[Snyk] Fix for 5 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Breaking Change	Exploit Maturity
	SQL Injection SNYK-JS-KNEX-471962	No	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	No	Proof of Concept
	SQL Injection SNYK-JS-SEQUELIZE-450221	No	Proof of Concept
	SQL Injection SNYK-JS-SEQUELIZE-459751	No	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SEQUELIZE-543029	No	No Known Exploit

Commit messages

Package name: knex

The new version differs by 195 commits.

• 48d8c7e Prepare 0.19.5 release
• e112a21 Remove unneeded logging
• 78a7e9a fix CLI tests fails caused by PR #3416 (#3466)
• 988fb24 Fix MSSQL escaping (#3382)
• 516b074 Enable linting in CI (#3450)
• c1d2027 Fix handling of multiline SQL in SQLite3 schema (#3411)
• 53d8649 Update test to accommodate for increased precision in PG 12 (#3465)
• 7fabae9 Migrations up/down commands: filename parameter (#3416)
• fb095cb Add missing Migrator.list typing (#3460)
• b744564 Fix Typescript type inference for to better support wildcard (*) calls #3444 (#3446)
• 68e1ae2 Support stored procedures in Oracle
• 5417cac Fix for concurrent child transactions failing (#2213) (#3440)
• eb8f0c0 Make options argument optional in timeout (#3442)
• 65969d6 Prepare 0.19.4 release
• 3464e4c Update dependencies (#3431)
• 019141c Add specific to SeederConfig type (#3429)
• 6c73b22 Fix some issues with QueryBuilder types (#3427)
• 4ade989 feat: add undefined columns to undefined binding(s) error (#3425)
• 75ac92f Update 0.19.3 changelog
• 8f40f8d migrate: Refactor _lockMigrations to avoid forUpdate (#3395)
• 3f86d75 TypeScript definition: include schemaName in EnumOptions (#3415)
• e5972b8 Prepare 0.19.3 release (#3414)
• d6426d7 Add ability to manually define schema for enu with useNative (#3307) (#3413)
• 1ef1a4e Fix native enum with specified schema (#3307) (#3400)

See the full diff

Package name: sequelize

The new version differs by 21 commits.

• 8931bf6 fix(sqlite): properly catch errors (#11877)
• efd2f40 fix(mysql): json path security issues (#11332)
• 6674a3c fix: use files and remove .npmignore
• a1ccf04 fix(pool): destroy pooled errors properly with replication (#11140)
• a32263f fix(redshift): allow standard_conforming_strings option (#10816)
• c9d3a97 feat(postgres): enable standard conforming strings when required (#10746)
• 73d7a65 fix(mssql): subquery handling for order (#10769)
• 98cb17c build: skip docs and set correct tag
• 7d22d18 build: semantic release setup & docs
• 2f92e21 fix(mysql): boolean TINYINT support (#10660)
• de39cff feat(datatypes): handle numbers passed as objects for bigint (#10496)
• 00e4984 fix: locking generic-pool to 3.5.0
• 136566d Revert "fix: update generic-pool dependency"
• 70fc462 fix: update generic-pool dependency
• 52daac1 chore(package): update generic-pool to 3.5.0 (#10359)
• 09eea2f docs(querying): model mapping for custom fields (#9688) (#10338)
• d2428dd feat(transaction): afterCommit hook (#10260)
• 34e9fe1 fix(query-generator): add offset to unioned queries (#10149)
• 7d59b78 build: lock mysql2
• 9ecc11e docs: add favicon (#10127)
• 4ff79dc fix(syntax): correct parentheses around union (#9813) (#10003) (#10121)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic