Umed Khudoiberdiev
Umed Khudoiberdiev
@CollinCashio since there are multiple reports on the issue - is it possible if we revert the changes?
There is so much confusion in this issue. People just keep posting messages about their problem without analyzing if this issue is related to their or not. Maybe I missed...
If you go into the [details](https://github.com/advisories/GHSA-fx4w-v43j-vc45), you'll see the effected version is < 0.3.0. It's not clear why it gives you an error for `0.3.20`.
@finbargp feels like something is wrong with IDE / plugin? Try to research where it pulls the data (I'm talking about effected versions). I don't see effected versions data on...
Seems like a mess. * The "Advisory" link from checkmarx leads to the github which references vulnerability in the version below 0.3.0 * The "POC/Exploit" link from checkmarx leads to...
And also that poc/exploit link tells about "Information Disclosure", not about "sql injection", so I think they really confused things.
It will take a time. If you can make a request from them from your side, that would be very helpful.
It wouldn't work. Sometimes you need to pass down to the same driver **_exactly an array_**, sometimes not, depend on your use case (your SQL query).
Original entity schema contains errors, like its not specified inverse side of relation, so I'm not sure maybe its source of original error. Regarding to why it updates another entity...
it's not a bug, it's a question leading to a feature request. The answer to your request - right now it's not possible to do what you want. * `QueryBuilder`...