[release] @subql/[email protected]

[ianhe8x]

Description

Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.

Fixes # (issue)

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Checklist

• I have tested locally
• I have performed a self review of my changes
• Updated any relevant documentation
• Linked to any relevant issues
• I have added tests relevant to my changes
• Any dependent changes have been merged and published in downstream modules
• My code is up to date with the base branch
• I have updated relevant changelogs. We suggest using chan

Summary by CodeRabbit

• Bug Fixes

  • Fixed a SQL injection vulnerability in dynamic datasource appending functionality.

• Chores

  • Released version 19.3.1 of node-core package.

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: acd8fc6d-9758-478d-831c-6495ed308dff

📥 Commits

Reviewing files that changed from the base of the PR and between 55e8754 and a6edf33.

📒 Files selected for processing (2)

• packages/node-core/CHANGELOG.md
• packages/node-core/package.json

---

📝 Walkthrough

Walkthrough

Version 19.3.1 of @subql/node-core is released with documentation of a SQL injection vulnerability fix in dynamic datasource appending. The changelog records the issue and corrects version references, while the package version is bumped from pre-release 19.3.1-0 to stable 19.3.1.

Changes

Cohort / File(s)	Summary
Version Release Documentation packages/node-core/CHANGELOG.md, packages/node-core/package.json	Added changelog entry for 19.3.1 documenting SQL injection fix in dynamic datasource appending via unescaped JSON serialization (#3031). Updated version link references and bumped package version from 19.3.1-0 to 19.3.1.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• [release] 20251120 #2973: Both PRs modify packages/node-core's CHANGELOG.md and bump the package.json version field in a release pattern.
• fix(node-core): sql injection in dynamic datasource appending via unescaped json serialization #3031: Documents and releases the SQL injection fix in dynamic datasource appending that was implemented in the metadata utils.

Poem

🐰 A vulnerability squashed with care,
JSON safely escaped everywhere!
From 19.3.1-0 we now rest,
Version stable, secure, and blessed. ✨

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch release-260401

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

Coverage report for .

Caution

An unexpected error occurred. For more details, check console

Error: The process '/usr/bin/git' failed with exit code 128

St.❔	Category	Percentage	Covered / Total
🟡	Statements	70.11%	18556/26468
🟡	Branches	78.29%	2099/2681
🟡	Functions	62.5%	860/1376
🟡	Lines	70.11%	18556/26468

Report generated by 🧪jest coverage report action from a6edf33