Update async package to resolve security vulnerabilities

dresende · Apr 14, 2022 · 72d0ce0 · 72d0ce0
1 parent de42d1f
commit 72d0ce0
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 49 deletions.
diff --git a/Changelog.md b/Changelog.md
@@ -1,5 +1,9 @@
+### v7.0.0
+- Update `async` package from v2 to v3 to resolve security vulnerabilities ([858](../../pull/858))
+- Drop support for node < 6 (due to `async` package update)
+
 ### v6.2.0
-- [Feature] Add `.driver.generateQuery` function - same as `.driver.execQuery` but returns the SQL instead of executing it
+- [Feature] Add `.driver.generateQuery` function - same as `.driver.execQuery` but returns the SQL instead of executing it ([857](../../pull/857))
 
 ### v6.1.0
 - [Feature] Accept options when calling `Model.create` ([856](../../pull/856))

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -12,7 +12,7 @@
     "sqlite",
     "mongodb"
   ],
-  "version": "6.2.0",
+  "version": "7.0.0",
   "license": "MIT",
   "homepage": "http://dresende.github.io/node-orm2",
   "repository": "http://github.com/dresende/node-orm2.git",
@@ -57,11 +57,11 @@
     "test": "nyc make test"
   },
   "engines": {
-    "node": ">= 4.0.0"
+    "node": ">= 6.0.0"
   },
   "analyse": false,
   "dependencies": {
-    "async": "~2.6.3",
+    "async": "~3.2.3",
     "bluebird": "3.5.1",
     "enforce": "0.1.7",
     "hat": "0.0.3",
@@ -73,7 +73,7 @@
   "devDependencies": {
     "chalk": "~4.1.2",
     "glob": "~7.2.0",
-    "mocha": "~9.1.3",
+    "mocha": "~9.2.2",
     "mongodb": "~1.4.10",
     "mysql": "~2.18.1",
     "nyc": "~15.1.0",