@mikro-orm/core
Advanced tools
@mikro-orm/core - npm Package Compare versions
+1
-1
| { | ||
| "name": "@mikro-orm/core", | ||
| "version": "7.0.18-dev.3", | ||
| "version": "7.0.18-dev.4", | ||
| "description": "TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Supports MongoDB, MySQL, PostgreSQL and SQLite databases as well as usage with vanilla JavaScript.", | ||
@@ -5,0 +5,0 @@ "keywords": [ |
@@ -391,2 +391,10 @@ import { Collection } from '../entity/Collection.js'; | ||
| } | ||
| // inlined pivot M:N (mongo): we can't scrub references from owning-side documents we haven't loaded | ||
| if (prop.kind === ReferenceKind.MANY_TO_MANY && | ||
| prop.mappedBy && | ||
| !this.#platform.usesPivotTable() && | ||
| Utils.isCollection(relation) && | ||
| !relation.isInitialized()) { | ||
| throw ValidationError.cannotModifyInverseCollection(entity, prop); | ||
| } | ||
| const target = relation?.[inverseProp]; | ||
@@ -393,0 +401,0 @@ if (relation && Utils.isCollection(target)) { |
+1
-1
@@ -144,3 +144,3 @@ import { clone } from './clone.js'; | ||
| static PK_SEPARATOR = '~~~'; | ||
| static #ORM_VERSION = '7.0.18-dev.3'; | ||
| static #ORM_VERSION = '7.0.18-dev.4'; | ||
| /** | ||
@@ -147,0 +147,0 @@ * Checks if the argument is instance of `Object`. Returns false for arrays. |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
AI-detected potential code anomaly
Supply chain riskAI has identified unusual behaviors that may pose a security risk.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
1551646
0.03%- Lines of code
33301
0.02%Worsened metrics
- Number of low supply chain risk alerts
131
0.77%