From 989c4e77036e1fa9b5c6d7f56b35c270086a2df3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 21 Mar 2021 03:24:07 +0000 Subject: [PATCH 1/4] fix: upgrade pg-promise from 10.9.2 to 10.9.3 Snyk has created this PR to upgrade pg-promise from 10.9.2 to 10.9.3. See this package in npm: https://www.npmjs.com/package/pg-promise See this project in Snyk: https://app.snyk.io/org/acinader/project/8c1a9edb-c8f5-4dc1-b221-4d6030a323eb?utm_source=github&utm_medium=upgrade-pr --- package-lock.json | 72 +++++++++++++++++++++++++++++++++++++++++------ package.json | 2 +- 2 files changed, 65 insertions(+), 9 deletions(-) diff --git a/package-lock.json b/package-lock.json index b2d5145ea3..6c15913860 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3071,8 +3071,6 @@ "version": "1.5.0", "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz", "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==", - "dev": true, - "optional": true, "requires": { "file-uri-to-path": "1.0.0" } @@ -7698,6 +7696,15 @@ "type-check": "~0.3.2" } }, + "libpq": { + "version": "1.8.9", + "resolved": "https://registry.npmjs.org/libpq/-/libpq-1.8.9.tgz", + "integrity": "sha512-herU0STiW3+/XBoYRycKKf49O9hBKK0JbdC2QmvdC5pyCSu8prb9idpn5bUSbxj8XwcEsWPWWWwTDZE9ZTwJ7g==", + "requires": { + "bindings": "1.5.0", + "nan": "^2.14.0" + } + }, "limiter": { "version": "1.1.5", "resolved": "https://registry.npmjs.org/limiter/-/limiter-1.1.5.tgz", @@ -8889,9 +8896,7 @@ "nan": { "version": "2.14.2", "resolved": "https://registry.npmjs.org/nan/-/nan-2.14.2.tgz", - "integrity": "sha512-M2ufzIiINKCuDfBSAUr1vWQ+vuVcA9kqx8JJUsbQi6yf1uGRyb7HfpdfUr5qLXf3B/t8dPvcjhKMmlfnP47EzQ==", - "dev": true, - "optional": true + "integrity": "sha512-M2ufzIiINKCuDfBSAUr1vWQ+vuVcA9kqx8JJUsbQi6yf1uGRyb7HfpdfUr5qLXf3B/t8dPvcjhKMmlfnP47EzQ==" }, "nanomatch": { "version": "1.2.13", @@ -9693,19 +9698,70 @@ } } }, + "pg-native": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/pg-native/-/pg-native-3.0.0.tgz", + "integrity": "sha512-qZZyywXJ8O4lbiIN7mn6vXIow1fd3QZFqzRe+uET/SZIXvCa3HBooXQA4ZU8EQX8Ae6SmaYtDGLp5DwU+8vrfg==", + "requires": { + "libpq": "^1.7.0", + "pg-types": "^1.12.1", + "readable-stream": "1.0.31" + }, + "dependencies": { + "isarray": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", + "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=" + }, + "pg-types": { + "version": "1.13.0", + "resolved": "https://registry.npmjs.org/pg-types/-/pg-types-1.13.0.tgz", + "integrity": "sha512-lfKli0Gkl/+za/+b6lzENajczwZHc7D5kiUCZfgm914jipD2kIOIvEkAhZ8GrW3/TUoP9w8FHjwpPObBye5KQQ==", + "requires": { + "pg-int8": "1.0.1", + "postgres-array": "~1.0.0", + "postgres-bytea": "~1.0.0", + "postgres-date": "~1.0.0", + "postgres-interval": "^1.1.0" + } + }, + "postgres-array": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/postgres-array/-/postgres-array-1.0.3.tgz", + "integrity": "sha512-5wClXrAP0+78mcsNX3/ithQ5exKvCyK5lr5NEEEeGwwM6NJdQgzIJBVxLvRW+huFpX92F2QnZ5CcokH0VhK2qQ==" + }, + "readable-stream": { + "version": "1.0.31", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.31.tgz", + "integrity": "sha1-jyUC4LyeOw2huUUgqrtOJgPsr64=", + "requires": { + "core-util-is": "~1.0.0", + "inherits": "~2.0.1", + "isarray": "0.0.1", + "string_decoder": "~0.10.x" + } + }, + "string_decoder": { + "version": "0.10.31", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", + "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" + } + } + }, "pg-pool": { "version": "3.2.2", "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.2.2.tgz", "integrity": "sha512-ORJoFxAlmmros8igi608iVEbQNNZlp89diFVx6yV5v+ehmpMY9sK6QgpmgoXbmkNaBAx8cOOZh9g80kJv1ooyA==" }, "pg-promise": { - "version": "10.9.2", - "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-10.9.2.tgz", - "integrity": "sha512-ewelfzZeSPe5sbgd5ylB6edVXqoD8AH/fqZj4wPLL0242vXtkFY3JuUqt3mfvTruOqZHhoINpoXTfmC9UXbZ7A==", + "version": "10.9.3", + "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-10.9.3.tgz", + "integrity": "sha512-/9ecQYDzGYboef3J/nbtywfNqRGskdxLkqUvd4fITS1FIQrzg6BIH8sXVQaDqm/5p8pLy/7lUQegH+Qg4nXG5A==", "requires": { "assert-options": "0.7.0", "pg": "8.5.1", "pg-minify": "1.6.2", + "pg-native": "^3.0.0", "spex": "3.2.0" } }, diff --git a/package.json b/package.json index 96f589c55b..ec2373ffb4 100644 --- a/package.json +++ b/package.json @@ -51,7 +51,7 @@ "mustache": "4.1.0", "parse": "3.1.0", "pg-monitor": "1.4.1", - "pg-promise": "10.9.2", + "pg-promise": "10.9.3", "pluralize": "8.0.0", "redis": "3.0.2", "semver": "7.3.4", From 4160cc0dc506a3e0acac2279597e4fc2d7a34dd2 Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Thu, 29 Apr 2021 10:06:14 -0500 Subject: [PATCH 2/4] bump pg-promise to 10.10.1 --- package-lock.json | 90 ++++--------------- package.json | 2 +- .../Postgres/PostgresStorageAdapter.js | 2 +- 3 files changed, 19 insertions(+), 75 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6c15913860..caec9a61ff 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3071,6 +3071,8 @@ "version": "1.5.0", "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz", "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==", + "dev": true, + "optional": true, "requires": { "file-uri-to-path": "1.0.0" } @@ -7696,15 +7698,6 @@ "type-check": "~0.3.2" } }, - "libpq": { - "version": "1.8.9", - "resolved": "https://registry.npmjs.org/libpq/-/libpq-1.8.9.tgz", - "integrity": "sha512-herU0STiW3+/XBoYRycKKf49O9hBKK0JbdC2QmvdC5pyCSu8prb9idpn5bUSbxj8XwcEsWPWWWwTDZE9ZTwJ7g==", - "requires": { - "bindings": "1.5.0", - "nan": "^2.14.0" - } - }, "limiter": { "version": "1.1.5", "resolved": "https://registry.npmjs.org/limiter/-/limiter-1.1.5.tgz", @@ -8896,7 +8889,9 @@ "nan": { "version": "2.14.2", "resolved": "https://registry.npmjs.org/nan/-/nan-2.14.2.tgz", - "integrity": "sha512-M2ufzIiINKCuDfBSAUr1vWQ+vuVcA9kqx8JJUsbQi6yf1uGRyb7HfpdfUr5qLXf3B/t8dPvcjhKMmlfnP47EzQ==" + "integrity": "sha512-M2ufzIiINKCuDfBSAUr1vWQ+vuVcA9kqx8JJUsbQi6yf1uGRyb7HfpdfUr5qLXf3B/t8dPvcjhKMmlfnP47EzQ==", + "dev": true, + "optional": true }, "nanomatch": { "version": "1.2.13", @@ -9616,9 +9611,9 @@ } }, "pg-connection-string": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/pg-connection-string/-/pg-connection-string-2.4.0.tgz", - "integrity": "sha512-3iBXuv7XKvxeMrIgym7njT+HlZkwZqqGX4Bu9cci8xHZNT+Um1gWKqCsAzcC0d95rcKMU5WBg6YRUcHyV0HZKQ==" + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/pg-connection-string/-/pg-connection-string-2.5.0.tgz", + "integrity": "sha512-r5o/V/ORTA6TmUnyWZR9nCj1klXCO2CEKNRlVuJptZe85QuhFayC7WeMic7ndayT5IRIR0S0xFxFi2ousartlQ==" }, "pg-int8": { "version": "1.0.1", @@ -9698,77 +9693,26 @@ } } }, - "pg-native": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/pg-native/-/pg-native-3.0.0.tgz", - "integrity": "sha512-qZZyywXJ8O4lbiIN7mn6vXIow1fd3QZFqzRe+uET/SZIXvCa3HBooXQA4ZU8EQX8Ae6SmaYtDGLp5DwU+8vrfg==", - "requires": { - "libpq": "^1.7.0", - "pg-types": "^1.12.1", - "readable-stream": "1.0.31" - }, - "dependencies": { - "isarray": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz", - "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8=" - }, - "pg-types": { - "version": "1.13.0", - "resolved": "https://registry.npmjs.org/pg-types/-/pg-types-1.13.0.tgz", - "integrity": "sha512-lfKli0Gkl/+za/+b6lzENajczwZHc7D5kiUCZfgm914jipD2kIOIvEkAhZ8GrW3/TUoP9w8FHjwpPObBye5KQQ==", - "requires": { - "pg-int8": "1.0.1", - "postgres-array": "~1.0.0", - "postgres-bytea": "~1.0.0", - "postgres-date": "~1.0.0", - "postgres-interval": "^1.1.0" - } - }, - "postgres-array": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/postgres-array/-/postgres-array-1.0.3.tgz", - "integrity": "sha512-5wClXrAP0+78mcsNX3/ithQ5exKvCyK5lr5NEEEeGwwM6NJdQgzIJBVxLvRW+huFpX92F2QnZ5CcokH0VhK2qQ==" - }, - "readable-stream": { - "version": "1.0.31", - "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.31.tgz", - "integrity": "sha1-jyUC4LyeOw2huUUgqrtOJgPsr64=", - "requires": { - "core-util-is": "~1.0.0", - "inherits": "~2.0.1", - "isarray": "0.0.1", - "string_decoder": "~0.10.x" - } - }, - "string_decoder": { - "version": "0.10.31", - "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz", - "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=" - } - } - }, "pg-pool": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.2.2.tgz", - "integrity": "sha512-ORJoFxAlmmros8igi608iVEbQNNZlp89diFVx6yV5v+ehmpMY9sK6QgpmgoXbmkNaBAx8cOOZh9g80kJv1ooyA==" + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/pg-pool/-/pg-pool-3.3.0.tgz", + "integrity": "sha512-0O5huCql8/D6PIRFAlmccjphLYWC+JIzvUhSzXSpGaf+tjTZc4nn+Lr7mLXBbFJfvwbP0ywDv73EiaBsxn7zdg==" }, "pg-promise": { - "version": "10.9.3", - "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-10.9.3.tgz", - "integrity": "sha512-/9ecQYDzGYboef3J/nbtywfNqRGskdxLkqUvd4fITS1FIQrzg6BIH8sXVQaDqm/5p8pLy/7lUQegH+Qg4nXG5A==", + "version": "10.10.1", + "resolved": "https://registry.npmjs.org/pg-promise/-/pg-promise-10.10.1.tgz", + "integrity": "sha512-sopmuOr2PrUNh3XI0Y15ssmjcwhZnGHyGYwuDDmWFnBydq7lvrhTMBI3hefAp3YMx07+HSXfSpJse9z5vC4bsw==", "requires": { "assert-options": "0.7.0", "pg": "8.5.1", "pg-minify": "1.6.2", - "pg-native": "^3.0.0", "spex": "3.2.0" } }, "pg-protocol": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/pg-protocol/-/pg-protocol-1.4.0.tgz", - "integrity": "sha512-El+aXWcwG/8wuFICMQjM5ZSAm6OWiJicFdNYo+VY3QP+8vI4SvLIWVe51PppTzMhikUJR+PsyIFKqfdXPz/yxA==" + "version": "1.5.0", + "resolved": "https://registry.npmjs.org/pg-protocol/-/pg-protocol-1.5.0.tgz", + "integrity": "sha512-muRttij7H8TqRNu/DxrAJQITO4Ac7RmX3Klyr/9mJEOBeIpgnF8f9jAfRz5d3XwQZl5qBjF9gLsUtMPJE0vezQ==" }, "pg-types": { "version": "2.2.0", diff --git a/package.json b/package.json index ec2373ffb4..88740c5627 100644 --- a/package.json +++ b/package.json @@ -51,7 +51,7 @@ "mustache": "4.1.0", "parse": "3.1.0", "pg-monitor": "1.4.1", - "pg-promise": "10.9.3", + "pg-promise": "10.10.1", "pluralize": "8.0.0", "redis": "3.0.2", "semver": "7.3.4", diff --git a/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js b/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js index b653ab4806..750e60fcad 100644 --- a/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js +++ b/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js @@ -1056,7 +1056,7 @@ export class PostgresStorageAdapter implements StorageAdapter { conn = conn || this._client; const self = this; - await conn.tx('schema-upgrade', async t => { + await conn.task('schema-upgrade', async t => { const columns = await t.map( 'SELECT column_name FROM information_schema.columns WHERE table_name = $', { className }, From e9d5235708ea59c87cecdad381db7d3f7c466076 Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Thu, 29 Apr 2021 11:02:01 -0500 Subject: [PATCH 3/4] fix add field if not exists --- src/Adapters/Storage/Postgres/PostgresStorageAdapter.js | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js b/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js index 750e60fcad..b9a943b793 100644 --- a/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js +++ b/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js @@ -1072,12 +1072,11 @@ export class PostgresStorageAdapter implements StorageAdapter { }); } - async addFieldIfNotExists(className: string, fieldName: string, type: any, conn: any) { + async addFieldIfNotExists(className: string, fieldName: string, type: any) { // TODO: Must be revised for invalid logic... debug('addFieldIfNotExists'); - conn = conn || this._client; const self = this; - await conn.tx('add-field-if-not-exists', async t => { + await this._client.tx('add-field-if-not-exists', async t => { if (type.type !== 'Relation') { try { await t.none( From 47ebd6b44364b0fbc612a17f3b4119299a5ed523 Mon Sep 17 00:00:00 2001 From: Diamond Lewis Date: Thu, 29 Apr 2021 11:06:07 -0500 Subject: [PATCH 4/4] lint --- src/Adapters/Storage/Postgres/PostgresStorageAdapter.js | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js b/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js index b9a943b793..5d0e211ab4 100644 --- a/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js +++ b/src/Adapters/Storage/Postgres/PostgresStorageAdapter.js @@ -1064,9 +1064,7 @@ export class PostgresStorageAdapter implements StorageAdapter { ); const newColumns = Object.keys(schema.fields) .filter(item => columns.indexOf(item) === -1) - .map(fieldName => - self.addFieldIfNotExists(className, fieldName, schema.fields[fieldName], t) - ); + .map(fieldName => self.addFieldIfNotExists(className, fieldName, schema.fields[fieldName])); await t.batch(newColumns); });