[Snyk] Upgrade sqlite3 from 4.1.1 to 5.1.7

[WontonSam]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade sqlite3 from 4.1.1 to 5.1.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 22 versions ahead of your current version.

• The recommended version was released on 6 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Prototype Poisoning SNYK-JS-QS-3153490	161	Proof of Concept
	Prototype Pollution SNYK-JS-AJV-584908	161	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	161	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	161	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	161	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	161	Proof of Concept
	Denial of Service (DoS) SNYK-JS-SQLITE3-2388645	161	Proof of Concept
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	161	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	161	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	161	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	161	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579155	161	No Known Exploit
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	161	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	161	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-559764	161	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-559764	161	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-REQUEST-3361831	161	Proof of Concept
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	161	Proof of Concept
	Prototype Pollution SNYK-JS-TOUGHCOOKIE-5672873	161	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	161	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	161	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	161	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:debug:20170905	161	Proof of Concept

Release notes

Package name: sqlite3

• 5.1.7 - 2024-01-05
  

  What's Changed

  • Updated bundled SQLite to v3.44.2 by @ daniellockyer
  • Replaced @ mapbox/node-pre-gyp with prebuild + prebuild-install (605c7f9) by @ daniellockyer
    • this should fix a lot of bundling issues reported by the community
  • Improved RowToJS performance by removing Napi::String::New instantiation by @ daniellockyer
  • Various minor code refactors and improvements (thanks @ zenon8adams!)

  New Contributors

  • @ zenon8adams made their first contribution in #1701

  Full Changelog: v5.1.6...v5.1.7

• 5.1.7-rc.0 - 2023-12-29
  

  Please install v5.1.7 instead.

  Full Changelog: v5.1.6...v5.1.7-rc.0

• 5.1.6 - 2023-03-14
  

  What's Changed

  • Fixed glibc compatibility by hardcoding lower version for log2 by @ daniellockyer
  • Add generic type annotations for Statement and Database get/all/each methods callback rows by @ stevescruz in #1686

  New Contributors

  • @ stevescruz made their first contribution in #1686

  Full Changelog: v5.1.5...v5.1.6

• 5.1.5 - 2023-03-13
  

  What's Changed

  • 🔒 Fixed code execution vulnerability due to Object coercion by @ daniellockyer
  • Updated bundled SQLite to v3.41.1 by @ daniellockyer
  • Fixed rpath linker option when using a custom sqlite by @ jeromew in #1654

  Full Changelog: v5.1.4...v5.1.5

• 5.1.4 - 2022-12-12
  

  What's Changed

  • Fixed glibc compatibility by downgrading CI to Ubuntu 20 by @ daniellockyer in #1664

  Full Changelog: v5.1.3...v5.1.4

• 5.1.3 - 2022-12-12
  

  What's Changed

  • Updated bundled SQLite to v3.40.0 by @ daniellockyer

  Full Changelog: v5.1.2...v5.1.3

• 5.1.2 - 2022-10-03
  

  What's Changed

  • Updated bundled SQLite to v3.39.4 by @ daniellockyer

  Full Changelog: v5.1.1...v5.1.2

• 5.1.1 - 2022-09-15
  

  What's Changed

  • Added Darwin ARM64 binaries by @ daniellockyer in #1594

  A huge thanks to MacStadium for providing an M1 Mac Mini so we can offer ARM64 binaries.

  Full Changelog: v5.1.0...v5.1.1

• 5.1.0 - 2022-09-14
  

  ✨ We're very excited to announce node-sqlite3's first minor release of v5, packed with features and improvements.

  If you encounter any problems, please open a detailed issue using the templates.

  What's Changed

  • Updated bundled SQLite to v3.39.3 by @ daniellockyer
  • Added ability to receive updates from sqlite3_update_hook by @ soukand in #1267
  • Added support for setting SQLite limits by @ paulfitz in #1548
  • Added library types file by @ bpasero in #1527
  • Added package-lock.json to .gitignore by @ JoelEinbinder in #1628
  • Fixed remaining method declarations by @ alexanderfloh in #1633
  • Fixed importing sqlite3#verbose using destructuring syntax by @ mahdi-farnia in #1632

  New Contributors

  • @ JoelEinbinder made their first contribution in #1628
  • @ mahdi-farnia made their first contribution in #1632
  • @ soukand made their first contribution in #1267

  Full Changelog: v5.0.11...v5.1.0

• 5.0.11 - 2022-07-31
  

  What's Changed

  • Restored compatibility for Alpine 3.15 by @ daniellockyer in #1626

  Full Changelog: v5.0.10...v5.0.11

• 5.0.10 - 2022-07-22
• 5.0.9 - 2022-07-14
• 5.0.8 - 2022-05-06
• 5.0.7 - 2022-05-05
• 5.0.6 - 2022-04-27
• 5.0.5 - 2022-04-22
• 5.0.4 - 2022-04-18
• 5.0.3 - 2022-04-13
• 5.0.2 - 2021-02-15
• 5.0.1 - 2021-01-08
• 5.0.0 - 2020-07-01
• 4.2.0 - 2020-04-27
• 4.1.1 - 2019-12-05

from sqlite3 GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.