[Snyk] Upgrade sequelize from 6.29.3 to 6.37.5

[morningstar-47]

Snyk has created this PR to upgrade sequelize from 6.29.3 to 6.37.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 17 versions ahead of your current version.

• The recommended version was released 3 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8446504	424	No Known Exploit
	Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8623536	424	No Known Exploit
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	424	No Known Exploit
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	424	No Known Exploit
	Prototype Pollution SNYK-JS-DOTTIE-3332763	424	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	424	Proof of Concept
	Prototype Pollution SNYK-JS-MYSQL2-6861580	424	Proof of Concept
	Information Exposure SNYK-JS-MONGODB-5871303	424	No Known Exploit
	Prototype Poisoning SNYK-JS-MYSQL2-6591084	424	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	424	No Known Exploit
	Cross-site Scripting SNYK-JS-EXPRESS-7926867	424	No Known Exploit
	Use of Web Browser Cache Containing Sensitive Information SNYK-JS-MYSQL2-6591300	424	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	424	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	424	Proof of Concept
	Server-Side Request Forgery (SSRF) SNYK-JS-IP-7148531	424	Proof of Concept
	Cross-site Scripting SNYK-JS-SEND-7926862	424	No Known Exploit
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	424	No Known Exploit
	Remote Code Execution (RCE) SNYK-JS-MYSQL2-6591085	424	Proof of Concept
	Arbitrary Code Injection SNYK-JS-MYSQL2-6670046	424	Proof of Concept

Release notes

Package name: sequelize

• 6.37.5 - 2024-10-25
  

  6.37.5 (2024-10-25)

  Bug Fixes

  • cast numbers in DataTypes.STRING to strings (#17564) (fce5ad3)
• 6.37.4 - 2024-10-04
  

  6.37.4 (2024-10-04)

  Bug Fixes

  • oracle: add support for Oracle Database 23ai (#17345) (b9e71a7)
  • oracle: validate input with TO_TIMESTAMP_TZ and TO_DATE (#17516) (5deadd2)
• 6.37.3 - 2024-04-13
  

  6.37.3 (2024-04-13)

  Bug Fixes

  • postgres: use schema for foreign key constrains of a table (#17099) (6aba382)
• 6.37.2 - 2024-03-29
  

  6.37.2 (2024-03-29)

  Bug Fixes

  • add readOnly to the transaction options types and docs (#17226) (7c8972f)
• 6.37.1 - 2024-02-18
• 6.37.0 - 2024-02-11
• 6.36.0 - 2024-02-02
• 6.35.2 - 2023-12-11
• 6.35.1 - 2023-11-19
• 6.35.0 - 2023-11-12
• 6.34.0 - 2023-11-03
• 6.33.0 - 2023-09-08
• 6.32.1 - 2023-06-17
• 6.32.0 - 2023-06-01
• 6.31.1 - 2023-05-01
• 6.31.0 - 2023-04-09
• 6.30.0 - 2023-03-24
• 6.29.3 - 2023-03-10

from sequelize GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs