[Snyk] Upgrade sequelize from 6.5.0 to 6.28.0 by sanju2 · Pull Request #1 · sanju2/aws_codebuild_codedeploy_nodeJs_demo

sanju2 · 2023-02-22T08:01:54Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade sequelize from 6.5.0 to 6.28.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 62 versions ahead of your current version.
The recommended version was released 2 months ago, on 2022-12-20.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
SQL Injection SNYK-JS-SEQUELIZE-2959225	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Directory Traversal SNYK-JS-MOMENT-2440688	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Command Injection SNYK-JS-LODASH-1040724	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
SQL Injection SNYK-JS-SEQUELIZE-2932027	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sequelize

6.28.0 - 2022-12-20
6.28.0 (2022-12-20)

Features
- types: use retry-as-promised types for retry options to match documentation (#15484) (fd4afa6)
6.27.0 - 2022-12-12
6.27.0 (2022-12-12)

Features
- add support for bigints (backport of #14485) (#15413) (1247c01)
6.26.0 - 2022-11-29
6.26.0 (2022-11-29)

Features
- postgres: add support for lock_timeout [#15345] (#15355) (94beace)
6.25.8 - 2022-11-22
6.25.8 (2022-11-22)

Bug Fixes
- oracle: remove hardcoded maxRows value (#15323) (7885000)
6.25.7 - 2022-11-19
6.25.7 (2022-11-19)

Bug Fixes
- fix parameters not being replaced when after $$ strings (#15307) (bc39fd6)
6.25.6 - 2022-11-15
6.25.6 (2022-11-15)

Bug Fixes
- postgres: invalidate connection after client-side timeout (#15283) (a205765), closes /github.com/brianc/node-postgres/blob/5538df6b446f4b4f921947b460fe38acb897e579/packages/pg/lib/client.js#L529
6.25.5 - 2022-11-07
6.25.5 (2022-11-07)

Bug Fixes
- remove options.model overwrite on bulkUpdate (#15252) (67e69cd), closes #15231
6.25.4 - 2022-11-05
6.25.4 (2022-11-05)

Bug Fixes
- types: add instance.dataValues property to model.d.ts (#15240) (00c6da3)
6.25.3 - 2022-10-19
6.25.2 - 2022-10-15
6.25.1 - 2022-10-13
6.25.0 - 2022-10-11
6.24.0 - 2022-10-04
6.23.2 - 2022-09-27
6.23.1 - 2022-09-22
6.23.0 - 2022-09-17
6.22.1 - 2022-09-16
6.22.0 - 2022-09-15
6.21.6 - 2022-09-09
6.21.5 - 2022-09-08
6.21.4 - 2022-08-18
6.21.3 - 2022-07-11
6.21.2 - 2022-06-28
6.21.1 - 2022-06-25
6.21.0 - 2022-06-16
6.20.1 - 2022-05-27
6.20.0 - 2022-05-23
6.19.2 - 2022-05-18
6.19.1 - 2022-05-17
6.19.0 - 2022-04-12
6.18.0 - 2022-04-03
6.17.0 - 2022-02-25
6.16.3 - 2022-02-24
6.16.2 - 2022-02-18
6.16.1 - 2022-02-09
6.16.0 - 2022-02-08
6.15.1 - 2022-02-06
6.15.0 - 2022-01-29
6.14.1 - 2022-01-25
6.14.0 - 2022-01-22
6.13.0 - 2022-01-10
6.12.5 - 2022-01-04
6.12.4 - 2021-12-28
6.12.3 - 2021-12-27
6.12.2 - 2021-12-22
6.12.1 - 2021-12-21
6.12.0 - 2021-12-17
6.12.0-beta.3 - 2021-12-12
6.12.0-beta.2 - 2021-12-10
6.12.0-beta.1 - 2021-12-04
6.12.0-alpha.1 - 2021-11-19
6.11.0 - 2021-11-18
6.10.0 - 2021-11-18
6.9.0 - 2021-11-01
6.8.0 - 2021-10-24
6.7.0 - 2021-10-09
6.6.5 - 2021-07-06
6.6.4 - 2021-06-26
6.6.2 - 2021-03-23
6.6.1 - 2021-03-22
6.6.0 - 2021-03-21
6.5.1 - 2021-03-14
6.5.0 - 2021-01-27

from sequelize GitHub release notes

Commit messages

Package name: sequelize

fd4afa6 feat(types): use retry-as-promised types for retry options to match documentation (#15484)
1247c01 feat: add support for bigints (backport of #14485) (#15413)
94beace feat(postgres): add support for lock_timeout [#15345] (#15355)
7885000 fix(oracle): remove hardcoded maxRows value (#15323)
bc39fd6 fix: fix parameters not being replaced when after $$ strings (#15307)
a205765 fix(postgres): invalidate connection after client-side timeout (#15283)
67e69cd fix: remove options.model overwrite on bulkUpdate (#15252)
00c6da3 fix(types): add instance.dataValues property to model.d.ts (#15240)
bf98d7c meta: swap Slack links (#15159)
7990095 fix: don't treat \ as escape in standard strings, support E-strings, support vars after ->> operator, treat lowercase e as valid e-string prefix (#15139)
851daaf fix(types): fix TS 4.9 excessive depth error on `InferAttributes` (v6) (#15135)
9dd93b8 fix(types): expose legacy "types" folder in export alias ( #15123)
06ad05d feat(oracle): add support for `dialectOptions.connectString` (#15042)
a44772e feat(snowflake): Add support for `QueryGenerator#tableExistsQuery` (#15087)
55051d0 docs: add missing ssl options for sequelize instance (v6) (#15049)
5c88734 docs(model): Added paranoid option for Model.BelongsToMany.through (#15065)
7203b66 fix(postgres): add custom order direction to subQuery ordering with minified alias (#15056)
5f621d7 fix(oracle): add support for Oracle DB 18c CI (#15016)
3468378 feat(types): add typescript 4.8 compatibility (#14990)
1da6657 fix(types): missing type for oracle dialect in v6 (#14992)
c230d80 feat(oracle): add oracle dialect support (#14638)
33d94b2 fix(types): backport #14704 for v6 (#14964)
e3a5279 meta: update retry-as-promised (#14966)
d047f32 fix(mariadb): do not automatically parse JSON fields (#14800)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade sequelize from 6.5.0 to 6.28.0. See this package in npm: https://www.npmjs.com/package/sequelize See this project in Snyk: https://app.snyk.io/org/sanju2/project/9f82ccf5-621d-48a1-915d-6ae203461503?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade sequelize from 6.5.0 to 6.28.0#1

[Snyk] Upgrade sequelize from 6.5.0 to 6.28.0#1
sanju2 wants to merge 1 commit into
masterfrom
snyk-upgrade-b401f6aa7b14ab60de5288e91d6f5424

sanju2 commented Feb 22, 2023

6.28.0 (2022-12-20)

Features

6.27.0 (2022-12-12)

Features

6.26.0 (2022-11-29)

Features

6.25.8 (2022-11-22)

Bug Fixes

6.25.7 (2022-11-19)

Bug Fixes

6.25.6 (2022-11-15)

Bug Fixes

6.25.5 (2022-11-07)

Bug Fixes

6.25.4 (2022-11-05)

Bug Fixes

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

sanju2 commented Feb 22, 2023

Snyk has created this PR to upgrade sequelize from 6.5.0 to 6.28.0.

6.28.0 (2022-12-20)

Features

6.27.0 (2022-12-12)

Features

6.26.0 (2022-11-29)

Features

6.25.8 (2022-11-22)

Bug Fixes

6.25.7 (2022-11-19)

Bug Fixes

6.25.6 (2022-11-15)

Bug Fixes

6.25.5 (2022-11-07)

Bug Fixes

6.25.4 (2022-11-05)

Bug Fixes

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants