​5115
• throwing error on duplicate migration names #​4701 (#​4704) (3e4dc9f)
• unescaped column name in order clause of "migrations" (#​5108) (c0c8566)
• upgrade app-root-path (#​5023) (7f87f0c)

Features

• add distinct on() support for postgres (#​4954) (1293065)
• add migrations transaction option to connection options (#​5147) (fb60688), closes #​4629 #​4629
• asynchronous ormconfig support (#​5048) (f9fdaee), closes #​4149
• export Migration Execution API from main package (fixes #​4880) (#​4892) (8f4f908)
• support spatial types of MySQL 8+ (#​4794) (231dadf), closes #​3702

v0.2.20

Compare Source

Bug Fixes

• ensure distinct property is respected cloning query builder (#​4843) (ea17094), closes #​4842
• aurora: apply mysql query fixes to aurora (#​4779) (ee61c51)
• allow EntitySchema to be passed to EntityRepository (#​4884) (652a20e)
• better timestamp comparison (#​4769) (0a13e6a)
• broken database option when using replication, changes introduced by #​4753 (#​4826) (df5479b)
• check for version of MariaDB before extracting COLUMN_DEFAULT (#​4783) (c30b485)
• connection Reuse is broken in a Lambda environment: (#​4804) (7962036)
• FindOptionUtils export (#​4746) (4a62b1c), closes #​4745
• loading of aurora-data-api driver (#​4765) (fbb8947)
• postgres: postgres query runner to create materialized view (#​4877) (d744966)
• migrations run in reverse order for mongodb (#​4702) (2f27581)
• mongodb Cursor.forEach types (#​4759) (fccbe3e)
• Slack invite URL (#​4836) (149af26)

Features

• add name to MigrationInterface (fixes #​3933 and fixes #​2549) (#​4873) (4a73fde)
• add new transaction mode to wrap each migration in transaction (#​4629) (848fb1f)
• add option to Column to specify the complete enumName (#​4824) (d967180)
• add support for cube array for PostgreSQL (#​4848) (154a441)
• implements Sqlite 'WITHOUT ROWID' table modifier (#​4688) (c1342ad), closes #​3330

v0.2.19

Compare Source

Bug Fixes

• "database" option error in driver when use "url" option for connection (690e6f5)
• "hstore injection" & properly handle NULL, empty string, backslashes & quotes in hstore key/value pairs (#​4720) (3abe5b9)
• add SaveOptions and RemoveOptions into ActiveRecord (#​4318) (a6d7ba2)
• apostrophe in Postgres enum strings breaks query (#​4631) (445c740)
• change PrimaryColumn decorator to clone passed options (#​4571) (3cf470d), closes #​4570
• createQueryBuilder relation remove works only if using ID (#​2632) (#​4734) (1d73a90)
• resolve issue with conversion string to simple-json (#​4476) (d1594f5), closes #​4440
• sqlite connections don't ignore the schema property (#​4599) (d8f1c81)
• the excessive stack depth comparing types FindConditions<?> and FindConditions<?> problem (#​4470) (7a0beed)
• views generating broken Migrations (#​4726) (c52b3d2), closes #​4123

Features

• add set datatype support for MySQL/MariaDB (#​4538) (19e2179), closes #​2779
• add materialized View support for Postgres (#​4478) (dacac83), closes #​4317 #​3996
• add mongodb useUnifiedTopology config parameter (#​4684) (92e4270)
• add multi-dimensional cube support for PostgreSQL (#​4378) (b6d6278)
• add options to input init config for sql.js (#​4560) (5c311ed)
• add postgres pool error handler (#​4474) (a925be9)
• add referenced table metadata to NamingStrategy to resolve foreign key name (#​4274) (0094f61), closes #​3847 #​1355
• add support for ON CONFLICT for cockroach (#​4518) (db8074a), closes #​4513
• Added support for DISTINCT queries (#​4109) (39a8e34)
• Aurora Data API (#​4375) (c321562)
• export additional schema builder classes (#​4325) (e589fda)
• log files loaded from glob patterns (#​4346) (e12479e), closes #​4162
• UpdateResult returns affected rows in postgresql (#​4432) (7808bba), closes #​1308

---

Configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.