[Snyk] Upgrade typeorm from 0.2.24 to 0.2.39

Created by: snyk-bot

Snyk has created this PR to upgrade typeorm from 0.2.24 to 0.2.39.

ℹ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 81 versions ahead of your current version.
• The recommended version was released 22 days ago, on 2021-11-09.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-TYPEORM-590152	801/1000 Why? Mature exploit, Has a fix available, CVSS 8.3	Mature
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HIGHLIGHTJS-1048676	801/1000 Why? Mature exploit, Has a fix available, CVSS 8.3	No Known Exploit
	Prototype Pollution SNYK-JS-HIGHLIGHTJS-1045326	801/1000 Why? Mature exploit, Has a fix available, CVSS 8.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: typeorm

• 0.2.39 - 2021-11-09

  Bug Fixes

  • attach FOR NO KEY UPDATE lock to query if required (#8008) (9692930), closes #7717
  • cli should accept absolute paths for --config (4ad3a61)
  • create a different cacheId if present for count query in getManyAndCount (#8283) (9f14e48), closes #4277
  • defaults type cast filtering in Cockroachdb (#8144) (28c183e), closes #7110 #7110
  • do not generate migration for unchanged enum column (#8161) (#8164) (4638dea)
  • NativescriptQueryRunner's query method fails when targeting es2017 (#8182) (8615733)
  • OneToManySubjectBuilder bug with multiple primary keys (#8221) (6558295)
  • ordering by joined columns for PostgreSQL (#3736) (#8118) (1649882)
  • support DeleteResult in SQLiteDriver (#8237) (b678807)

  Features

  • add typeorm command wrapper to package.json in project template (#8081) (19d4a91)
  • add dependency configuraiton for views #8240 (#8261) (2c861af)
  • add relation options to all tree queries (#8080) (e4d4636), closes #8076
  • add the ability to pass the driver into all database types (#8259) (2133ffe)
  • more informative logging in case of migration failure (#8307) (dc6f1c9)
  • support using custom index with SelectQueryBuilder in MySQL (#7755) (f79ae58)

  Reverts

  • Revert "fix: STI types on children in joins (#3160)" (#8309) (0adad88), closes #3160 #8309
• 0.2.39-dev.f79ae58 - 2021-11-09
• 0.2.39-dev.ef33cf4 - 2021-10-28
• 0.2.39-dev.e4d4636 - 2021-11-08
• 0.2.39-dev.dd94c9d - 2021-10-04
• 0.2.39-dev.d8c5812 - 2021-10-03
• 0.2.39-dev.d7d19e9 - 2021-10-02
• 0.2.39-dev.cf281ef - 2021-10-22
• 0.2.39-dev.bc55836 - 2021-10-28
• 0.2.39-dev.b6c828c - 2021-10-18
• 0.2.39-dev.b678807 - 2021-10-02
• 0.2.39-dev.6929ae3 - 2021-11-06
• 0.2.39-dev.503d1dc - 2021-10-20
• 0.2.39-dev.4ad3a61 - 2021-10-21
• 0.2.39-dev.4aaafdf - 2021-11-09
• 0.2.39-dev.4638dea - 2021-11-04
• 0.2.39-dev.2c861af - 2021-10-26
• 0.2.39-dev.28c183e - 2021-11-04
• 0.2.39-dev.25271d7 - 2021-11-02
• 0.2.39-dev.2133ffe - 2021-10-22
• 0.2.39-dev.179ae75 - 2021-10-26
• 0.2.39-dev.1197f88 - 2021-10-29
• 0.2.39-dev.0bc194c - 2021-10-03
• 0.2.39-dev.0adad88 - 2021-10-27
• 0.2.39-dev.9692930 - 2021-11-08
• 0.2.39-dev.8615733 - 2021-10-06
• 0.2.39-dev.6558295 - 2021-11-05
• 0.2.39-dev.1649882 - 2021-11-05
• 0.2.38 - 2021-10-02

  Bug Fixes

  • prevent using absolute table path in migrations unless required (#8038) (e9366b3)
  • snakecase conversion for strings with numbers (#8111) (749511d)
  • use full path for table lookups (#8097) (22676a0)

  Features

  • support QueryRunner.stream with Oracle (#8086) (b858f84)
• 0.2.38-dev.e9366b3 - 2021-08-18
• 0.2.38-dev.d8f6037 - 2021-10-02
• 0.2.38-dev.d4111ce - 2021-10-02
• 0.2.38-dev.b858f84 - 2021-08-17
• 0.2.38-dev.a868078 - 2021-08-28
• 0.2.38-dev.749511d - 2021-08-25
• 0.2.38-dev.324f1d8 - 2021-10-02
• 0.2.38-dev.22676a0 - 2021-08-24
• 0.2.38-dev.02f0bce - 2021-08-13
• 0.2.37 - 2021-08-13

  Bug Fixes

  • allow periods in parameter identifiers (#8022) (4201938)
  • ConnectionManager connections property should include list of Connections (#8004) (2344db6)
  • entity value for date columns that are related (#8027) (5a3767f)
  • handle brackets when only one condition is passed (#8048) (ab39066)
  • handle enums with multiple apostrophes in MySQL (#8013) (37c40a6), closes #8011
  • include all drivers in driverfactory error message (#8061) (fbd1ef7)
  • resolve not returning soft deleted relations with withDeleted find option (#8017) (65cbcc7)
  • SAP HANA inserts used incorrect value for returning query (#8072) (36398db)
  • some drivers set the wrong database name when defined from url (#8058) (a3a3284)
  • throw error when not connected in drivers (#7995) (cd71f62)

  Features

  • add relations option to tree queries (#7981) (ca26297), closes #7974 #4564
  • add serviceName option for oracle connections (#8021) (37bd012)
  • add support to string array on dropColumns (#7654) (91d5b2f)
  • support Oracle Implicit Results (#8050) (fe78bee)
• 0.2.37-dev.fe78bee - 2021-08-08
• 0.2.37-dev.fbd1ef7 - 2021-08-11
• 0.2.37-dev.fbbac93 - 2021-08-03
• 0.2.37-dev.f7eb46d - 2021-07-31
• 0.2.37-dev.f0e40f6 - 2021-08-06
• 0.2.37-dev.cd71f62 - 2021-07-31
• 0.2.37-dev.ca26297 - 2021-08-04
• 0.2.37-dev.ba366f2 - 2021-08-08
• 0.2.37-dev.ab39066 - 2021-08-06
• 0.2.37-dev.a5e4ce7 - 2021-08-05
• 0.2.37-dev.a3a3284 - 2021-08-10
• 0.2.37-dev.91d5b2f - 2021-07-31
• 0.2.37-dev.80cdf8f - 2021-08-11
• 0.2.37-dev.768b4fe - 2021-08-05
• 0.2.37-dev.69fabaf - 2021-07-31
• 0.2.37-dev.65cbcc7 - 2021-08-10
• 0.2.37-dev.5a3767f - 2021-08-08
• 0.2.37-dev.5714e8d - 2021-08-11
• 0.2.37-dev.37c40a6 - 2021-08-11
• 0.2.37-dev.37bd012 - 2021-08-04
• 0.2.37-dev.36398db - 2021-08-12
• 0.2.37-dev.2344db6 - 2021-08-04
• 0.2.37-dev.01a038c - 2021-08-13
• 0.2.37-dev.4201938 - 2021-08-05
• 0.2.36 - 2021-07-31

  Bug Fixes

  • add deprecated WhereExpression alias for WhereExpressionBuilder (#7980) (76e7ed9)
  • always generate migrations with template string literals (#7971) (e9c2af6)
  • use js rather than ts in all browser package manifests (#7982) (0d90bcd)
  • use nvarchar/ntext during transit for SQLServer queries (#7933) (62d7976)

  Features

  • add postgres connection option applicationName (#7989) (d365acc)
• 0.2.36-dev.d365acc - 2021-07-30
• 0.2.36-dev.b797781 - 2021-07-30
• 0.2.36-dev.76e7ed94 - 2021-07-30
• 0.2.36-dev.62d7976 - 2021-07-31
• 0.2.36-dev.0d90bcd - 2021-07-30
• 0.2.35 - 2021-07-29 Read more
• 0.2.35-rc.0 - 2021-07-28
• 0.2.34 - 2021-06-03

  version bump

• 0.2.33 - 2021-06-01

  version bump

• 0.2.32 - 2021-03-30

  version bump

• 0.2.31 - 2021-02-08
• 0.2.30 - 2021-01-12
• 0.2.29 - 2020-11-02
• 0.2.28 - 2020-09-30
• 0.2.27 - 2020-09-29
• 0.2.26 - 2020-09-10
• 0.2.25 - 2020-05-19
• 0.2.24 - 2020-02-28

from typeorm GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs