[Snyk] Upgrade mysql2 from 2.3.3 to 3.10.1

[q1blue]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade mysql2 from 2.3.3 to 3.10.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 47 versions ahead of your current version.

• The recommended version was released on 21 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-MYSQL2-6861580	264	Proof of Concept
	Prototype Poisoning SNYK-JS-MYSQL2-6591084	264	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-MYSQL2-6591085	264	Proof of Concept
	Improper Input Validation SNYK-JS-MYSQL2-6591300	264	Proof of Concept
	Arbitrary Code Injection SNYK-JS-MYSQL2-6670046	264	Proof of Concept

Release notes

Package name: mysql2

• 3.10.1 - 2024-06-13
  

  3.10.1 (2024-06-13)

  Bug Fixes

  • setMaxParserCache throws TypeError (#2757) (aa8604a)
• 3.10.0 - 2024-05-30
  

  3.10.0 (2024-05-30)

  Features

  • add jsonStrings option (#2642) (9820fe5)

  Bug Fixes

  • stream: reads should emit the dataset number for each dataset (#2496, #2628) (4dab4ca)
• 3.9.9 - 2024-05-29
  

  3.9.9 (2024-05-29)

  Bug Fixes

  • connection config: remove keepAliveInitialDelay default value (#2712) (688ebab)
• 3.9.8 - 2024-05-26
  

  3.9.8 (2024-05-26)

  Bug Fixes

  • security: sanitize fields and tables when using nestTables (#2702) (efe3db5)
  • support deno + caching_sha2_password FULL_AUTHENTICATION_PACKET flow (#2704) (2e03694)
  • typings: typo from jonServerPublicKey to onServerPublicKey (#2699) (8b5f691)
• 3.9.7 - 2024-04-21
  

  3.9.7 (2024-04-21)

  Bug Fixes

  • security: sanitize timezone parameter value to prevent code injection - report by zhaoyudi (Nebulalab) (#2608) (7d4b098)
• 3.9.6 - 2024-04-18
  

  3.9.6 (2024-04-18)

  Bug Fixes

  • binary parser sometimes reads out of packet bounds when results contain null and typecast is false (#2601) (705835d)
• 3.9.5 - 2024-04-17
  

  3.9.5 (2024-04-17)

  Bug Fixes

  • revert breaking change in results creation (#2591) (f7c60d0)
• 3.9.4 - 2024-04-09
  

  3.9.4 (2024-04-09)

  Bug Fixes

  • SSL: separate each certificate into an individual item #2542 (63f1055)
  • security: improve supportBigNumbers and bigNumberStrings sanitization (#2572) (74abf9e)
    • Fixes a potential RCE attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab
  • security: improve results object creation (#2574) (4a964a3)
    • Fixes a potential Prototype Pollution attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab
  • docs: improve the contribution guidelines (#2552) (8a818ce)
• 3.9.3 - 2024-03-26
  

  3.9.3 (2024-03-26)

  Bug Fixes

  • security: improve cache key formation (#2424) (0d54b0c)
    • Fixes a potential parser cache poisoning attack vulnerability reported by Vsevolod Kokorin (Slonser) of Solidlab
  • update Amazon RDS SSL CA cert (#2131) (d9dccfd)
• 3.9.2 - 2024-02-26
  

  3.9.2 (2024-02-26)

  Bug Fixes

  • stream: premature close when it is paused (#2416) (7c6bc64)
  • types: expose TypeCast types (#2425) (336a7f1)
• 3.9.1 - 2024-01-29
• 3.9.0 - 2024-01-26
• 3.8.0 - 2024-01-23
• 3.7.1 - 2024-01-17
• 3.7.0 - 2024-01-07
• 3.6.5 - 2023-11-22
• 3.6.4 - 2023-11-21
• 3.6.3 - 2023-11-03
• 3.6.2 - 2023-10-15
• 3.6.1 - 2023-09-09
• 3.6.0 - 2023-08-04
• 3.5.2 - 2023-07-17
• 3.5.1 - 2023-07-10
• 3.5.0 - 2023-07-06
• 3.4.5 - 2023-07-05
• 3.4.4 - 2023-07-04
• 3.4.3 - 2023-06-30
• 3.4.2 - 2023-06-26
• 3.4.1 - 2023-06-24
• 3.4.0 - 2023-06-19
• 3.3.5 - 2023-06-13
• 3.3.4 - 2023-06-11
• 3.3.3 - 2023-05-27
• 3.3.2 - 2023-05-23
• 3.3.1 - 2023-05-11
• 3.3.0 - 2023-05-06
• 3.2.4 - 2023-04-25
• 3.2.3 - 2023-04-16
• 3.2.2 - 2023-04-16
• 3.2.1 - 2023-04-13
• 3.2.0 - 2023-03-03
• 3.1.2 - 2023-02-08
• 3.1.1 - 2023-02-07
• 3.1.0 - 2023-01-30
• 3.0.1 - 2023-01-13
• 3.0.0 - 2023-01-12
• 3.0.0-rc.1 - 2022-11-06
• 2.3.3 - 2021-11-14

from mysql2 GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[changeset-bot]

⚠️ No Changeset found

Latest commit: 8e78a90

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR