[Snyk] Upgrade sequelize from 6.7.0 to 6.11.0

[snyk-bot]

Snyk has created this PR to upgrade sequelize from 6.7.0 to 6.11.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.
• The recommended version was released a month ago, on 2021-11-18.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	372/1000 Why? Proof of Concept exploit, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sequelize

• 6.11.0 - 2021-11-18
  

  6.11.0 (2021-11-18)

  Features

  • option for attributes having dotNotation (#13670) (41876f1)
• 6.10.0 - 2021-11-18
  

  6.10.0 (2021-11-18)

  Bug Fixes

  • typing on creation within an association (#13678) (0312f8e)
  • logger: change logging depth from 3 to 1 (#12879) (ddddc24)
  • mariadb: fix MariaDB 10.5 JSON (#13633) (cdd61dd)
  • model: clone options object instead of modifying (#13589) (3be43de)
  • mssql: fix sub query issue occurring with renamed primary key fields (#12801) (73d99ab)
  • mssql: sqlserver 2008 fix for using offsets and include criteria (47c4494)
  • query: make stacktraces include original calling code (#13347) (f581543)
  • types: Add missing type definitions in models (#13553) (73ecf6c)
  • types: add specifc tojson type in model.d.ts (#13661) (5924be5)
  • types: DataType.TEXT overloading definition (#13654) (1690801)
  • types: include 'paranoid' in IncludeThroughOptions definition (#13625) (b1fb1f3)
  • types: ne op documentation (#13666) (98485df)
  • types: rename types and update CONTRIBUTING docs (#13348) (1f23924)
  • expect result is null but got zero (#13637) (da3ac09)

  Features

  • definitions: Adds AbstractQuery and before/afterQuery hook definitions (#13635) (37a5858)
  • postgresql: easier SSL config and options param support (#13673) (9591573)
• 6.9.0 - 2021-11-01
  

  6.9.0 (2021-11-01)

  Bug Fixes

  • docs: using incorrect esdocs syntax (#13615) (c3c690b)
  • sqlite: quote table names in sqlite getForeignKeysQuery (#13587) (eeb6a8f)
  • upsert: do not overwrite an explcit created_at during upsert (#13593) (594cee8)

  Features

  • mysql: add support for MySQL v8 (#13618) (35978f0)
• 6.8.0 - 2021-10-24
  

  6.8.0 (2021-10-24)

  Bug Fixes

  • types: allow any values in isIn validator (#12962) (d511d91)
  • allows insert primary key with zero (#13458) (e4aff2f)
  • model: Convert number values only if they aren't null to avoid NaN (199b632)
  • model.d: accept [Op.is] in where (broken in TypeScript 4.4) (#13499) (d685a9a)
  • postgres: fix findCreateFind to work with postgres transactions (#13482) (84421d7)
  • select: do not force set subQuery to false (#13490) (0943339)
  • sqlite: fix wrongly overwriting storage if empty string (#13376) (c3e608b), closes #13375
  • types: add missing upsert hooks (#13394) (5e9c209)
  • types: extend BulkCreateOptions by SearchPathable (#13469) (47c2d05), closes #13454
  • types: typo in model.d.ts (#13574) (31d0fbc)

  Features

  • postgres: support query_timeout dialect option (#13258) (3ca085d)
  • typings: add UnknownConstraintError (#13461) (69d899e)
• 6.7.0 - 2021-10-09
  

  6.7.0 (2021-10-09)

  Bug Fixes

  • deps: upgrade to secure versions of dev deps (#13549) (cf53734)
  • docs: fix typo in documentation for polymorphic associations (#13405) (bbf3d76)
  • types: allow rangable to take a string tuple (#13486) (ca2a11a)

  Features

  • test: add test for nested column in where query (#13478) (26b62c7), closes #13288
  • types: make config type deeply writeable for before connect hook (#13424) (f078f77)

from sequelize GitHub release notes

Commit messages

Package name: sequelize

• 41876f1 feat: option for attributes having dotNotation (#13670)
• 9591573 feat(postgresql): easier SSL config and options param support (#13673)
• 0312f8e fix: typing on creation within an association (#13678)
• 47c4494 fix(mssql): sqlserver 2008 fix for using offsets and include criteria
• 98485df fix(types): ne op documentation (#13666)
• 7ad6d53 chore(stale): exempt issues with type label (#13665)
• 0e5e7f9 test(type): cover Op.match with test (#13664)
• 0ecb0e1 Resolved the typescript issue with the Op.match (https://snyk.io/redirect/github/feat(tsvector): TSVECTOR support sequelize/sequelize#12955) (#13481)
• 13e8b83 chore(build): never close PRs (#13648)
• 5924be5 fix(types): add specifc tojson type in model.d.ts (#13661)
• e6a1c64 Patch with static decrement method types (#12600)
• 1f23924 fix(types): rename types and update CONTRIBUTING docs (#13348)
• 1690801 fix(types): DataType.TEXT overloading definition (#13654)
• da3ac09 fix: expect result is null but got zero (#13637)
• f581543 fix(query): make stacktraces include original calling code (#13347)
• ddddc24 fix(logger): change logging depth from 3 to 1 (#12879)
• 4ff26c1 ci(stale): update stale timing to 14 days each (#13636)
• 37a5858 feat(definitions): Adds AbstractQuery and before/afterQuery hook definitions (#13635)
• cdd61dd fix(mariadb): fix MariaDB 10.5 JSON (#13633)
• 8db830a refactor: remove joinTableDependent exception for sqlite (#12643)
• 3cca8a2 meta: persist lockfile (#13632)
• 1e17382 docs(data-types): fix reference to DataTypes.NOW
• d4f7558 meta(dependencies): upgrade validator dependency (#13629)
• 45d30d8 docs(logo): add svg logo versions

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs