chore(deps): bump typeorm from 0.3.18 to 0.3.27

[dependabot]

Bumps typeorm from 0.3.18 to 0.3.27.

Release notes

Sourced from typeorm's releases.

0.3.27

Note: This release reverts a fix from 0.3.26 (#11114) because it introduced a regression in certain cases.

Once a fix can be provided which does not have this regression, it will be released in a future patch.

What's Changed

• perf: Cache package.json location between getNearestPackageJson invocations by @​rutkowskib in typeorm/typeorm#11580
• feat: allow VirtualColumns to be initially non-selectable by @​alumni in typeorm/typeorm#11586
• build(deps): bump sha.js from 2.4.11 to 2.4.12 in /sample/playground by @​dependabot[bot] in typeorm/typeorm#11617
• Add @​signalwire/docusaurus-plugin-llms-txt to TypeORM documentation by @​Copilot in typeorm/typeorm#11622
• fix: Add package.json exports for react-native by @​macksal in typeorm/typeorm#11623
• fix(query-builder): don't use lazy count when offset exceeds total in getManyAndCount by @​jeremyteyssedre in typeorm/typeorm#11634
• chore: bump sha.js from 2.4.11 to 2.4.12 (fix security issue: CVE-2025-9288) by @​prateek-hegde in typeorm/typeorm#11639
• docs: fix docs for UpdateDateColumn by @​madhugb in typeorm/typeorm#11572
• build(deps): bump axios from 1.11.0 to 1.12.1 in /docs by @​dependabot[bot] in typeorm/typeorm#11649
• feat(migration): improve JSDoc types in generated migration templates by @​gwythyr in typeorm/typeorm#11490
• fix: update tests to reflect migration template changes by @​sgarner in typeorm/typeorm#11653
• feat(mysql): add support for MySQL 9 / MariaDB 12 by @​alumni in typeorm/typeorm#11575
• ci: add close stale issues GH action by @​gioboa in typeorm/typeorm#11651
• feat: add new undefined and null behavior flags by @​naorpeled in typeorm/typeorm#11332
• feat(postgres): support vector/halfvec data types by @​naorpeled in typeorm/typeorm#11437
• fix: JSON parsing for mysql2 client library (#8319) by @​dlhck in typeorm/typeorm#11659
• Revert #11114 do not create junction table metadata when it already exists by @​michaelbromley in typeorm/typeorm#11660
• chore: Release v0.3.27 by @​michaelbromley in typeorm/typeorm#11661

New Contributors

• @​Copilot made their first contribution in typeorm/typeorm#11622
• @​macksal made their first contribution in typeorm/typeorm#11623
• @​jeremyteyssedre made their first contribution in typeorm/typeorm#11634
• @​prateek-hegde made their first contribution in typeorm/typeorm#11639
• @​madhugb made their first contribution in typeorm/typeorm#11572
• @​gwythyr made their first contribution in typeorm/typeorm#11490

Full Changelog: typeorm/typeorm@0.3.26...0.3.27

0.3.26

Notes:

• When using MySQL, TypeORM now connects using stringifyObjects: true, in order to avoid a potential security vulnerability in the mysql/mysql2 client libraries. You can revert to the old behavior by setting connectionOptions.extra.stringifyObjects = false.
• When using SAP HANA, TypeORM now uses the built-in pool from the @sap/hana-client library. The deprecated hdb-pool is no longer necessary and can be removed. See https://typeorm.io/docs/drivers/sap/#data-source-options for the new pool options.

What's Changed

• chore: Remove manual trigger on publish workflow by @​michaelbromley in typeorm/typeorm#11536
• test(ci): force mocha to exit on stuck process by @​OSA413 in typeorm/typeorm#11538
• fix(oracle): pass duplicated parameters correctly to the client when executing a query by @​alumni in typeorm/typeorm#11537

... (truncated)

Changelog

Sourced from typeorm's changelog.

0.3.27 (2025-09-19)

Bug Fixes

• Add package.json exports for react-native (#11623) (6965fa2)
• JSON parsing for mysql2 client library (#8319) (#11659) (974ead2)
• query-builder: handle empty result set when offset exceeds total (#11634) (1f90467)
• update tests to reflect migration template changes (#11653) (3fac86b)

Features

• add new undefined and null behavior flags (#11332) (96ea431)
• allow VirtualColumns to be initially non-selectable (#11586) (22b26d1)
• migration: improve JSDoc types in generated migration templates (#11490) (fa3cd43)
• mysql: add support for MySQL 9 / MariaDB 12 (#11575) (8b76e1a)
• postgres: support vector/halfvec data types (#11437) (a49f612)

Performance Improvements

• Cache package.json location between getNearestPackageJson invocations (#11580) (b6ffd46), closes #4136

Reverts

• Revert "fix: do not create junction table metadata when it already exists (#11114)" (#11660) (34d8714), closes #11114 #11660

0.3.26 (2025-08-16)

Notes:

• When using MySQL, TypeORM now connects using stringifyObjects: true, in order to avoid a potential security vulnerability in the mysql/mysql2 client libraries. You can revert to the old behavior by setting connectionOptions.extra.stringifyObjects = false.
• When using SAP HANA, TypeORM now uses the built-in pool from the @sap/hana-client library. The deprecated hdb-pool is no longer necessary and can be removed. See https://typeorm.io/docs/drivers/sap/#data-source-options for the new pool options.

Bug Fixes

• add stricter type-checking and improve event loop handling (#11540) (01dddfe)
• do not create junction table metadata when it already exists (#11114) (3c26cf1)
• mysql: set stringifyObjects implicitly (#11574) (d57fe3b)
• mysql: support Alibaba AnalyticDB returning version() column name in getVersion() (#11555) (1737e97)
• oracle: pass duplicated parameters correctly to the client when executing a query (#11537) (f2d2236)
• platform[web worker]: improve globalThis variable retrieval for browser environment (#11495) (ec26eae)
• preserve useIndex when cloning a QueryExpressionMap (or a QueryBuilder) (#10679) (66ee307), closes #10678 #10678

... (truncated)

Commits

• 9ea8577 chore: Release v0.3.27 (#11661)
• 34d8714 Revert "fix: do not create junction table metadata when it already exists (#1...
• 974ead2 fix: JSON parsing for mysql2 client library (#8319) (#11659)
• a49f612 feat(postgres): support vector/halfvec data types (#11437)
• 96ea431 feat: add new undefined and null behavior flags (#11332)
• 93aa5c4 ci: add close stale issues GH action (#11651)
• 8b76e1a feat(mysql): add support for MySQL 9 / MariaDB 12 (#11575)
• 3fac86b fix: update tests to reflect migration template changes (#11653)
• fa3cd43 feat(migration): improve JSDoc types in generated migration templates (#11490)
• 6e92aad build(deps): bump axios from 1.11.0 to 1.12.1 in /docs (#11649)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by michaelbromley, a new releaser for typeorm since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.