Bump doctrine/dbal from 3.1.1 to 3.1.4 #154

dependabot · 2021-11-16T17:44:30Z

Bumps doctrine/dbal from 3.1.1 to 3.1.4.

Release notes

Sourced from doctrine/dbal's releases.

3.1.4

Release 3.1.4

SECURITY RELEASE: All users are advised to upgrade when using doctrine/dbal 3.0.0 - 3.1.3 due to a critical SQL injection that was fixed: GHSA-r7cj-8hjg-x622

3.1.4

Total issues resolved: 6

Total pull requests resolved: 20

Total contributors: 13

Bug,oci8

4995: Fix getServerVersion for OCI8 when assertions are disabled thanks to @derrabus and @SylvainSimonGPA

Connections,Test Suite

4991: Optimize sharing test connection thanks to @morozov

Bug,QueryBuilder

4984: Cast LIMIT and OFFSET to int when building limit query thanks to @morozov

Bug,Prepared Statements,Regression,SQL Parser

4980: DBAL 3.1: Array parameter conversion does not work with long SQL queries thanks to @AlexeyKosov

Documentation

4979: Remove unwanted colon in code samples thanks to @greg0ire

[4947: [Docs] Removing paragraph about PDO similarity](doctrine/dbal#4947) thanks to @ThomasLandauer

4931: Fixes spelling error discovered via textlint thanks to @raphaelstolt

Bug,MySQL,Schema Introspection

4978: Use correct column order for composite foreign keys thanks to @AndreasA

CI

4942: Do not mark issues as stale thanks to @morozov

Bug,Connections,Test Suite,pdo_oci

... (truncated)

Commits

821b4f0 Merge pull request #4995 from derrabus/bugfix/oci8-server-version
f804b21 Fix getServerVersion for OCI8 when assertions are disabled
fa27901 Merge pull request #4991 from morozov/optimize-sharing-test-connection
8fb8105 Close the non-shared connection instead of marking it non-reusable
06f5925 Optimize sharing test connection
10df50f Merge pull request #4978 from AndreasA/bugfix/4971
1b768e9 Use correct column order for composite foreign keys
4c63afa Merge branch '2.13.x' into 3.1.x
483a518 Merge pull request #4984 from morozov/cast-limit-offset-to-int
0ae1aa5 Bump to 2.13.6
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language