[Snyk] Upgrade sequelize from 6.3.1 to 6.6.5

[snyk-bot]

Snyk has created this PR to upgrade sequelize from 6.3.1 to 6.6.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 12 versions ahead of your current version.
• The recommended version was released 3 months ago, on 2021-07-06.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: sequelize

• 6.6.5 - 2021-07-06
  

  6.6.5 (2021-07-06)

  Bug Fixes

  • dependency: upgrade validator (#13350) (56bb1d6)
• 6.6.4 - 2021-06-26
  

  6.6.4 (2021-06-26)

  Bug Fixes

  • typings: make Transactionable compatible with TransactionOptions (#13334) (cd2de40)
  • utils: clone attributes before mutating them (#13226) (1a16b91)
  • data-types: use proper field name for ARRAY(ENUM) (#13210) (1cfbd33)
  • typings: fix ignoreDuplicates option (#13220) (b33d78e)
  • typings: allow schema for queryInterface methods (#13223) (6b0b532)
  • typings: restrict update typings (#13216) (63ceb73)
  • typings: returning can specify column names (#13215) (143cc84)
  • typings: model init returns model class, not instance (#13214) (8f2a0d5)
  • plurals: bump inflection dependency (#13260) (deeb5c6)
  • bulk-create: ON CONFLICT with unique index (#13345) (6dcb565)
• 6.6.2 - 2021-03-23
  

  6.6.2 (2021-03-23)

  Bug Fixes

  • types: fix Model.prototype.previous() (#13042) (5b16b32)
• 6.6.1 - 2021-03-22
  

  6.6.1 (2021-03-22)

  Bug Fixes

  • query-generator: use AND in sql for not/between (#13043) (a663c54)
  • sqlite: retrieve primary key on upsert (#12991) (023e1d9)
  • types: allow (keyof TAttributes)[] in UpdateOptions.returning (#13130) (97ba242)
  • types: models with attributes couldn't be used in some cases (#13010) (de5f21d)
  • types: remove string from Order type (#13057) (ac39f8a)
• 6.6.0 - 2021-03-21
  

  6.6.0 (2021-03-21)

  Bug Fixes

  • types: allow sequelize.col in attributes (#13105) (3fd64cb)
  • types: allow bigints in WhereValue (#13028) (8892507)
  • types: decapitalize queryGenerator property (#13126) (9cb4d7f)
  • types: fix Model#previous type (#13106) (466e361)
  • types: fix ValidationErrorItem types (#13108) (e35a9bf)

  Features

  • add-constraint: add deferrable option (#13096) (f98bd7e)
• 6.5.1 - 2021-03-14
  

  6.5.1 (2021-03-14)

  Bug Fixes

  • mysql: release connection on deadlocks (#13102) (6388507)
    • Note: this complements the work done in 6.5.0, fixing another situation not covered by it with MySQL.
  • types: allow transaction to be null (#13093) (ced4dc7)
• 6.5.0 - 2021-01-27
  

  6.5.0 (2021-01-27)

  Second release in 2021! 🎉

  Bug Fixes

  • mysql, mariadb: release connection on deadlocks (#12841) (c77b1f3)
  • types: allow changing values on before hooks (#12970) (e5b8929)
  • types: typo in sequelize.js and sequelize.d.ts (#12975) (2fe980e)

  Features

  • postgres: add TSVECTOR datatype and @@ operator (#12955) (e45df29)
• 6.4.0 - 2021-01-18
  

  6.4.0 (2021-01-18)

  First release in 2021! 🎉

  Bug Fixes

  • types: better support for readonly arrays (287607a)
  • types: remove part forgotten in #12175 (2249ded)

  Features

  • query-interface: support composite foreign keys (#12456) (9ecebef)
• 6.3.5 - 2020-09-01
• 6.3.4 - 2020-08-01
• 6.3.3 - 2020-07-11
• 6.3.2 - 2020-07-11
• 6.3.1 - 2020-07-10

from sequelize GitHub release notes

Commit messages

Package name: sequelize

• 56bb1d6 fix(dependency): upgrade validator (#13350)
• b674600 chores: keep only @ papb email in maintainers field
• 5fa695f meta: empty commit to rerun ci
• dc3ec53 fix(ci): fix semantic-release usage
• c7d7ca5 meta: forbid auto major version release
• cd2de40 fix(typings): make `Transactionable` compatible with `TransactionOptions` (#13334)
• 1a16b91 fix(utils): clone attributes before mutating them (#13226)
• 39299a6 docs(read-replication.md): fix typo (#13179)
• d0d7188 docs(eager-loading.md): fix typo (#13161)
• 1cfbd33 fix(data-types): use proper field name for `ARRAY(ENUM)` (#13210)
• 444f06f docs(migrations.md): grammar improvements (#13294)
• b33d78e fix(typings): fix `ignoreDuplicates` option (#13220)
• 6b0b532 fix(typings): allow `schema` for queryInterface methods (#13223)
• 63ceb73 fix(typings): restrict update typings (#13216)
• 143cc84 fix(typings): `returning` can specify column names (#13215)
• 8f2a0d5 fix(typings): model init returns model class, not instance (#13214)
• deeb5c6 fix(plurals): bump inflection dependency (#13260)
• 421f44d docs(model-querying-basics.md): fix typo (#13256)
• 68ef453 docs(model-querying-basics.md): fix typo (#13324)
• 1c1aa33 refactor: nonempty array check style
• 6dcb565 fix(bulk-create): `ON CONFLICT` with unique index (#13345)
• 97b3767 meta: improve `contributing.md` and `sscce.js`
• 0a90312 meta: remove unused Dockerfile
• aaf3234 meta: refactor mocha configuration

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs