[Snyk] Upgrade sqlite3 from 5.0.0 to 5.1.7

[GLOBAL-FINTECH]

Snyk has created this PR to upgrade sqlite3 from 5.0.0 to 5.1.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 20 versions ahead of your current version.

• The recommended version was released a year ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	646	No Known Exploit
	Code Injection SNYK-JS-LODASH-1040724	646	Proof of Concept
	Directory Traversal SNYK-JS-MOMENT-2440688	646	No Known Exploit
	SQL Injection SNYK-JS-SEQUELIZE-2959225	646	No Known Exploit
	Improper Filtering of Special Elements SNYK-JS-SEQUELIZE-3324088	646	No Known Exploit
	Denial of Service (DoS) SNYK-JS-SQLITE3-2388645	646	Proof of Concept
	Arbitrary Code Execution SNYK-JS-SQLITE3-3358947	646	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	646	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	646	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	646	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	646	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	646	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	646	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	646	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	646	No Known Exploit
	Prototype Pollution SNYK-JS-DOTTIE-3332763	646	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579147	646	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	646	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	646	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	646	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	646	Proof of Concept
	Information Exposure SNYK-JS-SEQUELIZE-3324089	646	No Known Exploit
	Access of Resource Using Incompatible Type ('Type Confusion') SNYK-JS-SEQUELIZE-3324090	646	No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	646	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	646	Proof of Concept
	Remote Memory Exposure SNYK-JS-NODEADDONAPI-571001	646	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	646	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	646	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	646	No Known Exploit
	SQL Injection SNYK-JS-SEQUELIZE-2932027	646	Proof of Concept

Release notes

Package name: sqlite3

• 5.1.7 - 2024-01-05
  

  What's Changed

  • Updated bundled SQLite to v3.44.2 by @ daniellockyer
  • Replaced @ mapbox/node-pre-gyp with prebuild + prebuild-install (605c7f9) by @ daniellockyer
    • this should fix a lot of bundling issues reported by the community
  • Improved RowToJS performance by removing Napi::String::New instantiation by @ daniellockyer
  • Various minor code refactors and improvements (thanks @ zenon8adams!)

  New Contributors

  • @ zenon8adams made their first contribution in #1701

  Full Changelog: v5.1.6...v5.1.7

• 5.1.7-rc.0 - 2023-12-29
  

  Please install v5.1.7 instead.

  Full Changelog: v5.1.6...v5.1.7-rc.0

• 5.1.6 - 2023-03-14
  

  What's Changed

  • Fixed glibc compatibility by hardcoding lower version for log2 by @ daniellockyer
  • Add generic type annotations for Statement and Database get/all/each methods callback rows by @ stevescruz in #1686

  New Contributors

  • @ stevescruz made their first contribution in #1686

  Full Changelog: v5.1.5...v5.1.6

• 5.1.5 - 2023-03-13
  

  What's Changed

  • 🔒 Fixed code execution vulnerability due to Object coercion by @ daniellockyer
  • Updated bundled SQLite to v3.41.1 by @ daniellockyer
  • Fixed rpath linker option when using a custom sqlite by @ jeromew in #1654

  Full Changelog: v5.1.4...v5.1.5

• 5.1.4 - 2022-12-12
  

  What's Changed

  • Fixed glibc compatibility by downgrading CI to Ubuntu 20 by @ daniellockyer in #1664

  Full Changelog: v5.1.3...v5.1.4

• 5.1.3 - 2022-12-12
  

  What's Changed

  • Updated bundled SQLite to v3.40.0 by @ daniellockyer

  Full Changelog: v5.1.2...v5.1.3

• 5.1.2 - 2022-10-03
  

  What's Changed

  • Updated bundled SQLite to v3.39.4 by @ daniellockyer

  Full Changelog: v5.1.1...v5.1.2

• 5.1.1 - 2022-09-15
  

  What's Changed

  • Added Darwin ARM64 binaries by @ daniellockyer in #1594

  A huge thanks to MacStadium for providing an M1 Mac Mini so we can offer ARM64 binaries.

  Full Changelog: v5.1.0...v5.1.1

• 5.1.0 - 2022-09-14
  

  ✨ We're very excited to announce node-sqlite3's first minor release of v5, packed with features and improvements.

  If you encounter any problems, please open a detailed issue using the templates.

  What's Changed

  • Updated bundled SQLite to v3.39.3 by @ daniellockyer
  • Added ability to receive updates from sqlite3_update_hook by @ soukand in #1267
  • Added support for setting SQLite limits by @ paulfitz in #1548
  • Added library types file by @ bpasero in #1527
  • Added package-lock.json to .gitignore by @ JoelEinbinder in #1628
  • Fixed remaining method declarations by @ alexanderfloh in #1633
  • Fixed importing sqlite3#verbose using destructuring syntax by @ mahdi-farnia in #1632

  New Contributors

  • @ JoelEinbinder made their first contribution in #1628
  • @ mahdi-farnia made their first contribution in #1632
  • @ soukand made their first contribution in #1267

  Full Changelog: v5.0.11...v5.1.0

• 5.0.11 - 2022-07-31
  

  What's Changed

  • Restored compatibility for Alpine 3.15 by @ daniellockyer in #1626

  Full Changelog: v5.0.10...v5.0.11

• 5.0.10 - 2022-07-22
• 5.0.9 - 2022-07-14
• 5.0.8 - 2022-05-06
• 5.0.7 - 2022-05-05
• 5.0.6 - 2022-04-27
• 5.0.5 - 2022-04-22
• 5.0.4 - 2022-04-18
• 5.0.3 - 2022-04-13
• 5.0.2 - 2021-02-15
• 5.0.1 - 2021-01-08
• 5.0.0 - 2020-07-01

from sqlite3 GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[openzeppelin-code]

[Snyk] Upgrade sqlite3 from 5.0.0 to 5.1.7

Generated at commit: cea988474f41eaf15751dcf54b5749817fbafda6

🚨 Report Summary

	Severity Level	Results
Contracts	Critical High Medium Low Note Total	0 0 0 0 0 0
Dependencies	Critical High Medium Low Note Total	0 0 0 0 0 0

---

For more details view the full report in OpenZeppelin Code Inspector