[Snyk] Upgrade pocketbase from 0.10.0 to 0.21.4

[kanchansapkota27]

Snyk has created this PR to upgrade pocketbase from 0.10.0 to 0.21.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 50 versions ahead of your current version.

• The recommended version was released on a month ago.

Release notes

Package name: pocketbase

• 0.21.4 - 2024-07-27
  
  • Fixed the requestKey handling in authWithOAuth2({...}) to allow manually cancelling the entire OAuth2 pending request flow using pb.cancelRequest(requestKey).
    Due to the window.close caveats note that the OAuth2 popup window may still remain open depending on which stage of the OAuth2 flow the cancellation has been invoked.
• 0.21.3 - 2024-05-31
  
  • Enforce temporary the atob polyfill for ReactNative until Expo 51+ and React Native v0.74+ atob fix get released.
    This should fix the recently reported issues with pb.authStore.isValid always returning false on Android and iOS.
• 0.21.2 - 2024-04-21
  
  • Exported HealthService types (#289).
• 0.21.1 - 2024-02-03
  

  • Manually update the verified state of the current matching AuthStore model on successful "confirm-verification" call.

  • Manually clear the current matching AuthStore on "confirm-email-change" call because previous tokens are always invalidated.

  • Fixed the fetch mock tests to check also the sent body param values.

  • Formatted the source code with prettier.

• 0.21.0 - 2024-01-24
  

  ⚠️ This release works only with PocketBase v0.21.0+ due to changes of how the multipart/form-data body is handled.

  • Properly sent json body with multipart/form-data requests.
    This should fix the edge cases mentioned in the v0.20.3 release.

  • Gracefully handle OAuth2 redirect error with the authWithOAuth2() call.

• 0.20.3 - 2024-01-14
  

  • Partial and temporary workaround for the auto application/json -> multipart/form-data request serialization of a json field when a Blob/File is found in the request body (#274).

    The "fix" is partial because there are still 2 edge cases that are not handled - when a json field value is empty array (eg. []) or array of strings (eg. ["a","b"]).
    The reason for this is because the SDK doesn't have information about the field types and doesn't know which field is a json or an arrayable select, file or relation, so it can't serialize it properly on its own as FormData string value.

    If you are having troubles with persisting json values as part of a multipart/form-data request the easiest fix for now is to manually stringify the json field value:

    await pb.collection("example").create({
      // having a Blob/File as object value will convert the request to multipart/form-data
      "someFileField": new Blob([123]),
      "someJsonField": JSON.stringify(["a","b","c"]),
    })

    A proper fix for this will be implemented with PocketBase v0.21.0 where we'll have support for a special @ jsonPayload multipart body key, which will allow us to submit mixed multipart/form-data content (kindof similar to the multipart/mixed MIME).

• 0.20.2 - 2024-01-11
  

  • Throw 404 error for getOne("") when invoked with empty id (#271).

  • Added @ throw {ClientResponseError} jsdoc annotation to the regular request methods (#262).

• 0.20.1 - 2023-12-11
  
  • Propagate the PB_CONNECT EventSource message to allow listening to the realtime connect/reconnect events.

    pb.realtime.subscribe("PB_CONNECT", (e) => {
      console.log(e.clientId);
    })

• 0.20.0 - 2023-12-10
  

  • Added expand, filter, fields, custom query and headers parameters support for the realtime subscriptions.

    pb.collection("example").subscribe("*", (e) => {
      ...
    }, { filter: "someField > 10" });

    This works only with PocketBase v0.20.0+.

  • Changes to the logs service methods in relation to the logs generalization in PocketBase v0.20.0+:

    pb.logs.getRequestsList(...)  -> pb.logs.getList(...)
    pb.logs.getRequest(...)       -> pb.logs.getOne(...)
    pb.logs.getRequestsStats(...) -> pb.logs.getStats(...)

  • Added missing SchemaField.presentable field.

  • Added new AuthProviderInfo.displayName string field.

  • Added new AuthMethodsList.onlyVerified bool field.

• 0.20.0-rc3 - 2023-11-29
• 0.20.0-rc2 - 2023-11-26
• 0.20.0-rc - 2023-10-24
  
  • Added experimental expand, filter, fields, custom query and headers parameters support for the realtime subscriptions.

    pb.collection("example").subscribe("*", (e) => {
      ...
    }, { filter: "someField > 10" });

    This works only with PocketBase v0.20.0-rc.
• 0.19.0 - 2023-10-18
• 0.18.3 - 2023-10-15
• 0.18.2 - 2023-10-07
• 0.18.1 - 2023-10-05
• 0.18.0 - 2023-09-05
• 0.18.0-rc2 - 2023-08-31
• 0.18.0-rc - 2023-08-28
• 0.17.3 - 2023-08-29
• 0.17.2 - 2023-08-27
• 0.17.1 - 2023-08-27
• 0.17.0 - 2023-08-26
• 0.17.0-rc1 - 2023-08-15
• 0.16.0 - 2023-07-30
• 0.16.0-rc1 - 2023-07-22
• 0.15.3 - 2023-07-12
• 0.15.2 - 2023-06-07
• 0.15.1 - 2023-06-01
• 0.15.0 - 2023-05-21
• 0.15.0-rc - 2023-05-13
• 0.14.4 - 2023-05-05
• 0.14.4-rc - 2023-05-01
• 0.14.3 - 2023-04-28
• 0.14.2 - 2023-04-28
• 0.14.1 - 2023-04-28
• 0.14.0 - 2023-04-18
• 0.14.0-rc2 - 2023-04-11
• 0.14.0-rc - 2023-04-05
• 0.13.1 - 2023-03-26
• 0.13.0 - 2023-03-24
• 0.13.0-rc - 2023-03-16
• 0.12.1 - 2023-03-09
• 0.12.1-rc2 - 2023-03-09
• 0.12.1-rc - 2023-03-09
• 0.12.0 - 2023-02-27
• 0.11.1 - 2023-02-23
• 0.11.0 - 2023-02-19
• 0.10.2 - 2023-02-16
• 0.10.1 - 2023-01-21
• 0.10.0 - 2023-01-10

from pocketbase GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs