Skip to content

Bump mysql2 from 3.14.5 to 3.17.4#170

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/mysql2-3.17.4
Closed

Bump mysql2 from 3.14.5 to 3.17.4#170
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/mysql2-3.17.4

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 22, 2026

Bumps mysql2 from 3.14.5 to 3.17.4.

Release notes

Sourced from mysql2's releases.

v3.17.4

3.17.4 (2026-02-20)

Bug Fixes

v3.17.3

3.17.3 (2026-02-19)

Bug Fixes

  • fix PoolConnection.end callback and promise resolution (#3937) (18ff2c6)

v3.17.2

3.17.2 (2026-02-16)

Bug Fixes

  • format: distinguish delimiters in queries from SQL comments (#4084) (454ba10)
  • pool: discard connection on error 1290 (Aurora read-only failure) (#4075) (9188963)
  • pool: handle all read-only errors during Aurora failover (#4082) (ce98d8e)

v3.17.1

3.17.1 (2026-02-13)

Bug Fixes

  • expand object params after ON DUPLICATE KEY UPDATE preceded by SET (#4076) (4d2b930)

v3.17.0

3.17.0 (2026-02-10)

Bug Fixes

  • security: resolve a potential SQL injection bypass through objects (#4054) (7f133cc)

v3.16.3

3.16.3 (2026-02-03)

Bug Fixes

  • constants: remove unsupported CLIENT_DEPRECATE_EOF flag from constants (#4033) (46c3f60)

v3.16.2

... (truncated)

Changelog

Sourced from mysql2's changelog.

3.17.4 (2026-02-20)

Bug Fixes

3.17.3 (2026-02-19)

Bug Fixes

  • fix PoolConnection.end callback and promise resolution (#3937) (18ff2c6)

3.17.2 (2026-02-16)

Bug Fixes

  • distinguish delimiters in queries from SQL comments (#4084) (454ba10)
  • pool: discard connection on error 1290 (Aurora read-only failure) (#4075) (9188963)
  • pool: handle all read-only errors during Aurora failover (#4082) (ce98d8e)

3.17.1 (2026-02-13)

Bug Fixes

  • expand object params after ON DUPLICATE KEY UPDATE preceded by SET (#4076) (4d2b930)

3.17.0 (2026-02-10)

Bug Fixes

  • security: resolve a potential SQL injection bypass through objects (#4054) (7f133cc)

3.16.3 (2026-02-03)

Bug Fixes

  • constants: remove unsupported CLIENT_DEPRECATE_EOF flag from constants (#4033) (46c3f60)

3.16.2 (2026-01-26)

Bug Fixes

  • types: add missing ConnectionState type to Promise Connection interface (#4034) (2927949)

... (truncated)

Commits
  • 6da0d8c chore(master): release 3.17.4 (#4103)
  • a9c8d09 fix: types for query values (#3985)
  • 40641ee chore: remove legacy tests (#4102)
  • 2b0325b chore(master): release 3.17.3 (#4100)
  • ba6cde3 refactor: improve callback logic from pool (#4101)
  • b5d8b63 build(deps-dev): bump @​types/node from 25.2.3 to 25.3.0 in /website (#4098)
  • 18ff2c6 fix: fix PoolConnection.end callback and promise resolution (#3937)
  • becbc5c chore(deps): replace deprecated eslint-plugin-markdown with recommended `@e...
  • 72f8962 chore: replace seq-queue with simple queue class (#4095)
  • dc804f7 ci: add support for parallel runs (#4094)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump mysql2 from 3.14.5 to 3.17.4
f796c90 
Bumps [mysql2](https://github.com/sidorares/node-mysql2) from 3.14.5 to 3.17.4.
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](sidorares/node-mysql2@v3.14.5...v3.17.4)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-version: 3.17.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 22, 2026
@dependabot dependabot bot mentioned this pull request Feb 22, 2026
Closed
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 1, 2026

Superseded by #173.

@dependabot dependabot bot closed this Mar 1, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/mysql2-3.17.4 branch March 1, 2026 17:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@o0shojo0o o0shojo0o

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@o0shojo0o