[Snyk] Security upgrade sequelize-typescript from 2.1.1 to 2.1.6

[liangyuanruo]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	768/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.5	Prototype Pollution SNYK-JS-SEQUELIZETYPESCRIPT-6085300	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: sequelize-typescript

The new version differs by 145 commits.

• 32e4824 chore: ignore CHANGELOG for markdownlint
• 92c3f49 chore(release): v2.1.6
• 5ce8afd fix: deny modifying the object prototype (#1698)
• 837a3cc build(deps): bump vm2 from 3.9.11 to 3.9.15 (#1626)
• 0e43d08 build(deps-dev): bump sequelize from 6.28.2 to 6.29.0 (#1597)
• ce980e5 build(deps-dev): bump sequelize from 6.25.8 to 6.28.2 (#1590)
• 113aa3b build(deps-dev): bump husky from 8.0.1 to 8.0.2 (#1521)
• 1816663 build(deps-dev): bump sequelize from 6.25.5 to 6.25.8 (#1519)
• 91eb2df build(deps-dev): bump prettier from 2.7.1 to 2.8.0 (#1518)
• 264af5f build(deps): bump wagoid/commitlint-github-action from 5.2.2 to 5.3.0 (#1513)
• d5385d7 build(deps): bump minimatch in /examples/repository-mode (#1514)
• ce0c92a build(deps): bump minimatch from 3.0.4 to 3.1.2 in /examples/simple (#1515)
• 7a9fb81 build(deps-dev): bump @ typescript-eslint/eslint-plugin (#1511)
• 192e434 build(deps-dev): bump @ types/lodash from 4.14.187 to 4.14.190 (#1512)
• cbe15f1 build(deps-dev): bump @ types/sinon-chai from 3.2.8 to 3.2.9 (#1504)
• 2d1c655 build(deps-dev): bump chai and @ types/chai (#1505)
• 4bb93fb build(deps-dev): bump sequelize from 6.25.3 to 6.25.5 (#1506)
• 32948ea build(deps-dev): bump eslint from 8.26.0 to 8.27.0 (#1503)
• 18101f3 build(deps-dev): bump @ types/node from 18.11.8 to 18.11.9 (#1501)
• f4790f1 build(deps-dev): bump @ commitlint/config-conventional (#1500)
• c02deb7 build(deps-dev): bump @ types/lodash from 4.14.186 to 4.14.187 (#1498)
• a2db038 build(deps-dev): bump @ typescript-eslint/eslint-plugin (#1497)
• 018d978 build(deps-dev): bump @ commitlint/cli from 17.1.2 to 17.2.0 (#1496)
• a822888 build(deps-dev): bump @ typescript-eslint/parser from 5.41.0 to 5.42.0 (#1499)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution