Update GitHub Vulnerability Alerts [SECURITY] (major)

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
node-sass	4.14.1 -> 7.0.0
sequelize (source)	5.22.5 -> 6.29.0

GitHub Vulnerability Alerts

CVE-2020-24025

Certificate validation in node-sass 2.0.0 to 6.0.1 is disabled when requesting binaries even if the user is not specifying an alternative download path.

CVE-2023-22580

Due to improper input filtering in the sequelize js library, can malicious queries lead to sensitive information disclosure.

CVE-2023-25813

Impact

The SQL injection exploit is related to replacements. Here is such an example:

In the following query, some parameters are passed through replacements, and some are passed directly through the where option.

User.findAll({
  where: or(
    literal('soundex("firstName") = soundex(:firstName)'),
    { lastName: lastName },
  ),
  replacements: { firstName },
})

This is a very legitimate use case, but this query was vulnerable to SQL injection due to how Sequelize processed the query: Sequelize built a first query using the where option, then passed it over to sequelize.query which parsed the resulting SQL to inject all :replacements.

If the user passed values such as

{
  "firstName": "OR true; DROP TABLE users;",
  "lastName": ":firstName"
}

Sequelize would first generate this query:

SELECT * FROM users WHERE soundex("firstName") = soundex(:firstName) OR "lastName" = ':firstName'

Then would inject replacements in it, which resulted in this:

SELECT * FROM users WHERE soundex("firstName") = soundex('OR true; DROP TABLE users;') OR "lastName" = ''OR true; DROP TABLE users;''

As you can see this resulted in arbitrary user-provided SQL being executed.

Patches

The issue was fixed in Sequelize 6.19.1

Workarounds

Do not use the replacements and the where option in the same query if you are not using Sequelize >= 6.19.1

References

See this thread for more information: https://github.com/sequelize/sequelize/issues/14519

Snyk: https://security.snyk.io/vuln/SNYK-JS-SEQUELIZE-2932027

CVE-2023-22579

Impact

Providing an invalid value to the where option of a query caused Sequelize to ignore that option instead of throwing an error.

A finder call like the following did not throw an error:

User.findAll({
  where: new Date(),
});

As this option is typically used with plain javascript objects, be aware that this only happens at the top level of this option.

Patches

This issue has been patched in sequelize@6.28.1 & @sequelize/core@7.0.0.alpha-20

References

A discussion thread about this issue is open at https://github.com/sequelize/sequelize/discussions/15698

CVE: CVE-2023-22579 Snyk: https://security.snyk.io/vuln/SNYK-JS-SEQUELIZE-3324090

CVE-2023-22578

Impact

Sequelize 6.28.2 and prior has a dangerous feature where using parentheses in the attribute option would make Sequelize use the string as-is in the SQL

User.findAll({
  attributes: [
    ['count(id)', 'count']
  ]
});

Produced

SELECT count(id) AS "count" FROM "users"

Patches

This feature was deprecated in Sequelize 5, and using it prints a deprecation warning.

This issue has been patched in @sequelize/core@7.0.0.alpha-20 and sequelize@6.29.0.

In Sequelize 7, it now produces the following:

SELECT "count(id)" AS "count" FROM "users"

In Sequelize 6, it throws an error explaining that we had to introduce a breaking change, and requires the user to explicitly opt-in to either the Sequelize 7 behavior (always escape) or the Sequelize 5 behavior (inline attributes that include () without escaping). See https://github.com/sequelize/sequelize/pull/15710 for more information.

Mitigations

Do not use user-provided content to build your list or attributes. If you do, make sure that attribute in question actually exists on your model by checking that it exists in the rawAttributes property of your model first.

---

A discussion thread about this issue is open at https://github.com/sequelize/sequelize/discussions/15694 CVE: CVE-2023-22578

---

Release Notes

sass/node-sass

### [`v7.0.0`](https://togithub.com/sass/node-sass/releases/tag/v7.0.0) [Compare Source](https://togithub.com/sass/node-sass/compare/v6.0.1...v7.0.0) ##### Breaking changes - Drop support for Node 15 ([@​nschonni](https://togithub.com/nschonni)) - Set `rejectUnauthorized` to `true` by default ([@​scott-ut](https://togithub.com/scott-ut), [#​3149](https://togithub.com/sass/node-sass/issues/3149)) ##### Features - Add support for Node 17 ([@​nschonni](https://togithub.com/nschonni)) ##### Dependencies - Bump eslint from 7.32.0 to 8.0.0 ([@​nschonni](https://togithub.com/nschonni), [#​3191](https://togithub.com/sass/node-sass/issues/3191)) - Bump fs-extra from 0.30.0 to 10.0.0 ([@​nschonni](https://togithub.com/nschonni), [#​3102](https://togithub.com/sass/node-sass/issues/3102)) - Bump npmlog from 4.1.2 to 5.0.0 ([@​nschonni](https://togithub.com/nschonni), [#​3156](https://togithub.com/sass/node-sass/issues/3156)) - Bump chalk from 1.1.3 to 4.1.2 ([@​nschonni](https://togithub.com/nschonni), [#​3161](https://togithub.com/sass/node-sass/issues/3161)) ##### Community - Remove double word "support" from documentation ([@​pzrq](https://togithub.com/pzrq), [#​3159](https://togithub.com/sass/node-sass/issues/3159)) ##### Misc - Bump various GitHub Actions dependencies ([@​nschonni](https://togithub.com/nschonni)) #### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 16, 17 | | OSX | x64 | 12, 14, 16, 17 | | Linux\* | x64 | 12, 14, 16, 17 | | Alpine Linux | x64 | 12, 14, 16, 17 | | FreeBSD | i386 amd64 | 12, 14 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v6.0.1`](https://togithub.com/sass/node-sass/releases/tag/v6.0.1) [Compare Source](https://togithub.com/sass/node-sass/compare/v6.0.0...v6.0.1) ##### Dependencies - Remove mkdirp ([@​jimmywarting](https://togithub.com/jimmywarting), [#​3108](https://togithub.com/sass/node-sass/issues/3108)) - Bump meow to 9.0.0 ([@​ykolbin](https://togithub.com/ykolbin), [#​3125](https://togithub.com/sass/node-sass/issues/3125)) - Bump mocha to 9.0.1 ([@​xzyfer](https://togithub.com/xzyfer), [#​3134](https://togithub.com/sass/node-sass/issues/3134)) ##### Misc - Use default Apline version from docker-node ([@​nschonni](https://togithub.com/nschonni), [#​3121](https://togithub.com/sass/node-sass/issues/3121)) ##### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 15, 16 | | OSX | x64 | 12, 14, 15, 16 | | Linux\* | x64 | 12, 14, 15, 16 | | Alpine Linux | x64 | 12, 14, 15, 16 | | FreeBSD | i386 amd64 | 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v6.0.0`](https://togithub.com/sass/node-sass/releases/tag/v6.0.0) [Compare Source](https://togithub.com/sass/node-sass/compare/v5.0.0...v6.0.0) ##### Breaking changes - Drop support for Node 10 ([@​nschonni](https://togithub.com/nschonni)) - Remove deprecated process.sass API ([@​xzyfer](https://togithub.com/xzyfer), [#​2986](https://togithub.com/sass/node-sass/issues/2986)) ##### Features - Add support for Node 16 ##### Community - Fix typos in Troubleshooting guide ([@​independencyinjection](https://togithub.com/independencyinjection), [#​3051](https://togithub.com/sass/node-sass/issues/3051)) - Improve dependabot configuration ([@​nschonni](https://togithub.com/nschonni)) ##### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 12, 14, 15, 16 | | OSX | x64 | 12, 14, 15, 16 | | Linux\* | x64 | 12, 14, 15, 16 | | Alpine Linux | x64 | 12, 14, 15, 16 | | FreeBSD | i386 amd64 | 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian ### [`v5.0.0`](https://togithub.com/sass/node-sass/releases/tag/v5.0.0) [Compare Source](https://togithub.com/sass/node-sass/compare/v4.14.1...v5.0.0) ##### Breaking changes - Only support LTS and current Node versions ([@​nschonni](https://togithub.com/nschonni)) - Remove deprecated process.sass API ([@​xzyfer](https://togithub.com/xzyfer), [#​2986](https://togithub.com/sass/node-sass/issues/2986)) ##### Features - Add support for Node 15 - New node-gyp version that supports building with Python 3 ##### Community - More inclusive documentation ([@​rgeerts](https://togithub.com/rgeerts), [#​2944](https://togithub.com/sass/node-sass/issues/2944)) - Enabled dependabot ([@​nschonni](https://togithub.com/nschonni)) - Improve release automation ([@​nschonni](https://togithub.com/nschonni)) ##### Fixes - Bumped many dependencies ([@​nschonni](https://togithub.com/nschonni)) ##### Supported Environments | OS | Architecture | Node | | --- | --- | --- | | Windows | x86 & x64 | 10, 12, 14, 15 | | OSX | x64 | 10, 12, 14, 15 | | Linux\* | x64 | 10, 12, 14, 15 | | Alpine Linux | x64 | 10, 12, 14, 15 | | FreeBSD | i386 amd64 | 10, 12, 14, 15 | \*Linux support refers to major distributions like Ubuntu, and Debian

sequelize/sequelize

### [`v6.29.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.29.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.28.2...v6.29.0) ##### Features - throw an error if attribute includes parentheses (fixes CVE-2023-22578) ([#​15710](https://togithub.com/sequelize/sequelize/issues/15710)) ([d3f5b5a](https://togithub.com/sequelize/sequelize/commit/d3f5b5a65e297f4b6861e6a6ce335a9830b28781)) ### [`v6.28.2`](https://togithub.com/sequelize/sequelize/releases/tag/v6.28.2) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.28.1...v6.28.2) ##### Bug Fixes - accept undefined in where ([#​15703](https://togithub.com/sequelize/sequelize/issues/15703)) ([13f2e89](https://togithub.com/sequelize/sequelize/commit/13f2e89f8b6147897e3e43f01487de51aebcde87)) ### [`v6.28.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.28.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.28.0...v6.28.1) ##### Bug Fixes - throw if where receives an invalid value ([#​15699](https://togithub.com/sequelize/sequelize/issues/15699)) ([d9e0728](https://togithub.com/sequelize/sequelize/commit/d9e0728f2c2c5ae319f337c78091e1081440595d)) - update moment-timezone version ([#​15685](https://togithub.com/sequelize/sequelize/issues/15685)) ([48d6193](https://togithub.com/sequelize/sequelize/commit/48d619379108320831c9c6a0ec42bfda6586fec5)) ### [`v6.28.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.28.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.27.0...v6.28.0) ##### Features - **types:** use retry-as-promised types for retry options to match documentation ([#​15484](https://togithub.com/sequelize/sequelize/issues/15484)) ([fd4afa6](https://togithub.com/sequelize/sequelize/commit/fd4afa6a89c111c6d6d0c94f0b98bf421b5357b6)) ### [`v6.27.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.27.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.26.0...v6.27.0) ##### Features - add support for bigints (backport of [#​14485](https://togithub.com/sequelize/sequelize/issues/14485)) ([#​15413](https://togithub.com/sequelize/sequelize/issues/15413)) ([1247c01](https://togithub.com/sequelize/sequelize/commit/1247c01265743e4bdbd6d91a51cf64cd9d1e6617)) ### [`v6.26.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.26.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.8...v6.26.0) ##### Features - **postgres:** add support for lock_timeout \[[#​15345](https://togithub.com/sequelize/sequelize/issues/15345)] ([#​15355](https://togithub.com/sequelize/sequelize/issues/15355)) ([94beace](https://togithub.com/sequelize/sequelize/commit/94beace4ca666765ec9c84a3f7ef0e826e09699d)) ### [`v6.25.8`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.8) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.7...v6.25.8) ##### Bug Fixes - **oracle:** remove hardcoded maxRows value ([#​15323](https://togithub.com/sequelize/sequelize/issues/15323)) ([7885000](https://togithub.com/sequelize/sequelize/commit/7885000a70eb451100fa8f54d45361887241521c)) ### [`v6.25.7`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.7) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.6...v6.25.7) ##### Bug Fixes - fix parameters not being replaced when after $$ strings ([#​15307](https://togithub.com/sequelize/sequelize/issues/15307)) ([bc39fd6](https://togithub.com/sequelize/sequelize/commit/bc39fd69919e0af0cb0732ca9bfe3e60691c778a)) ### [`v6.25.6`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.6) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.5...v6.25.6) ##### Bug Fixes - **postgres:** invalidate connection after client-side timeout ([#​15283](https://togithub.com/sequelize/sequelize/issues/15283)) ([a205765](https://togithub.com/sequelize/sequelize/commit/a20576527b84d4986372b25303b61536fae7479a)), closes [/github.com/brianc/node-postgres/blob/5538df6b446f4b4f921947b460fe38acb897e579/packages/pg/lib/client.js#L529](https://togithub.com//github.com/brianc/node-postgres/blob/5538df6b446f4b4f921947b460fe38acb897e579/packages/pg/lib/client.js/issues/L529) ### [`v6.25.5`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.5) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.4...v6.25.5) ##### Bug Fixes - remove options.model overwrite on bulkUpdate ([#​15252](https://togithub.com/sequelize/sequelize/issues/15252)) ([67e69cd](https://togithub.com/sequelize/sequelize/commit/67e69cdb0e9d3dc16f61449cf0cf4f609c724719)), closes [#​15231](https://togithub.com/sequelize/sequelize/issues/15231) ### [`v6.25.4`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.4) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.3...v6.25.4) ##### Bug Fixes - **types:** add instance.dataValues property to model.d.ts ([#​15240](https://togithub.com/sequelize/sequelize/issues/15240)) ([00c6da3](https://togithub.com/sequelize/sequelize/commit/00c6da326630a85363b6d5e7d5570ac8ca8b31b8)) ### [`v6.25.3`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.3) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.2...v6.25.3) ##### Bug Fixes - don't treat \ as escape in standard strings, support E-strings, support vars after ->> operator, treat lowercase e as valid e-string prefix ([#​15139](https://togithub.com/sequelize/sequelize/issues/15139)) ([7990095](https://togithub.com/sequelize/sequelize/commit/7990095e369b226844669ec691cc7bce94c3dbbe)), closes [#​14700](https://togithub.com/sequelize/sequelize/issues/14700) ### [`v6.25.2`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.2) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.1...v6.25.2) ##### Bug Fixes - **types:** fix TS 4.9 excessive depth error on `InferAttributes` (v6) ([#​15135](https://togithub.com/sequelize/sequelize/issues/15135)) ([851daaf](https://togithub.com/sequelize/sequelize/commit/851daafc73ff218f7de4455fe9f96eb896106210)) ### [`v6.25.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.25.0...v6.25.1) ##### Bug Fixes - **types:** expose legacy "types" folder in export alias ( [#​15123](https://togithub.com/sequelize/sequelize/issues/15123)) ([9dd93b8](https://togithub.com/sequelize/sequelize/commit/9dd93b8461b0ff0452d7db998d0686c3ef176150)) ### [`v6.25.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.25.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.24.0...v6.25.0) ##### Features - **oracle:** add support for `dialectOptions.connectString` ([#​15042](https://togithub.com/sequelize/sequelize/issues/15042)) ([06ad05d](https://togithub.com/sequelize/sequelize/commit/06ad05df260a745cf97bc8e7365c74aea57e5220)) ### [`v6.24.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.24.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.23.2...v6.24.0) ##### Features - **snowflake:** Add support for `QueryGenerator#tableExistsQuery` ([#​15087](https://togithub.com/sequelize/sequelize/issues/15087)) ([a44772e](https://togithub.com/sequelize/sequelize/commit/a44772ec58175cfdc2cea84eb359966e48ed1c7b)) ### [`v6.23.2`](https://togithub.com/sequelize/sequelize/releases/tag/v6.23.2) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.23.1...v6.23.2) ##### Bug Fixes - **postgres:** add custom order direction to subQuery ordering with minified alias ([#​15056](https://togithub.com/sequelize/sequelize/issues/15056)) ([7203b66](https://togithub.com/sequelize/sequelize/commit/7203b6626ed38c06f91f09f73571fb7df56fe348)) ### [`v6.23.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.23.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.23.0...v6.23.1) ##### Bug Fixes - **oracle:** add support for Oracle DB 18c CI ([#​15016](https://togithub.com/sequelize/sequelize/issues/15016)) ([5f621d7](https://togithub.com/sequelize/sequelize/commit/5f621d72c1f265bb7659b54eb33469db8a4443fd)), closes [#​1](https://togithub.com/sequelize/sequelize/issues/1) [#​7](https://togithub.com/sequelize/sequelize/issues/7) [#​9](https://togithub.com/sequelize/sequelize/issues/9) [#​13](https://togithub.com/sequelize/sequelize/issues/13) [#​14](https://togithub.com/sequelize/sequelize/issues/14) [#​16](https://togithub.com/sequelize/sequelize/issues/16) ### [`v6.23.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.23.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.22.1...v6.23.0) ##### Features - **types:** add typescript 4.8 compatibility ([#​14990](https://togithub.com/sequelize/sequelize/issues/14990)) ([3468378](https://togithub.com/sequelize/sequelize/commit/34683786d7ec832b179845188076ea2121ea78ff)) ### [`v6.22.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.22.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.22.0...v6.22.1) ##### Bug Fixes - **types:** missing type for oracle dialect in v6 ([#​14992](https://togithub.com/sequelize/sequelize/issues/14992)) ([1da6657](https://togithub.com/sequelize/sequelize/commit/1da6657de18fc4918dc165f61aedf8888faa3704)), closes [#​14991](https://togithub.com/sequelize/sequelize/issues/14991) ### [`v6.22.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.22.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.21.6...v6.22.0) ##### Features - **oracle:** add oracle dialect support ([#​14638](https://togithub.com/sequelize/sequelize/issues/14638)) ([c230d80](https://togithub.com/sequelize/sequelize/commit/c230d80676450169d9cd74fe4cdf0da261de77b8)), closes [#​1](https://togithub.com/sequelize/sequelize/issues/1) [#​7](https://togithub.com/sequelize/sequelize/issues/7) [#​9](https://togithub.com/sequelize/sequelize/issues/9) [#​13](https://togithub.com/sequelize/sequelize/issues/13) [#​14](https://togithub.com/sequelize/sequelize/issues/14) [#​16](https://togithub.com/sequelize/sequelize/issues/16) ### [`v6.21.6`](https://togithub.com/sequelize/sequelize/releases/tag/v6.21.6) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.21.5...v6.21.6) ##### Bug Fixes - **types:** backport [#​14704](https://togithub.com/sequelize/sequelize/issues/14704) for v6 ([#​14964](https://togithub.com/sequelize/sequelize/issues/14964)) ([33d94b2](https://togithub.com/sequelize/sequelize/commit/33d94b223988d29bf1032ea2b589797664310839)) ### [`v6.21.5`](https://togithub.com/sequelize/sequelize/releases/tag/v6.21.5) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.21.4...v6.21.5) ##### Bug Fixes - **mariadb:** do not automatically parse JSON fields ([#​14800](https://togithub.com/sequelize/sequelize/issues/14800)) ([d047f32](https://togithub.com/sequelize/sequelize/commit/d047f3275a451df73294f222c8a2c99ffdd22299)) ### [`v6.21.4`](https://togithub.com/sequelize/sequelize/releases/tag/v6.21.4) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.21.3...v6.21.4) ##### Bug Fixes - minified aliases are now properly referenced in subqueries (v6) ([#​14852](https://togithub.com/sequelize/sequelize/issues/14852)) ([5a257bc](https://togithub.com/sequelize/sequelize/commit/5a257bc93c7e760f6b0158f55b3cb48878698450)), closes [#​14804](https://togithub.com/sequelize/sequelize/issues/14804) ### [`v6.21.3`](https://togithub.com/sequelize/sequelize/releases/tag/v6.21.3) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.21.2...v6.21.3) ##### Bug Fixes - **postgres:** attach postgres error-handler earlier in lifecycle (v6) ([#​14731](https://togithub.com/sequelize/sequelize/issues/14731)) ([90bb694](https://togithub.com/sequelize/sequelize/commit/90bb69485021344351732dcafe31cb67a54175f7)) ### [`v6.21.2`](https://togithub.com/sequelize/sequelize/releases/tag/v6.21.2) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.21.1...v6.21.2) ##### Bug Fixes - properly escape multiple `$` in `fn` args ([#​14678](https://togithub.com/sequelize/sequelize/issues/14678)) ([7bb60e3](https://togithub.com/sequelize/sequelize/commit/7bb60e3531127da684cc1f75307410c53dfc9c8c)) ### [`v6.21.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.21.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.21.0...v6.21.1) ##### Bug Fixes - **postgres:** use schema set in sequelize config by default ([#​14665](https://togithub.com/sequelize/sequelize/issues/14665)) ([2f3b924](https://togithub.com/sequelize/sequelize/commit/2f3b9247ad4ef74d1ec1027562eaafb6b1e9755f)) ### [`v6.21.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.21.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.20.1...v6.21.0) ##### Features - exports types to support typescript >= 4.5 nodenext module ([#​14620](https://togithub.com/sequelize/sequelize/issues/14620)) ([cbdf73e](https://togithub.com/sequelize/sequelize/commit/cbdf73e9ee52ebebf92679b183ce95c760e914db)) ### [`v6.20.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.20.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.20.0...v6.20.1) ##### Bug Fixes - kill connection on commit/rollback error ([#​14535](https://togithub.com/sequelize/sequelize/issues/14535)) ([e1a9c28](https://togithub.com/sequelize/sequelize/commit/e1a9c28375e3bdd11347835b2f796290638ad58a)) ### [`v6.20.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.20.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.19.2...v6.20.0) ##### Features - support cyclic foreign keys ([#​14499](https://togithub.com/sequelize/sequelize/issues/14499)) ([b37df96](https://togithub.com/sequelize/sequelize/commit/b37df964333c39b9e19daa9a2c45c1d0bb475433)) ### [`v6.19.2`](https://togithub.com/sequelize/sequelize/releases/tag/v6.19.2) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.19.1...v6.19.2) ##### Bug Fixes - accept replacements in `ARRAY[]` & followed by `;` ([#​14518](https://togithub.com/sequelize/sequelize/issues/14518)) ([e37c572](https://togithub.com/sequelize/sequelize/commit/e37c57255fbd77244be22dc57d0a86490597831a)) ### [`v6.19.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.19.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.19.0...v6.19.1) ##### Bug Fixes - do not replace `:replacements` inside of strings ([#​14472](https://togithub.com/sequelize/sequelize/issues/14472)) ([ccaa399](https://togithub.com/sequelize/sequelize/commit/ccaa3996047fe00048d5993ab2dd43ebadd4f78b)) ⚠️ BREAKING CHANGE: This change is a security fix that patches a serious SQL injection vulnerability, however it is possible that your application made use of it and broke as a result of this change. [Please see this issue for more information](https://togithub.com/sequelize/sequelize/issues/14519). ### [`v6.19.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.19.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.18.0...v6.19.0) ##### Bug Fixes - **types:** make `WhereOptions` more accurate ([#​14368](https://togithub.com/sequelize/sequelize/issues/14368)) ([0d0aade](https://togithub.com/sequelize/sequelize/commit/0d0aadec98871d704743563585eacf87b3403517)) ##### Features - **types:** make `Model.init` aware of pre-configured foreign keys ([#​14370](https://togithub.com/sequelize/sequelize/issues/14370)) ([5954d2c](https://togithub.com/sequelize/sequelize/commit/5954d2cae542f8e4bd3351bc9d55b6880bd751c3)) ### [`v6.18.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.18.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.17.0...v6.18.0) ##### Features - add whereScopeStrategy to merge where scopes with Op.and ([#​14152](https://togithub.com/sequelize/sequelize/issues/14152)) ([8349c02](https://togithub.com/sequelize/sequelize/commit/8349c02c5130fc431adec265e3a3ad043571f1b9)) ### [`v6.17.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.17.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.16.3...v6.17.0) ##### Bug Fixes - fix typo in query-generator.js error message ([#​14151](https://togithub.com/sequelize/sequelize/issues/14151)) ([2d339d0](https://togithub.com/sequelize/sequelize/commit/2d339d0799d224dca79037e8465cf48abef496a8)) - **postgres:** correctly re-acquire connection for pg-native ([#​14090](https://togithub.com/sequelize/sequelize/issues/14090)) ([82506a6](https://togithub.com/sequelize/sequelize/commit/82506a68dbb33e4824ed6b8462cedf52d90d8cfc)) - **types:** drop excess argument for upsert ([#​14156](https://togithub.com/sequelize/sequelize/issues/14156)) ([da8678d](https://togithub.com/sequelize/sequelize/commit/da8678dec6ee6b8e427701e88d7db6810e990f82)) - **types:** export `GroupedCountResultItem` interface ([#​14154](https://togithub.com/sequelize/sequelize/issues/14154)) ([a81b7ab](https://togithub.com/sequelize/sequelize/commit/a81b7ab38da7fea07e00114e88711fbfed9f9a34)) - **types:** update 'replication' option property ([#​14126](https://togithub.com/sequelize/sequelize/issues/14126)) ([7ac1221](https://togithub.com/sequelize/sequelize/commit/7ac122163f63ced2e24dac1d73e0be298f686187)) - **types:** update return type of `Model.update` ([#​14155](https://togithub.com/sequelize/sequelize/issues/14155)) ([b80aeed](https://togithub.com/sequelize/sequelize/commit/b80aeed3c4eccc98da78927e91483ca41035dffe)) ##### Features - **types:** infer nullable creation attributes as optional ([#​14147](https://togithub.com/sequelize/sequelize/issues/14147)) ([f5c06bd](https://togithub.com/sequelize/sequelize/commit/f5c06bd493670a37ba6d6ed039d44ccdf79b126e)) - **types:** make `Model.getAttributes` stricter ([#​14017](https://togithub.com/sequelize/sequelize/issues/14017)) ([e974e20](https://togithub.com/sequelize/sequelize/commit/e974e202ca755a008f450c88123fc166a5497bb2)) ### [`v6.16.3`](https://togithub.com/sequelize/sequelize/releases/tag/v6.16.3) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.16.2...v6.16.3) ##### Bug Fixes - **types:** support union in CreationAttributes ([#​14146](https://togithub.com/sequelize/sequelize/issues/14146)) ([d23bd7a](https://togithub.com/sequelize/sequelize/commit/d23bd7a7e2aac095f8b210f8d0e0f060c215475f)) ### [`v6.16.2`](https://togithub.com/sequelize/sequelize/releases/tag/v6.16.2) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.16.1...v6.16.2) ##### Bug Fixes - **types:** missing snowflake and db2 dialects ([#​14137](https://togithub.com/sequelize/sequelize/issues/14137)) ([0326c2c](https://togithub.com/sequelize/sequelize/commit/0326c2caee201ee7288eb917cb3facd5aefd9b12)) ### [`v6.16.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.16.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.16.0...v6.16.1) ##### Bug Fixes - correct path to `package.json` in Sequelize.version ([#​14073](https://togithub.com/sequelize/sequelize/issues/14073)) ([b95c213](https://togithub.com/sequelize/sequelize/commit/b95c213909ce084ffd98f9e98c9cf881841e27f1)) ### [`v6.16.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.16.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.15.1...v6.16.0) ##### Features - gen /lib & /types from /src & drop /dist (v6) ([#​14063](https://togithub.com/sequelize/sequelize/issues/14063)) ([6b8fbb4](https://togithub.com/sequelize/sequelize/commit/6b8fbb48d0d12f2c500f69ce79f7f54386c32b40)) ### [`v6.15.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.15.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.15.0...v6.15.1) ##### Bug Fixes - **types:** accept `$nested.syntax$` in WhereAttributeHash ([#​13983](https://togithub.com/sequelize/sequelize/issues/13983)) ([4a513cf](https://togithub.com/sequelize/sequelize/commit/4a513cfb8d0061fe47864fa70655649a4f1b60ac)) - **types:** correct typing definitions for `Sequelize.where` ([#​14018](https://togithub.com/sequelize/sequelize/issues/14018)) ([99c612b](https://togithub.com/sequelize/sequelize/commit/99c612bf4ffe61da1564b482b1d3680172ddde34)) - **types:** improve branded types ([#​13990](https://togithub.com/sequelize/sequelize/issues/13990)) ([a578ea0](https://togithub.com/sequelize/sequelize/commit/a578ea001e0d8f0eddae41badc6814a2a527d9a9)) ### [`v6.15.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.15.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.14.1...v6.15.0) ##### Bug Fixes - **types:** deduplicate error typings ([#​14002](https://togithub.com/sequelize/sequelize/issues/14002)) ([fc28629](https://togithub.com/sequelize/sequelize/commit/fc2862905a2f34bd8dcbfe78fa66c20693be44b7)) ##### Features - add options.rawErrors to `Sequelize#query` method ([#​13881](https://togithub.com/sequelize/sequelize/issues/13881)) ([7c58851](https://togithub.com/sequelize/sequelize/commit/7c588511a37af5a5ab8c483bffa39a4060122d37)) ### [`v6.14.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.14.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.14.0...v6.14.1) ##### Bug Fixes - rollback PR [#​13951](https://togithub.com/sequelize/sequelize/issues/13951) in v6 ([#​14004](https://togithub.com/sequelize/sequelize/issues/14004)) ([1882f3c](https://togithub.com/sequelize/sequelize/commit/1882f3cd9c42c245d486950b3a9cb18b761e1536)) ### [`v6.14.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.14.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.13.0...v6.14.0) ##### Bug Fixes - don't call overloaded versions of find functions internally ([#​13951](https://togithub.com/sequelize/sequelize/issues/13951)) ([fc53cdb](https://togithub.com/sequelize/sequelize/commit/fc53cdbfbbf312d501c03f4268637795e43131d7)) - don't call overloaded versions of find functions internally ([#​13951](https://togithub.com/sequelize/sequelize/issues/13951)) ([b253d8e](https://togithub.com/sequelize/sequelize/commit/b253d8ed63c91bc2c7143f07806554b5a5ac67eb)) - **model.d:** fix type for `count` and `findAndCountAll` ([#​13786](https://togithub.com/sequelize/sequelize/issues/13786)) ([b06c1fc](https://togithub.com/sequelize/sequelize/commit/b06c1fc283cbd20af6031199ece075d8b10b0feb)) - **types:** add hooks to InstanceDestroyOptions type ([#​13491](https://togithub.com/sequelize/sequelize/issues/13491)) ([dbd9ea8](https://togithub.com/sequelize/sequelize/commit/dbd9ea8690d6d2209cf0d000239e87f93d02cbb0)) - **types:** add missing fields to FindOr{Create,Build}Options ([#​13389](https://togithub.com/sequelize/sequelize/issues/13389)) ([ef63f8f](https://togithub.com/sequelize/sequelize/commit/ef63f8f3900135f9d5d7869ee5a1f78dd4da0e76)) - **types:** fix QueryInterface#bulkInsert attribute arg type ([#​13945](https://togithub.com/sequelize/sequelize/issues/13945)) ([9e108e3](https://togithub.com/sequelize/sequelize/commit/9e108e3417c56df1b19db322cc7b0168d9bb3b85)) ##### Features - **types:** add `InferAttributes` utility type ([#​13909](https://togithub.com/sequelize/sequelize/issues/13909)) ([fd42687](https://togithub.com/sequelize/sequelize/commit/fd426876dca4d265f80147b6c2080e7400fa0129)) - **types:** add typings for DataTypes.TSVECTOR ([#​13940](https://togithub.com/sequelize/sequelize/issues/13940)) ([b8f0463](https://togithub.com/sequelize/sequelize/commit/b8f0463c30cc9ccb9386692e9acd7afbb9de5bd9)) - **types:** drop TypeScript < 4.1 ([#​13954](https://togithub.com/sequelize/sequelize/issues/13954)) ([dd49044](https://togithub.com/sequelize/sequelize/commit/dd49044bc7a1a0dace3e438881a32416fe68aaf6)) ### [`v6.13.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.13.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.12.5...v6.13.0) ##### Bug Fixes - fix typings for queries with {plain: true} option ([#​13899](https://togithub.com/sequelize/sequelize/issues/13899)) ([308d017](https://togithub.com/sequelize/sequelize/commit/308d0171ec3b2fd7d329c978e7885e6cc23466d0)) ##### Features - **mariadb:** add mariadb support in Sequelize.set function ([#​13926](https://togithub.com/sequelize/sequelize/issues/13926)) ([02bda05](https://togithub.com/sequelize/sequelize/commit/02bda05a0757773c0d71fa574e6217210adabecf)), closes [#​13920](https://togithub.com/sequelize/sequelize/issues/13920) - **postgres:** drop indices concurrently in Postgres ([#​13903](https://togithub.com/sequelize/sequelize/issues/13903)) ([37f20a6](https://togithub.com/sequelize/sequelize/commit/37f20a6028eecdd89a61c3db708506784105adfc)) ### [`v6.12.5`](https://togithub.com/sequelize/sequelize/releases/tag/v6.12.5) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.12.4...v6.12.5) ##### Bug Fixes - **dialect:** sequelize pool doesn't take effect in dialect "mssql" ([#​13880](https://togithub.com/sequelize/sequelize/issues/13880)) ([fc155b6](https://togithub.com/sequelize/sequelize/commit/fc155b627448e09420b4d8308736b8d3a74e2935)) - **model:** fix count with grouping typing ([#​13884](https://togithub.com/sequelize/sequelize/issues/13884)) ([49beb29](https://togithub.com/sequelize/sequelize/commit/49beb29ae757dde7b5eb531b0d857e39413ffb3b)), closes [#​13871](https://togithub.com/sequelize/sequelize/issues/13871) - **types:** improve ModelCtor / ModelStatic typing ([#​13890](https://togithub.com/sequelize/sequelize/issues/13890)) ([34aa808](https://togithub.com/sequelize/sequelize/commit/34aa808425371c9b7cdf43cfe8ec3141d33ade34)) - **types:** omit FK and scope keys in HasManyCreateAssociationMixin ([#​13892](https://togithub.com/sequelize/sequelize/issues/13892)) ([b315ce8](https://togithub.com/sequelize/sequelize/commit/b315ce8b967c5f6cf55a4f774aaca60306087bfb)) ### [`v6.12.4`](https://togithub.com/sequelize/sequelize/releases/tag/v6.12.4) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.12.3...v6.12.4) ##### Bug Fixes - **mssql/async-queue:** fix unable to start mysql due to circular ref ([#​13823](https://togithub.com/sequelize/sequelize/issues/13823)) ([49e8614](https://togithub.com/sequelize/sequelize/commit/49e861459ee88be334b3969f16d0e03582fd16f0)) ### [`v6.12.3`](https://togithub.com/sequelize/sequelize/releases/tag/v6.12.3) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.12.2...v6.12.3) ##### Bug Fixes - **data-types:** moment object throwing error ([#​13818](https://togithub.com/sequelize/sequelize/issues/13818)) ([78c7414](https://togithub.com/sequelize/sequelize/commit/78c7414ab6bcbb1adec161c0e223f248edb15511)) ### [`v6.12.2`](https://togithub.com/sequelize/sequelize/releases/tag/v6.12.2) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.12.1...v6.12.2) ##### Bug Fixes - **abstract:** patch jsonb operator for pg if value is json ([#​13780](https://togithub.com/sequelize/sequelize/issues/13780)) ([a2375c5](https://togithub.com/sequelize/sequelize/commit/a2375c5645dd89fb436707e95cc01b5c546eb7fc)) - **operators:** fix ts support for operators.ts ([#​13805](https://togithub.com/sequelize/sequelize/issues/13805)) ([b532ab1](https://togithub.com/sequelize/sequelize/commit/b532ab1dbdda2bfdb586b4ba0765147e71a86ae1)) - **postgres:** allows usage of schema for ARRAY(ENUM) type name ([#​13807](https://togithub.com/sequelize/sequelize/issues/13807)) ([da5b0ce](https://togithub.com/sequelize/sequelize/commit/da5b0ce2d35d0381b80e787f977a7aefb7cdca56)) - **query-interface:** bring back quoteIdentifier(s) to queryInterface ([#​13810](https://togithub.com/sequelize/sequelize/issues/13810)) ([001dc60](https://togithub.com/sequelize/sequelize/commit/001dc6006d24a14817c8e7744baf5d1d40eab520)) ### [`v6.12.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.12.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.12.0...v6.12.1) ##### Bug Fixes - allow deep imports ([#​13795](https://togithub.com/sequelize/sequelize/issues/13795)) ([1ecdaf9](https://togithub.com/sequelize/sequelize/commit/1ecdaf98308ae9b975ec3af7be209fd448043e6e)) - fix invalid ts import style of lib/operators ([#​13797](https://togithub.com/sequelize/sequelize/issues/13797)) ([8acc14f](https://togithub.com/sequelize/sequelize/commit/8acc14f3c639b2667ad4f79d963a3f365b2897a5)) ### [`v6.12.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.12.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.11.0...v6.12.0) ##### Bug Fixes - **data-types:** unnecessary warning when getting data with DATE dataTypes ([#​13712](https://togithub.com/sequelize/sequelize/issues/13712)) ([121884b](https://togithub.com/sequelize/sequelize/commit/121884b0d364e0be53e93bfd90d99b7e15449897)) - **docs:** add aws-lamda route ([#​13693](https://togithub.com/sequelize/sequelize/issues/13693)) ([3059bce](https://togithub.com/sequelize/sequelize/commit/3059bce6003ca77b5e67cf7d6d673597b704db0e)) - **example:** fix coordinates format as per GeoJson ([#​13718](https://togithub.com/sequelize/sequelize/issues/13718)) ([f9dec20](https://togithub.com/sequelize/sequelize/commit/f9dec20cd1c0f1ace931ca470f8787a7b4046a56)) - **increment:** fix key value broken query ([#​12985](https://togithub.com/sequelize/sequelize/issues/12985)) ([fc0b19e](https://togithub.com/sequelize/sequelize/commit/fc0b19e3cf95f0c4d749c3bf871077228be64bba)) - **model.d:** fix findAndCountAll.count type ([#​13736](https://togithub.com/sequelize/sequelize/issues/13736)) ([b7b472e](https://togithub.com/sequelize/sequelize/commit/b7b472e7a0a55ebd402f7bced3e330c3087bc75f)) - **snowflake:** fix to prevent disconnect attempt on already disconnected connection ([#​13775](https://togithub.com/sequelize/sequelize/issues/13775)) ([2a9a551](https://togithub.com/sequelize/sequelize/commit/2a9a551609be94ee233516a1a9b4119892249d9c)) - **types:** add Col to where Ops ([#​13717](https://togithub.com/sequelize/sequelize/issues/13717)) ([2d7b865](https://togithub.com/sequelize/sequelize/commit/2d7b8653a82f16eff4ee5a48d1fd6ec9ab785c76)) - **types:** add instance member declaration ([#​13684](https://togithub.com/sequelize/sequelize/issues/13684)) ([ae3cde5](https://togithub.com/sequelize/sequelize/commit/ae3cde54b62f2bd41f35a002ba7ddf54946ca0ee)) - **types:** add missing schema field to sequelize options ([c7a0839](https://togithub.com/sequelize/sequelize/commit/c7a0839ffc2923e2881b8cc31a251709a929a022)), closes [#​12606](https://togithub.com/sequelize/sequelize/issues/12606) - **types:** allow override json function with custom return type ([#​13694](https://togithub.com/sequelize/sequelize/issues/13694)) ([2c3b384](https://togithub.com/sequelize/sequelize/commit/2c3b384cad6d9b6e1527f05560b12fc0338eca87)) - **upsert:** fall back to DO NOTHING if no update key values provided ([#​13594](https://togithub.com/sequelize/sequelize/issues/13594)) ([4071378](https://togithub.com/sequelize/sequelize/commit/407137822a62897f7366980acd7eeceb443601b9)) - **upsert:** fall back to DO NOTHING if no update key values provided ([#​13711](https://togithub.com/sequelize/sequelize/issues/13711)) ([f9dfaa7](https://togithub.com/sequelize/sequelize/commit/f9dfaa7c533acad4ae88fd16b47c3a5805fb6e9b)), closes [#​13594](https://togithub.com/sequelize/sequelize/issues/13594) - wrong interface used within mixin ([#​13685](https://togithub.com/sequelize/sequelize/issues/13685)) ([bd3ddf5](https://togithub.com/sequelize/sequelize/commit/bd3ddf5a93a17cb729aa160a89a3ee04c329c0ed)) ##### Features - **dialects:** add experimental support for db2 ([#​13374](https://togithub.com/sequelize/sequelize/issues/13374)) ([4443d2a](https://togithub.com/sequelize/sequelize/commit/4443d2af14c78b21ff2a70f4aeb69bd9d3f8c2e2)) - **dialect:** snowflake dialect support ([#​13406](https://togithub.com/sequelize/sequelize/issues/13406)) ([ad68a5e](https://togithub.com/sequelize/sequelize/commit/ad68a5e5f07d7800ece68290de4d15e33ac7579a)) - **model:** complete getAttributes feature ([b6510df](https://togithub.com/sequelize/sequelize/commit/b6510df2bdb5fb22c508c3f348e11cbaf7065fbc)) - **typescript:** create alpha release with ts ([911125e](https://togithub.com/sequelize/sequelize/commit/911125e4a8daf56cb4f6461fd1281a83f5373f0c)) - **types:** transition lib/errors ([#​13710](https://togithub.com/sequelize/sequelize/issues/13710)) ([8cdce6a](https://togithub.com/sequelize/sequelize/commit/8cdce6aeb32b09e4bc1359250efcfacc6742501f)) - **upsert:** add conflictFields option ([#​13723](https://togithub.com/sequelize/sequelize/issues/13723)) ([496bede](https://togithub.com/sequelize/sequelize/commit/496bede2f9e48cce6fe378a1c174a8a9154e2f7e)) ### [`v6.11.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.11.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.10.0...v6.11.0) ##### Features - option for attributes having dotNotation ([#​13670](https://togithub.com/sequelize/sequelize/issues/13670)) ([41876f1](https://togithub.com/sequelize/sequelize/commit/41876f11a7ef2dec4f7788d8e39cf9864a9e83cd)) ### [`v6.10.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.10.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.9.0...v6.10.0) ##### Bug Fixes - typing on creation within an association ([#​13678](https://togithub.com/sequelize/sequelize/issues/13678)) ([0312f8e](https://togithub.com/sequelize/sequelize/commit/0312f8eac982b646842f89f56dc90f6c8f935c84)) - **logger:** change logging depth from 3 to 1 ([#​12879](https://togithub.com/sequelize/sequelize/issues/12879)) ([ddddc24](https://togithub.com/sequelize/sequelize/commit/ddddc244c2019a765ad889226584b8fb07ff50da)) - **mariadb:** fix MariaDB 10.5 JSON ([#​13633](https://togithub.com/sequelize/sequelize/issues/13633)) ([cdd61dd](https://togithub.com/sequelize/sequelize/commit/cdd61ddbe83cbfe77dc04a32196dcc66e0052f51)) - **model:** clone options object instead of modifying ([#​13589](https://togithub.com/sequelize/sequelize/issues/13589)) ([3be43de](https://togithub.com/sequelize/sequelize/commit/3be43deeb9a4e03cffb1d72ebc67a534a3c5dc19)) - **mssql:** fix sub query issue occurring with renamed primary key fields ([#​12801](https://togithub.com/sequelize/sequelize/issues/12801)) ([73d99ab](https://togithub.com/sequelize/sequelize/commit/73d99ab45c069119478d8ef39ff9391181d5578f)) - **mssql:** sqlserver 2008 fix for using offsets and include criteria ([47c4494](https://togithub.com/sequelize/sequelize/commit/47c4494968422585bf265063925d1662ffcd4173)) - **query:** make stacktraces include original calling code ([#​13347](https://togithub.com/sequelize/sequelize/issues/13347)) ([f581543](https://togithub.com/sequelize/sequelize/commit/f58154334d98038deafbecd017cf5719d1b13b7f)) - **types:** Add missing type definitions in models ([#​13553](https://togithub.com/sequelize/sequelize/issues/13553)) ([73ecf6c](https://togithub.com/sequelize/sequelize/commit/73ecf6cf33628eca38973c0eeb5c798dbba177e9)) - **types:** add specifc tojson type in model.d.ts ([#​13661](https://togithub.com/sequelize/sequelize/issues/13661)) ([5924be5](https://togithub.com/sequelize/sequelize/commit/5924be52152232fbd7a925d599c31cac9f90dc6d)) - **types:** DataType.TEXT overloading definition ([#​13654](https://togithub.com/sequelize/sequelize/issues/13654)) ([1690801](https://togithub.com/sequelize/sequelize/commit/1690801cda2ca15f32aaaf5e9ebd96e800808e36)) - **types:** include 'paranoid' in IncludeThroughOptions definition ([#​13625](https://togithub.com/sequelize/sequelize/issues/13625)) ([b1fb1f3](https://togithub.com/sequelize/sequelize/commit/b1fb1f32f7d66c013bbf015345a1076893ffd806)) - **types:** ne op documentation ([#​13666](https://togithub.com/sequelize/sequelize/issues/13666)) ([98485df](https://togithub.com/sequelize/sequelize/commit/98485dfcff501c565dbf453a54868a4dfe60a225)) - **types:** rename types and update CONTRIBUTING docs ([#​13348](https://togithub.com/sequelize/sequelize/issues/13348)) ([1f23924](https://togithub.com/sequelize/sequelize/commit/1f2392423212ca9a4604772c1d0a2f008606695e)) - expect result is null but got zero ([#​13637](https://togithub.com/sequelize/sequelize/issues/13637)) ([da3ac09](https://togithub.com/sequelize/sequelize/commit/da3ac091032856f8a74297eff9a9d89e7fc997e5)) ##### Features - **definitions:** Adds AbstractQuery and before/afterQuery hook definitions ([#​13635](https://togithub.com/sequelize/sequelize/issues/13635)) ([37a5858](https://togithub.com/sequelize/sequelize/commit/37a5858b1e635a28dee1da494f278753d489bbe8)) - **postgresql:** easier SSL config and options param support ([#​13673](https://togithub.com/sequelize/sequelize/issues/13673)) ([9591573](https://togithub.com/sequelize/sequelize/commit/95915739443f96996841dacfd6861e9d5ba35c1b)) ### [`v6.9.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.9.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.8.0...v6.9.0) ##### Bug Fixes - **docs:** using incorrect esdocs syntax ([#​13615](https://togithub.com/sequelize/sequelize/issues/13615)) ([c3c690b](https://togithub.com/sequelize/sequelize/commit/c3c690b90688941eab5c9efa6918314d52a9b8ef)) - **sqlite:** quote table names in sqlite getForeignKeysQuery ([#​13587](https://togithub.com/sequelize/sequelize/issues/13587)) ([eeb6a8f](https://togithub.com/sequelize/sequelize/commit/eeb6a8fbeb6549be038f2dbb0eefb414c7450653)) - **upsert:** do not overwrite an explcit created_at during upsert ([#​13593](https://togithub.com/sequelize/sequelize/issues/13593)) ([594cee8](https://togithub.com/sequelize/sequelize/commit/594cee88a54ef82709b04c5ffd9a1f03d76b2d18)) ##### Features - **mysql:** add support for MySQL v8 ([#​13618](https://togithub.com/sequelize/sequelize/issues/13618)) ([35978f0](https://togithub.com/sequelize/sequelize/commit/35978f0633efbefc3749363717378996b806cc95)) ### [`v6.8.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.8.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.7.0...v6.8.0) ##### Bug Fixes - **types:** allow any values in `isIn` validator ([#​12962](https://togithub.com/sequelize/sequelize/issues/12962)) ([d511d91](https://togithub.com/sequelize/sequelize/commit/d511d9164e0f469ccba40d94b4865b73466f64f5)) - allows insert primary key with zero ([#​13458](https://togithub.com/sequelize/sequelize/issues/13458)) ([e4aff2f](https://togithub.com/sequelize/sequelize/commit/e4aff2f6270bc52fbdc90bed6269537e2f9714e0)) - **model:** Convert number values only if they aren't null to avoid NaN ([199b632](https://togithub.com/sequelize/sequelize/commit/199b632b021830f9d09210fd7430045710638631)) - **model.d:** accept \[Op.is] in where (broken in TypeScript 4.4) ([#​13499](https://togithub.com/sequelize/sequelize/issues/13499)) ([d685a9a](https://togithub.com/sequelize/sequelize/commit/d685a9a76ad353aef6df61c19e4385aa9ba79368)) - **postgres:** fix `findCreateFind` to work with postgres transactions ([#​13482](https://togithub.com/sequelize/sequelize/issues/13482)) ([84421d7](https://togithub.com/sequelize/sequelize/commit/84421d7d738176ee6d0de705c493b145b9488532)) - **select:** do not force set `subQuery` to `false` ([#​13490](https://togithub.com/sequelize/sequelize/issues/13490)) ([0943339](https://togithub.com/sequelize/sequelize/commit/094333910e105bbc363321eb7557a582363a8f6d)) - **sqlite:** fix wrongly overwriting storage if empty string ([#​13376](https://togithub.com/sequelize/sequelize/issues/13376)) ([c3e608b](https://togithub.com/sequelize/sequelize/commit/c3e608b95a130b661ca01f9af42beaac5995d986)), closes [#​13375](https://togithub.com/sequelize/sequelize/issues/13375) - **types:** add missing upsert hooks ([#​13394](https://togithub.com/sequelize/sequelize/issues/13394)) ([5e9c209](https://togithub.com/sequelize/sequelize/commit/5e9c209cc8eaa1d38f33bb3ac2de8b8ab33929f2)) - **types:** extend BulkCreateOptions by SearchPathable ([#​13469](https://togithub.com/sequelize/sequelize/issues/13469)) ([47c2d05](https://togithub.com/sequelize/sequelize/commit/47c2d057f857e1eb197ac317f295798313dcedc0)), closes [#​13454](https://togithub.com/sequelize/sequelize/issues/13454) - **types:** typo in model.d.ts ([#​13574](https://togithub.com/sequelize/sequelize/issues/13574)) ([31d0fbc](https://togithub.com/sequelize/sequelize/commit/31d0fbce032073917b4b41f1bdde4fb1fe562f97)) ##### Features - **postgres:** support `query_timeout` dialect option ([#​13258](https://togithub.com/sequelize/sequelize/issues/13258)) ([3ca085d](https://togithub.com/sequelize/sequelize/commit/3ca085db318201fa59422a2ce191bcf76e5f37dc)) - **typings:** add UnknownConstraintError ([#​13461](https://togithub.com/sequelize/sequelize/issues/13461)) ([69d899e](https://togithub.com/sequelize/sequelize/commit/69d899e27b733adb24e4300b48c9bae91455932f)) ### [`v6.7.0`](https://togithub.com/sequelize/sequelize/releases/tag/v6.7.0) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.6.5...v6.7.0) ##### Bug Fixes - **deps:** upgrade to secure versions of dev deps ([#​13549](https://togithub.com/sequelize/sequelize/issues/13549)) ([cf53734](https://togithub.com/sequelize/sequelize/commit/cf537342b55bd4cf432f16b4b524737a6cb68ab4)) - **docs:** fix typo in documentation for polymorphic associations ([#​13405](https://togithub.com/sequelize/sequelize/issues/13405)) ([bbf3d76](https://togithub.com/sequelize/sequelize/commit/bbf3d76474f8520aa9d16d51bd35730774866e13)) - **types:** allow rangable to take a string tuple ([#​13486](https://togithub.com/sequelize/sequelize/issues/13486)) ([ca2a11a](https://togithub.com/sequelize/sequelize/commit/ca2a11aed603572f3277c2262d445ec9f464b326)) ##### Features - **test:** add test for nested column in where query ([#​13478](https://togithub.com/sequelize/sequelize/issues/13478)) ([26b62c7](https://togithub.com/sequelize/sequelize/commit/26b62c7c3e76fca81c76cabcaf58fff00b7c4da0)), closes [#​13288](https://togithub.com/sequelize/sequelize/issues/13288) - **types:** make config type deeply writeable for before connect hook ([#​13424](https://togithub.com/sequelize/sequelize/issues/13424)) ([f078f77](https://togithub.com/sequelize/sequelize/commit/f078f772d447e9148442ca4e9feae887e65adea0)) ### [`v6.6.5`](https://togithub.com/sequelize/sequelize/releases/tag/v6.6.5) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.6.4...v6.6.5) ##### Bug Fixes - **dependency:** upgrade validator ([#​13350](https://togithub.com/sequelize/sequelize/issues/13350)) ([56bb1d6](https://togithub.com/sequelize/sequelize/commit/56bb1d6ef9827f604d7bcef945abb7e213f2322d)) ### [`v6.6.4`](https://togithub.com/sequelize/sequelize/releases/tag/v6.6.4) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.6.2...v6.6.4) ##### Bug Fixes - **typings**: make `Transactionable` compatible with `TransactionOptions` ([#​13334](https://togithub.com/sequelize/sequelize/issues/13334)) ([cd2de40](https://togithub.com/sequelize/sequelize/commit/cd2de40)) - **utils**: clone attributes before mutating them ([#​13226](https://togithub.com/sequelize/sequelize/issues/13226)) ([1a16b91](https://togithub.com/sequelize/sequelize/commit/1a16b91)) - **data-types**: use proper field name for `ARRAY(ENUM)` ([#​13210](https://togithub.com/sequelize/sequelize/issues/13210)) ([1cfbd33](https://togithub.com/sequelize/sequelize/commit/1cfbd33)) - **typings**: fix `ignoreDuplicates` option ([#​13220](https://togithub.com/sequelize/sequelize/issues/13220)) ([b33d78e](https://togithub.com/sequelize/sequelize/commit/b33d78e)) - **typings**: allow `schema` for queryInterface methods ([#​13223](https://togithub.com/sequelize/sequelize/issues/13223)) ([6b0b532](https://togithub.com/sequelize/sequelize/commit/6b0b532)) - **typings**: restrict update typings ([#​13216](https://togithub.com/sequelize/sequelize/issues/13216)) ([63ceb73](https://togithub.com/sequelize/sequelize/commit/63ceb73)) - **typings**: `returning` can specify column names ([#​13215](https://togithub.com/sequelize/sequelize/issues/13215)) ([143cc84](https://togithub.com/sequelize/sequelize/commit/143cc84)) - **typings**: model init returns model class, not instance ([#​13214](https://togithub.com/sequelize/sequelize/issues/13214)) ([8f2a0d5](https://togithub.com/sequelize/sequelize/commit/8f2a0d5)) - **plurals**: bump inflection dependency ([#​13260](https://togithub.com/sequelize/sequelize/issues/13260)) ([deeb5c6](https://togithub.com/sequelize/sequelize/commit/deeb5c6)) - **bulk-create**: `ON CONFLICT` with unique index ([#​13345](https://togithub.com/sequelize/sequelize/issues/13345)) ([6dcb565](https://togithub.com/sequelize/sequelize/commit/6dcb565)) ### [`v6.6.2`](https://togithub.com/sequelize/sequelize/releases/tag/v6.6.2) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.6.1...v6.6.2) ##### Bug Fixes - **types:** fix `Model.prototype.previous()` ([#​13042](https://togithub.com/sequelize/sequelize/issues/13042)) ([5b16b32](https://togithub.com/sequelize/sequelize/commit/5b16b32259f0599a6af2d1eb625622da9054265e)) ### [`v6.6.1`](https://togithub.com/sequelize/sequelize/releases/tag/v6.6.1) [Compare Source](https://togithub.com/sequelize/sequelize/compare/v6.6.0...v6.6.1) ##### Bug Fixes - **query-generator:** use `AND` in sql for `not`/`between` ([#​13043](https://togithub.com/sequelize/sequelize/issues/13043)) ([a663c54](https://togithub.com/sequelize/sequelize/commit/a663c54989de6dc873fdc1825d77e3e9731451ad)) - **sqlite:** retrieve primary key on upsert ([#​12991](https://togithub.com/sequelize/sequelize/issues/12991)) ([023e1d9](https://togithub.com/sequelize/sequelize/commit/023e1d9aefe10d3c708f1580a979fb2b754bd0d3)) -

---

Configuration

📅 Schedule: Branch creation - "before 3am on the first day of the month" in timezone Europe/Stockholm, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.