keystonejs/keystone 2023-03-02

02 March 2023

on GitHub

The following packages have been updated

@keystone-6/core@5.1.0

New Features

• [core] Updates Prisma to v4.11.0 (#7964) @renovate

Bug Fixes

• [core] Removes outdated Prisma prismaClient.$on('beforeExit'... work-around that blocked Prisma Data Proxy support (#8347) @borisno2
• [core] Updates image-size to 5.0.0 to mitigate CVE-2022-36313 (#8304) @dcousens
• [core] Fixes keystone start --with-migrations exiting after a migration (#8354) @acburdine
• [core] Fixes Typescript types to use never for omitted types (#8355) @acburdine
• [core] Fixes list-level graphql.omit syntax to match the field-level graphql.omit (#8352) @acburdine

🚨 Security Updates

We have identified and fixed an upstream security vulnerability

• CVE-2022-36313 - An upstream transitive dependency file-type is vulnerable to a ReDoS. We have upgraded to a version of file-type where this is resolved.

🌱 New Contributors

Thanks to the following developers for making their first contributions to the project!

• @stall84 (#8335)

💙 Acknowledgements

Lastly, thanks to @borisno2 (#8344), @dcousens (#8348,#8348,#8358,#8343,#8337,#8336), @renovate (#7553,#8340,#8235,#8341) for changes not shown above, but none-the-less appreciated.