chore(deps): bump xml2js, body-parser-xml and typeorm

[dependabot]

Bumps xml2js to 0.5.0 and updates ancestor dependencies xml2js, body-parser-xml and typeorm. These dependencies need to be updated together.

Updates xml2js from 0.4.23 to 0.5.0

Commits

• See full diff in compare view

Updates body-parser-xml from 2.0.0 to 2.0.5

Release notes

Sourced from body-parser-xml's releases.

v2.0.5

Fixed

• Downgraded mocha from v10 to v8 so that tests still work when run against node 10.

v2.0.4

Updated

• Update xml2js dependency to fix a reported vulnerability.
• Update other dependencies and test against node 18.

v2.0.3

Fixed

• Fixed prototype pollution vulnerability #69 - thanks to @​yadhukrishnam for disclosing and fixing

v2.0.2

Added

• Official support for node 16.

v2.0.1

Updated

• Update dependencies and test against node 14.

Changelog

Sourced from body-parser-xml's changelog.

[2.0.5] - 2023-04-11

Fixed

• Downgraded mocha from v10 to v8 so that tests still work when run against node 10.

[2.0.4] - 2023-04-11

Updated

• Update xml2js dependency to fix a reported vulnerability.
• Update other dependencies and test against node 18.

[2.0.3] - 2021-05-19

Fixed

• Fixed prototype pollution vulnerability #69 - thanks to @​yadhukrishnam for disclosing and fixing

[2.0.2] - 2021-05-11

Added

• Official support for node 16.

[2.0.1] - 2020-12-02

Updated

• Update dependencies and test against node 14.

Commits

• 467ba72 v2.0.5
• 81eb9ba Downgrade mocha to continue supporting node 10 for test harness
• 23a2bce v2.0.4
• 0a2ee31 Updated license copyright year
• c551647 Test against node 18
• 1c528f0 Update dependencies
• 967558b Merge pull request #173 from sebdec/master
• 6dc820c update xml2js dependency
• 85a8334 v2.0.3
• d46ca62 Fix prototype pollution vulnerability
• Additional commits viewable in compare view

Updates typeorm from 0.2.25 to 0.3.17

Release notes

Sourced from typeorm's releases.

0.3.17

Bug Fixes

• #10040 TypeORM synchronize database even if it is up to date (#10041) (b1a3a39)
• add missing await (#10084) (f5d4397)

0.3.16

0.3.16 (2023-05-09)

Bug Fixes

• add trustServerCertificate option to SqlServerConnectionOptions (#9985) (0305805), closes #8093
• add directConnection options to MongoDB connection (#9955) (e0165e7)
• add onDelete option validation for oracle (#9786) (938f94b), closes #9189
• added instanceName to options (#9968) (7c5627f)
• added transaction retry logic in cockroachdb (#10032) (607d6f9)
• allow json as alias for longtext mariadb (#10018) (2a2bb4b)
• convert the join table ID to the referenceColumn ID type (#9887) (9460296)
• correct encode mongodb auth credentials (#10024) (96b7ee4), closes #9885
• create correct children during cascade saving entities with STI (#9034) (06c1e98), closes #7758 #7758 #9033 #9033 #7758 #7758
• express option bug in init command (#10022) (5be20e2)
• for running cli-ts-node-esm use exit code from child process (#10030) (a188b1d), closes #10029
• mongodb typings breaks the browser version (#9962) (99bef49), closes #9959
• RelationIdLoader has access to queryPlanner when wrapped in transaction (#9990) (21a9d67), closes #9988
• resolve duplicate subscriber updated columns (#9958) (3d67901), closes #9948
• select + addOrderBy broke in 0.3.14 (#9961) (0e56f0f), closes #9960
• support More/LessThanOrEqual in relations (#9978) (8795c86)

Features

• mariadb uuid inet4 inet6 column data type support (#9845) (d8a2e37)

Reverts

• "refactor: remove date-fns package (#9634)" (54f4f89)

0.3.15

Bug Fixes

• make cache optional fields optional (#9942) (159c60a)
• prevent unique index identical to primary key (all sql dialects) (#9940) (51eecc2)
• SelectQueryBuilder builds incorrectly escaped alias in Oracle when used on entity with composite key (#9668) (83c6c0e)

Features

• support for the latest mongodb v5 (#9925) (f6a3ce7), closes #7907 #7907

0.3.14

Bug Fixes

... (truncated)

Changelog

Sourced from typeorm's changelog.

0.3.17 (2023-06-20)

Bug Fixes

• #10040 TypeORM synchronize database even if it is up to date (#10041) (b1a3a39)
• add missing await (#10084) (f5d4397)

0.3.16 (2023-05-09)

Bug Fixes

• add trustServerCertificate option to SqlServerConnectionOptions (#9985) (0305805), closes #8093
• add directConnection options to MongoDB connection (#9955) (e0165e7)
• add onDelete option validation for oracle (#9786) (938f94b), closes #9189
• added instanceName to options (#9968) (7c5627f)
• added transaction retry logic in cockroachdb (#10032) (607d6f9)
• allow json as alias for longtext mariadb (#10018) (2a2bb4b)
• convert the join table ID to the referenceColumn ID type (#9887) (9460296)
• correct encode mongodb auth credentials (#10024) (96b7ee4), closes #9885
• create correct children during cascade saving entities with STI (#9034) (06c1e98), closes #7758 #7758 #9033 #9033 #7758 #7758
• express option bug in init command (#10022) (5be20e2)
• for running cli-ts-node-esm use exit code from child process (#10030) (a188b1d), closes #10029
• mongodb typings breaks the browser version (#9962) (99bef49), closes #9959
• RelationIdLoader has access to queryPlanner when wrapped in transaction (#9990) (21a9d67), closes #9988
• resolve duplicate subscriber updated columns (#9958) (3d67901), closes #9948
• select + addOrderBy broke in 0.3.14 (#9961) (0e56f0f), closes #9960
• support More/LessThanOrEqual in relations (#9978) (8795c86)

Features

• mariadb uuid inet4 inet6 column data type support (#9845) (d8a2e37)

Reverts

• "refactor: remove date-fns package (#9634)" (54f4f89)

0.3.15 (2023-04-15)

Bug Fixes

• make cache optional fields optional (#9942) (159c60a)
• prevent unique index identical to primary key (all sql dialects) (#9940) (51eecc2)
• SelectQueryBuilder builds incorrectly escaped alias in Oracle when used on entity with composite key (#9668) (83c6c0e)

Features

• support for the latest mongodb v5 (#9925) (f6a3ce7), closes #7907 #7907

0.3.14 (2023-04-09)

... (truncated)

Commits

• a909d5b version bump
• b1a3a39 fix: #10040 TypeORM synchronize database even if it is up to date (#10041)
• 7108cc6 chore: use new CircleCI convenience images (#10101)
• f5d4397 fix: add missing await (#10084)
• d4607a8 test: fix test from #9034 with STI for Oracle (#10037)
• abb9079 version bump
• 607d6f9 fix: added transaction retry logic in cockroachdb (#10032)
• 8795c86 fix: support More/LessThanOrEqual in relations (#9978)
• 06c1e98 fix: create correct children during cascade saving entities with STI (#9034)
• 96b7ee4 fix: correct encode mongodb auth credentials (#10024)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.