[Snyk] Upgrade knex from 0.7.3 to 0.95.1

[snyk-bot]

Snyk has created this PR to upgrade knex from 0.7.3 to 0.95.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 129 versions ahead of your current version.
• The recommended version was released 23 days ago, on 2021-03-04.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution npm:extend:20180424	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:minimatch:20160620	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-1019388	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
	SQL Injection SNYK-JS-KNEX-471962	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	579/1000 Why? Has a fix available, CVSS 7.3	Proof of Concept
	SQL Injection npm:knex:20150413	579/1000 Why? Has a fix available, CVSS 7.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: knex

• 0.95.1 - 2021-03-04
• 0.95.0 - 2021-03-03
  

  0.95.0 - 03 March, 2021

  Please upgrade to TypeScript 4.1 if using an older version!
  Check out the migration guide for other breaking changes.

  New features:

  • Add transaction isolation support #4185
  • Add analytic functions #4188
  • Change default to not trigger a promise rejection for transactions with a specified handler #4195
  • Make toSQL().toNative() work for Raw to match the API for QueryBuilder #4058
  • Allow 'match' operator #3569
  • Support optimizer hints #4243
  • Add parameter to prevent autoincrement columns from being primary keys #4266
  • Make "first" and "pluck" mutually exclusive #4280
  • Added merge strategy to allow selecting columns to upsert. #4252
  • Throw error if the array passed to insert is empty #4289
  • Events: introduce queryContext on query-error #4301
  • CLI: Use UTC timestamp for new migrations #4245
  • MSSQL: Replace MSSQL dialect with Tedious.js implementation #2857 #4281
  • MSSQL: Use "nvarchar(max)" for ".json()" #4278
  • MSSQL: Schema builder - add predictable constraint names for default values #4319
  • MSSQL: Schema builder - attempt to drop default constraints when changing default value on columns #4321
  • SQLite: Fallback to json for sqlite3 when using jsonb #4186
  • SQLite: Return complete list of DDL commands for creating foreign keys #4194
  • SQLite: Support dropping composite foreign keys #4202
  • SQLite: Recreate indices when altering a table #4277
  • SQLite: Add support for altering columns #4322

  Bug fixes:

  • Fix issue with .withSchema usage with joins on a subquery #4267
  • Fix issue with schema usage with FROM clause contain QueryBuilder, function or Raw #4268
  • CLI: Address raised security warnings by dropping liftoff #4122
  • CLI: Fix an issue with npm@7 and ESM when type was set to 'module' in package.json #4295
  • PostgreSQL: Add check to only create native enum once #3658
  • SQLite: Fix foreign key "on delete" when altering a table #4225
  • SQLite: Made the constraint detection case-insensitive #4330
  • MySQL: Keep auto increment after rename #4266
  • MSSQL: don't raise query-error twice #4314
  • MSSQL: Alter column must have its own query #4317

  Typings:

  • Add missing onConflict overrides #4182
  • Introduce the "infamous triplet" export #4181
  • Fix type definition of Transaction #4172
  • Add typedefinitions for havingNotIn #4265
  • Include 'name' property in MigratorConfig #4300
  • Improve join and conflict types #4318
  • Fix ArrayIfAlready type #4331

  Test / internal changes:

  • Drop global Knex.raw #4180
  • Stop using legacy url.parse API #3702
  • Various internal refactorings #4175 #4177 #4178 #4192
  • Refactor to classes #4190 #4191 #4193 #4210 #4253
  • Move transaction type tests to TSD #4208
  • Clean up destroy logic #4248
  • Colorize code snippets in readme files #4234
  • Add "Ecosystem" documentation for Knex plugins #4183
  • Documentation cleanup
  • SQLite: Use SQLite "rename column" instead of a DDL helper #4200
  • SQLite: Simplify reinsert logic when altering a table #4272
• 0.95.0-next3 - 2021-02-18
• 0.95.0-next2 - 2021-02-15
• 0.95.0-next1 - 2021-02-08
• 0.21.19 - 2021-03-02
• 0.21.18 - 2021-02-22
• 0.21.17 - 2021-01-30
  

  0.21.17 - 30 January, 2021

  Bug fixes:

  • SQLite: Fix SQLite foreign on delete when altering a table #4261

  New features:

  • Add support for optimizer hints (see knex/documentation#306 for documentation) #4243

  0.21.16 - 17 January, 2021

  Bug fixes:

  • MSSQL: Avoid passing unsupported pool param. Fixes node-mssql 7+ support #4236
• 0.21.16 - 2021-01-17
• 0.21.15 - 2020-12-26
  No content.
• 0.21.14 - 2020-12-18
  No content.
• 0.21.13 - 2020-12-11
  No content.
• 0.21.12 - 2020-11-02
• 0.21.11 - 2020-11-01
• 0.21.10 - 2020-10-31
  No content.
• 0.21.9 - 2020-10-29
  No content.
• 0.21.8 - 2020-10-27
• 0.21.7 - 2020-10-25
• 0.21.6 - 2020-09-27
• 0.21.5 - 2020-08-17
  No content.
• 0.21.5-next2 - 2020-08-16
• 0.21.5-next1 - 2020-08-15
• 0.21.4 - 2020-08-10
• 0.21.3 - 2020-08-08
• 0.21.2 - 2020-07-09
• 0.21.1 - 2020-04-27
• 0.21.0 - 2020-04-18
• 0.20.15 - 2020-04-15
• 0.20.14 - 2020-04-14
• 0.20.13 - 2020-03-23
• 0.20.12 - 2020-03-19
• 0.20.11 - 2020-03-05
• 0.20.10 - 2020-02-16
• 0.20.9 - 2020-02-08
• 0.20.8 - 2020-01-14
• 0.20.7 - 2020-01-07
• 0.20.6 - 2019-12-29
• 0.20.4 - 2019-12-07
• 0.20.3 - 2019-11-27
• 0.20.2 - 2019-11-14
• 0.20.1 - 2019-10-29
• 0.20.0 - 2019-10-25
• 0.19.5 - 2019-10-06
• 0.19.4 - 2019-09-09
• 0.19.3 - 2019-08-28
• 0.19.2 - 2019-08-17
• 0.19.1 - 2019-07-23
• 0.19.0 - 2019-07-11
• 0.18.4 - 2019-07-10
• 0.18.3 - 2019-07-04
• 0.18.2 - 2019-07-02
• 0.18.1 - 2019-06-30
• 0.18.0 - 2019-06-26
• 0.18.0-next4 - 2019-06-23
• 0.18.0-next2 - 2019-06-19
• 0.18.0-next1 - 2019-06-17
• 0.17.6 - 2019-06-13
• 0.17.5 - 2019-06-08
• 0.17.4 - 2019-06-08
• 0.17.3 - 2019-06-02
• 0.17.2 - 2019-06-01
• 0.17.1 - 2019-05-31
• 0.17.1-next - 2019-05-30
• 0.17.0 - 2019-05-28
• 0.17.0-next6 - 2019-05-27
• 0.17.0-next5 - 2019-05-22
• 0.17.0-next4 - 2019-05-19
• 0.17.0-next2 - 2019-05-16
• 0.17.0-next - 2019-05-13
• 0.16.6-oracle-fix - 2019-04-12
• 0.16.5 - 2019-04-11
• 0.16.4 - 2019-04-11
• 0.16.4-next2 - 2019-03-13
• 0.16.4-next1 - 2019-01-31
• 0.16.3 - 2018-12-19
• 0.16.2 - 2018-12-10
• 0.16.1 - 2018-12-09
• 0.16.1-next2 - 2018-12-05
• 0.16.1-next1 - 2018-12-03
• 0.16.0-next5 - 2018-11-23
• 0.16.0-next4 - 2018-11-21
• 0.16.0-next3 - 2018-09-26
• 0.16.0-next2 - 2018-09-26
• 0.16.0-next1 - 2018-09-18
• 0.15.2 - 2018-07-19
• 0.15.1 - 2018-07-13
• 0.15.0 - 2018-07-01
• 0.14.6 - 2018-04-12
• 0.14.5 - 2018-04-08
• 0.14.4 - 2018-02-19
• 0.14.3 - 2018-02-08
• 0.14.2 - 2017-11-24
• 0.14.1 - 2017-11-19
• 0.14.0 - 2017-11-06
• 0.13.0 - 2017-04-29
• 0.12.9 - 2017-03-23
• 0.12.8 - 2017-03-15
• 0.12.7 - 2017-02-16
• 0.12.6 - 2016-10-19
• 0.12.5 - 2016-10-12
• 0.12.4 - 2016-10-12
• 0.12.3 - 2016-10-09
• 0.12.2 - 2016-09-27
• 0.12.1 - 2016-09-16
• 0.12.0 - 2016-09-13
• 0.11.10 - 2016-08-09
• 0.11.9 - 2016-07-21
• 0.11.8 - 2016-07-21
• 0.11.7 - 2016-06-19
• 0.11.6 - 2016-06-19
• 0.11.5 - 2016-05-26
• 0.11.4 - 2016-05-22
• 0.11.3 - 2016-05-14
• 0.11.2 - 2016-05-14
• 0.11.1 - 2016-05-06
• 0.11.0 - 2016-05-05
• 0.10.0 - 2016-02-15
• 0.10.0-rc1 - 2016-02-08
• 0.9.0 - 2015-11-02
• 0.8.6 - 2015-05-20
• 0.8.5 - 2015-05-14
• 0.8.4 - 2015-05-13
• 0.8.3 - 2015-05-02
• 0.8.2 - 2015-05-01
• 0.8.1 - 2015-05-01
• 0.8.0 - 2015-04-30
• 0.7.6 - 2015-03-13
• 0.7.5 - 2015-03-10
• 0.7.4 - 2015-02-25
• 0.7.3 - 2014-10-03

from knex GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs