[Snyk] Upgrade sequelize from 5.21.2 to 5.22.4 #22

snyk-bot · 2021-10-25T19:37:15Z

Snyk has created this PR to upgrade sequelize from 5.21.2 to 5.22.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 16 versions ahead of your current version.
The recommended version was released 7 months ago, on 2021-03-14.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	375/1000 Why? CVSS 7.5	No Known Exploit
Prototype Pollution SNYK-JS-INI-1048974	375/1000 Why? CVSS 7.5	Proof of Concept
Prototype Pollution SNYK-JS-AWSSDK-1059424	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	375/1000 Why? CVSS 7.5	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	375/1000 Why? CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sequelize

5.22.4 - 2021-03-14
5.22.4 (2021-03-14)

Bug Fixes
- types: allow transaction to be null (#13093) (#13101) (db6d5ec)
5.22.3 - 2020-06-30
5.22.2 - 2020-06-27
5.22.1 - 2020-06-26
5.22.0 - 2020-06-24
5.21.13 - 2020-06-14
5.21.12 - 2020-06-05
5.21.11 - 2020-05-26
5.21.10 - 2020-05-19
5.21.9 - 2020-05-14
5.21.8 - 2020-05-10
5.21.7 - 2020-04-23
5.21.6 - 2020-04-04
5.21.5 - 2020-02-20
5.21.4 - 2020-02-07
5.21.3 - 2019-12-13
5.21.2 - 2019-10-29

from sequelize GitHub release notes

Commit messages

Package name: sequelize

32d1e9e ci: enable semantic-release for v5
db6d5ec fix(types): allow transaction to be `null` (#13093) (#13101)
d89dede ci(mssql): fix mssql tests
d608bc0 ci(typings): fix tests for TS typings in TS 4.0
a914a47 ci: fix ci
4b54342 test: fix 6f74bf62 for Node.js 6
f42d5f3 ci: move to GitHub Actions
5fd55c3 test: add missing dev-dependency
6f74bf6 test: improve 'running queries' detection
3d2df28 fix(sqlite): describeTable now returns unique and references (#12440)
56d07c6 fix(mssql): insert/upsert operations do not return all fields (#12434)
ad1c153 fix(mssql): bulkUpdate returning values (#12410)
26fcbce fix(tests): correct spelling mistakes (#12422)
2391d08 feat(sequelize): allow passing dialectOptions.options from url (#12412)
8477b07 build: changes for v6 release (#12417)
834b9f0 fix(postgres): parse enums correctly when describing a table (#12409) (#12411)
7fba668 fix(types): specified 'this' for getters and setters in fields (#12370)
41237ae fix(mssql): set correct scale for float (#12340)
5c733ef fix(include): check if attributes specified for included through model (#12020)
7fdc2dc fix(mssql): tedious connect deprecation (#12275)
8a3827d fix(mssql): use uppercase for engine table and columns (#12253)
d865b24 fix(sqlite): multiple primary keys results in syntax error (#12241)
028f656 fix(include): separate queries are not sub-queries (#12152)
a2c0a63 fix(typings): support Date as where value (#12015)