chore(deps): bump sqlite3 from 5.1.4 to 5.1.5

[dependabot]

Bumps sqlite3 from 5.1.4 to 5.1.5.

Release notes

Sourced from sqlite3's releases.

v5.1.5

What's Changed

• 🔒 Fixed code execution vulnerability due to Object coercion by @​daniellockyer
• Updated bundled SQLite to v3.41.1 by @​daniellockyer
• Fixed rpath linker option when using a custom sqlite by @​jeromew in TryGhost/node-sqlite3#1654

Full Changelog: TryGhost/node-sqlite3@v5.1.4...v5.1.5

Commits

• 6a806f8 v5.1.5
• edb1934 Fixed code execution vulnerability due to Object coercion
• 3a48888 Updated bundled SQLite to v3.41.1
• c1440bd Fixed rpath linker option when using a custom sqlite (#1654)
• 93affa4 Update microsoft/setup-msbuild action to v1.3
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @beauraines.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[beauraines]

@dependabot merge

…

-- Beau Raines ***@***.*** 425.654.4663 (voice and sms) beau.raines (skype) LinkedIn www.linkedin.com/in/beauraines/

On Mon, Mar 13, 2023, 10:06 AM dependabot[bot] ***@***.***> wrote: Bumps sqlite3 <https://github.com/TryGhost/node-sqlite3> from 5.1.4 to 5.1.5. Release notes *Sourced from sqlite3's releases <https://github.com/TryGhost/node-sqlite3/releases>.* v5.1.5 What's Changed - 🔒 Fixed code execution vulnerability due to Object coercion by @​daniellockyer <https://github.com/daniellockyer> - Updated bundled SQLite to v3.41.1 by @​daniellockyer <https://github.com/daniellockyer> - Fixed rpath linker option when using a custom sqlite by @​jeromew <https://github.com/jeromew> in TryGhost/node-sqlite3#1654 <https://redirect.github.com/TryGhost/node-sqlite3/pull/1654> *Full Changelog*: ***@***.*** <TryGhost/node-sqlite3@v5.1.4...v5.1.5> Commits - 6a806f8 <TryGhost/node-sqlite3@6a806f8> v5.1.5 - edb1934 <TryGhost/node-sqlite3@edb1934> Fixed code execution vulnerability due to Object coercion - 3a48888 <TryGhost/node-sqlite3@3a48888> Updated bundled SQLite to v3.41.1 - c1440bd <TryGhost/node-sqlite3@c1440bd> Fixed rpath linker option when using a custom sqlite (#1654 <https://redirect.github.com/TryGhost/node-sqlite3/issues/1654>) - 93affa4 <TryGhost/node-sqlite3@93affa4> Update microsoft/setup-msbuild action to v1.3 - See full diff in compare view <TryGhost/node-sqlite3@v5.1.4...v5.1.5> [image: Dependabot compatibility score] <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. ------------------------------ Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - @dependabot rebase will rebase this PR - @dependabot recreate will recreate this PR, overwriting any edits that have been made to it - @dependabot merge will merge this PR after your CI passes on it - @dependabot squash and merge will squash and merge this PR after your CI passes on it - @dependabot cancel merge will cancel a previously requested merge and block automerging - @dependabot reopen will reopen this PR if it is closed - @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) ------------------------------ You can view, comment on, or merge this pull request online at: #19 Commit Summary - 360d4e3 <360d4e3> chore(deps): bump sqlite3 from 5.1.4 to 5.1.5 File Changes (1 file <https://github.com/beauraines/node-helpers/pull/19/files>) - *M* package-lock.json <https://github.com/beauraines/node-helpers/pull/19/files#diff-053150b640a7ce75eff69d1a22cae7f0f94ad64ce9a855db544dda0929316519> (6) Patch Links: - https://github.com/beauraines/node-helpers/pull/19.patch - https://github.com/beauraines/node-helpers/pull/19.diff — Reply to this email directly, view it on GitHub <#19>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAQV3MMTR2YH5G3LQFYXNITW35HZLANCNFSM6AAAAAAVZLKIRA> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[dependabot]

Superseded by #20.