[Snyk] Upgrade sequelize from 6.6.2 to 6.9.0

[snyk-bot]

Snyk has created this PR to upgrade sequelize from 6.6.2 to 6.9.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 5 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2021-11-01.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sequelize

• 6.9.0 - 2021-11-01
  

  6.9.0 (2021-11-01)

  Bug Fixes

  • docs: using incorrect esdocs syntax (#13615) (c3c690b)
  • sqlite: quote table names in sqlite getForeignKeysQuery (#13587) (eeb6a8f)
  • upsert: do not overwrite an explcit created_at during upsert (#13593) (594cee8)

  Features

  • mysql: add support for MySQL v8 (#13618) (35978f0)
• 6.8.0 - 2021-10-24
  

  6.8.0 (2021-10-24)

  Bug Fixes

  • types: allow any values in isIn validator (#12962) (d511d91)
  • allows insert primary key with zero (#13458) (e4aff2f)
  • model: Convert number values only if they aren't null to avoid NaN (199b632)
  • model.d: accept [Op.is] in where (broken in TypeScript 4.4) (#13499) (d685a9a)
  • postgres: fix findCreateFind to work with postgres transactions (#13482) (84421d7)
  • select: do not force set subQuery to false (#13490) (0943339)
  • sqlite: fix wrongly overwriting storage if empty string (#13376) (c3e608b), closes #13375
  • types: add missing upsert hooks (#13394) (5e9c209)
  • types: extend BulkCreateOptions by SearchPathable (#13469) (47c2d05), closes #13454
  • types: typo in model.d.ts (#13574) (31d0fbc)

  Features

  • postgres: support query_timeout dialect option (#13258) (3ca085d)
  • typings: add UnknownConstraintError (#13461) (69d899e)
• 6.7.0 - 2021-10-09
  

  6.7.0 (2021-10-09)

  Bug Fixes

  • deps: upgrade to secure versions of dev deps (#13549) (cf53734)
  • docs: fix typo in documentation for polymorphic associations (#13405) (bbf3d76)
  • types: allow rangable to take a string tuple (#13486) (ca2a11a)

  Features

  • test: add test for nested column in where query (#13478) (26b62c7), closes #13288
  • types: make config type deeply writeable for before connect hook (#13424) (f078f77)
• 6.6.5 - 2021-07-06
  

  6.6.5 (2021-07-06)

  Bug Fixes

  • dependency: upgrade validator (#13350) (56bb1d6)
• 6.6.4 - 2021-06-26
  

  6.6.4 (2021-06-26)

  Bug Fixes

  • typings: make Transactionable compatible with TransactionOptions (#13334) (cd2de40)
  • utils: clone attributes before mutating them (#13226) (1a16b91)
  • data-types: use proper field name for ARRAY(ENUM) (#13210) (1cfbd33)
  • typings: fix ignoreDuplicates option (#13220) (b33d78e)
  • typings: allow schema for queryInterface methods (#13223) (6b0b532)
  • typings: restrict update typings (#13216) (63ceb73)
  • typings: returning can specify column names (#13215) (143cc84)
  • typings: model init returns model class, not instance (#13214) (8f2a0d5)
  • plurals: bump inflection dependency (#13260) (deeb5c6)
  • bulk-create: ON CONFLICT with unique index (#13345) (6dcb565)
• 6.6.2 - 2021-03-23
  

  6.6.2 (2021-03-23)

  Bug Fixes

  • types: fix Model.prototype.previous() (#13042) (5b16b32)

from sequelize GitHub release notes

Commit messages

Package name: sequelize

• 35978f0 feat(mysql): add support for MySQL v8 (#13618)
• 594cee8 fix(upsert): do not overwrite an explcit created_at during upsert (#13593)
• 719bb59 Add note about sponsoring options. (#13617)
• a58781c Add note about sponsoring options. (#13616)
• 7e43212 test(mysql): add test-support for MySQL 8 (#13610)
• c3c690b fix(docs): using incorrect esdocs syntax (#13615)
• 7a66841 docs(model-querying-basics): added semicolons on docs (#13611)
• 0748fc6 Missing : in "sqlite::memory:" (docs) (#13599)
• d1a2572 Run stale workflow once per day
• cb86472 Try to work with more issues per run
• 6c2d74a actions: skip issues/PRs already marked stale (#13604)
• ef5b7c3 Run stale workflow every 5 minutes
• e21073a build(actions/stale): change probot-stale to actions/stale (#13595)
• 565a3cf build: remove probot-stale (#13598)
• eeb6a8f fix(sqlite): quote table names in sqlite getForeignKeysQuery (#13587)
• 82d1072 docs(database): update the explanation to be less confusing #12541 (#13581)
• 56079c5 docs: added missing comma (#12918) (#13583)
• 7e4bb2c docs(model-basics): fix UUIDV4 as a method of DataTypes (#13585)
• a65345f docs(through-attribute): fixed association example to exclude junction table (#13295)
• d511d91 fix(types): allow any values in `isIn` validator (#12962)
• e4aff2f fix: allows insert primary key with zero (#13458)
• 4098eb0 chore(docs): Add documentation for increment method (#13254)
• 66e6d76 chore(probot-stale): reenable auto-close issues bot
• 84421d7 fix(postgres): fix `findCreateFind` to work with postgres transactions (#13482)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs