vgs-nodejs-sample icon indicating copy to clipboard operation
vgs-nodejs-sample copied to clipboard

Published 20 hours ago verified publisher icon vgs-samples

[Snyk] Upgrade sequelize from 5.15.1 to 5.22.5

Open snyk-bot opened this issue 3 years ago • 0 comments

Snyk has created this PR to upgrade sequelize from 5.15.1 to 5.22.5.

merge advice :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 40 versions ahead of your current version.
  • The recommended version was released 7 months ago, on 2021-12-21.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Regular Expression Denial of Service (ReDoS)
SNYK-JS-MOMENT-2944238		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Directory Traversal
SNYK-JS-MOMENT-2440688		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 No Known Exploit
Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090602		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090601		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090600		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept
Regular Expression Denial of Service (ReDoS)
SNYK-JS-VALIDATOR-1090599		 482/1000
Why? Proof of Concept exploit, CVSS 7.5		 Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: sequelize
  • 5.22.5 - 2021-12-21

    5.22.5 (2021-12-21)

    Bug Fixes

    • dependencies: update validator dependency to latest version (#13802) (9f47e94)
  • 5.22.4 - 2021-03-14
  • 5.22.3 - 2020-06-30
  • 5.22.2 - 2020-06-27
  • 5.22.1 - 2020-06-26
  • 5.22.0 - 2020-06-24
  • 5.21.13 - 2020-06-14
  • 5.21.12 - 2020-06-05
  • 5.21.11 - 2020-05-26
  • 5.21.10 - 2020-05-19
  • 5.21.9 - 2020-05-14
  • 5.21.8 - 2020-05-10
  • 5.21.7 - 2020-04-23
  • 5.21.6 - 2020-04-04
  • 5.21.5 - 2020-02-20
  • 5.21.4 - 2020-02-07
  • 5.21.3 - 2019-12-13
  • 5.21.2 - 2019-10-29
  • 5.21.1 - 2019-10-19
  • 5.21.0 - 2019-10-18
  • 5.20.0 - 2019-10-18
  • 5.19.8 - 2019-10-17
  • 5.19.7 - 2019-10-16
  • 5.19.6 - 2019-10-11
  • 5.19.5 - 2019-10-09
  • 5.19.4 - 2019-10-07
  • 5.19.3 - 2019-10-05
  • 5.19.2 - 2019-10-01
  • 5.19.1 - 2019-09-27
  • 5.19.0 - 2019-09-19
  • 5.18.4 - 2019-09-08
  • 5.18.3 - 2019-09-08
  • 5.18.2 - 2019-09-07
  • 5.18.1 - 2019-09-03
  • 5.18.0 - 2019-08-31
  • 5.17.2 - 2019-08-30
  • 5.17.1 - 2019-08-29
  • 5.17.0 - 2019-08-28
  • 5.16.0 - 2019-08-22
  • 5.15.2 - 2019-08-21
  • 5.15.1 - 2019-08-18
from sequelize GitHub release notes
Commit messages
Package name: sequelize
  • 9f47e94 fix(dependencies): update validator dependency to latest version (#13802)
  • 71c9130 ci: trigger action rerun
  • aca4fbc build: update uuid (#13124)
  • 32d1e9e ci: enable semantic-release for v5
  • db6d5ec fix(types): allow transaction to be `null` (#13093) (#13101)
  • d89dede ci(mssql): fix mssql tests
  • d608bc0 ci(typings): fix tests for TS typings in TS 4.0
  • a914a47 ci: fix ci
  • 4b54342 test: fix 6f74bf62 for Node.js 6
  • f42d5f3 ci: move to GitHub Actions
  • 5fd55c3 test: add missing dev-dependency
  • 6f74bf6 test: improve 'running queries' detection
  • 3d2df28 fix(sqlite): describeTable now returns unique and references (#12440)
  • 56d07c6 fix(mssql): insert/upsert operations do not return all fields (#12434)
  • ad1c153 fix(mssql): bulkUpdate returning values (#12410)
  • 26fcbce fix(tests): correct spelling mistakes (#12422)
  • 2391d08 feat(sequelize): allow passing dialectOptions.options from url (#12412)
  • 8477b07 build: changes for v6 release (#12417)
  • 834b9f0 fix(postgres): parse enums correctly when describing a table (#12409) (#12411)
  • 7fba668 fix(types): specified 'this' for getters and setters in fields (#12370)
  • 41237ae fix(mssql): set correct scale for float (#12340)
  • 5c733ef fix(include): check if attributes specified for included through model (#12020)
  • 7fdc2dc fix(mssql): tedious connect deprecation (#12275)
  • 8a3827d fix(mssql): use uppercase for engine table and columns (#12253)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

snyk-bot avatar Aug 03 '22 06:08 snyk-bot