[Snyk] Upgrade sqlite3 from 5.1.2 to 5.1.7 #487

ramachoon · 2025-10-01T05:55:21Z

Snyk has created this PR to upgrade sqlite3 from 5.1.2 to 5.1.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 6 versions ahead of your current version.
The recommended version was released 2 years ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	624	No Known Exploit
Server-side Request Forgery (SSRF) SNYK-JS-IP-12704893	624	Proof of Concept
Server-side Request Forgery (SSRF) SNYK-JS-IP-12761655	624	Proof of Concept
Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	624	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	624	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	624	Proof of Concept
Arbitrary Code Execution SNYK-JS-SQLITE3-3358947	624	No Known Exploit
Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	624	No Known Exploit
Open Redirect SNYK-JS-EXPRESS-6474509	624	No Known Exploit
Cross-site Scripting SNYK-JS-EXPRESS-7926867	624	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-HTTPCACHESEMANTICS-3248783	624	Proof of Concept
Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	624	Proof of Concept
Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	624	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	624	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	624	Proof of Concept
Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JS-TAR-6476909	624	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	624	Proof of Concept
Cross-site Scripting SNYK-JS-SEND-7926862	624	No Known Exploit
Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	624	No Known Exploit

Release notes

Package name: sqlite3

5.1.7 - 2024-01-05
What's Changed
- Updated bundled SQLite to v3.44.2 by @ daniellockyer
- Replaced @ mapbox/node-pre-gyp with prebuild + prebuild-install (605c7f9) by @ daniellockyer
  - this should fix a lot of bundling issues reported by the community
- Improved RowToJS performance by removing Napi::String::New instantiation by @ daniellockyer
- Various minor code refactors and improvements (thanks @ zenon8adams!)
New Contributors
- @ zenon8adams made their first contribution in #1701
Full Changelog: v5.1.6...v5.1.7
5.1.7-rc.0 - 2023-12-29
Please install v5.1.7 instead.

Full Changelog: v5.1.6...v5.1.7-rc.0
5.1.6 - 2023-03-14
What's Changed
- Fixed glibc compatibility by hardcoding lower version for log2 by @ daniellockyer
- Add generic type annotations for Statement and Database get/all/each methods callback rows by @ stevescruz in #1686
New Contributors
- @ stevescruz made their first contribution in #1686
Full Changelog: v5.1.5...v5.1.6
5.1.5 - 2023-03-13
What's Changed
- 🔒 Fixed code execution vulnerability due to Object coercion by @ daniellockyer
- Updated bundled SQLite to v3.41.1 by @ daniellockyer
- Fixed rpath linker option when using a custom sqlite by @ jeromew in #1654
Full Changelog: v5.1.4...v5.1.5
5.1.4 - 2022-12-12
What's Changed
- Fixed glibc compatibility by downgrading CI to Ubuntu 20 by @ daniellockyer in #1664
Full Changelog: v5.1.3...v5.1.4
5.1.3 - 2022-12-12
What's Changed
- Updated bundled SQLite to v3.40.0 by @ daniellockyer
Full Changelog: v5.1.2...v5.1.3
5.1.2 - 2022-10-03
What's Changed
- Updated bundled SQLite to v3.39.4 by @ daniellockyer
Full Changelog: v5.1.1...v5.1.2

from sqlite3 GitHub release notes

Important

Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade sqlite3 from 5.1.2 to 5.1.7. See this package in npm: sqlite3 See this project in Snyk: https://app.snyk.io/org/edward-potter818/project/ea234a21-786d-4945-ad5d-2f301bdf31eb?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Upgrade sqlite3 from 5.1.2 to 5.1.7 #487

[Snyk] Upgrade sqlite3 from 5.1.2 to 5.1.7 #487

Uh oh!

ramachoon commented Oct 1, 2025

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

What's Changed

What's Changed

What's Changed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

[Snyk] Upgrade sqlite3 from 5.1.2 to 5.1.7 #487

Are you sure you want to change the base?

[Snyk] Upgrade sqlite3 from 5.1.2 to 5.1.7 #487

Uh oh!

Conversation

ramachoon commented Oct 1, 2025

Snyk has created this PR to upgrade sqlite3 from 5.1.2 to 5.1.7.

Issues fixed by the recommended upgrade:

What's Changed

New Contributors

What's Changed

New Contributors

What's Changed

What's Changed

What's Changed

What's Changed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants