[Snyk] Upgrade sails from 1.3.1 to 1.5.11

[chrispeterson]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade sails from 1.3.1 to 1.5.11.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 17 versions ahead of your current version.

• The recommended version was released on 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Remote Code Execution (RCE) SNYK-JS-EJS-2803307	519	Proof of Concept
	Prototype Pollution SNYK-JS-INI-1048974	519	Proof of Concept
	Uncaught Exception SNYK-JS-SAILS-5808437	519	No Known Exploit
	Open Redirect SNYK-JS-EXPRESS-6474509	519	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ASYNC-7414156	519	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ASYNC-7414156	519	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ASYNC-7414156	519	No Known Exploit
	Arbitrary Code Injection SNYK-JS-EJS-1049328	519	Proof of Concept
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	519	No Known Exploit
	Prototype Pollution SNYK-JS-SAILS-2428337	519	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	519	Proof of Concept

Release notes

Package name: sails

• 1.5.11 - 2024-05-17
  

  What's Changed

  • Deps: bump ejs 3.1.7 » 3.1.10 by @ eashaw in #7340
  • Deps: Replace request devDependency with @ sailshq/request by @ eashaw in #7339
• 1.5.10 - 2024-04-09
  

  1.5.10

• 1.5.9 - 2024-01-04
  

  What's Changed

  • Fix #7297 & #7292 by @ eashaw in #7301
  • RPS hook: Future-proof by @ mikermcneil in #7311
• 1.5.8 - 2023-09-01
  

  1.5.8

• 1.5.7 - 2023-07-21
  

  What's Changed

  • [fix] update logic to display local URL by @ DominusKelvin in #7285
  • Upgrade semver dependency (v4.3.6 » v7.5.2) by @ eashaw in #7288
  • Improve virtual request parsing by @ mikermcneil in #7287

  Big thanks to @ ThomasRinsma at Codean!

  Full Changelog: v1.5.5...v1.5.7

• 1.5.6 - 2023-07-07
  

  1.5.6

• 1.5.5 - 2023-06-23
  

  What's Changed

  • ci: test builds on supported node versions by @ alxndrsn in #7069
  • [misc] Bring documentation into this repo by @ rachaelshaw in #7070
  • [misc] Change name of documentation folder + update links by @ rachaelshaw in #7075
  • [patch] fix typo in Events.md by @ DominusKelvin in #7086
  • [misc][docs] Adding more info about the unique attribute setting by @ eashaw in #7078
  • Update sails.config.connections.md by @ anilbhanushali in #7097
  • [proposal] sails-linker.js.md by @ jdsapariya18 in #7101
  • [patch] fix node 14 warnings by upgrading prompt dependency by @ DominusKelvin in #7084
  • [patch] change typo --no-front-end to --no-frontend in CLI flag help output by @ DominusKelvin in #7109
  • [misc] Wrong wording in update.md by @ anurbol in #7134
  • [misc] Wrong wording in destroy.md by @ anurbol in #7135
  • [misc] Update mongo tutorial to show usage with latest sails-mongo adapter by @ rachaelshaw in #7074
  • [patch] Updated "datastore configuration" link by @ AlanConstantino in #7079
  • [patch] upgrade sails-hook-orm dependency by @ eashaw in #7147
  • [patch] fix data type in docs (should be optional) by @ mikermcneil in #7151
  • [patch] Fix node deprecation warnings by @ eashaw in #7148
  • [fixes #7107] Change trustProxy isNaN check to _.isNaN by @ eashaw in #7146
  • [patch] Small text correction by @ zsteinkamp in #7158
  • Fix typo in sails-run.js by @ eltociear in #7174
  • [proposal] Add documentation regarding a breaking change in SSL connection syntax by @ jarodccrowe in #7175
  • [patch] correct misspelt waterline by @ DominusKelvin in #7176
  • [fixes #7168] Add support for latest version of connect-mongo by @ ElizabethForest in #7172
  • [misc] Add note about undefined attributes to upgrading docs by @ eashaw in #7181
  • [fixes #7201] Bump up prompt to 1.2.1 by @ dhwaneetbhatt in #7202
  • [misc] Upgrade sort-route-addresses dependency by @ eashaw in #7203
  • Update Permissions.md by @ pbkompasz in #7219
  • Update Travis CI configuration by @ eashaw in #7226
  • Update minimist dependency to v1.2.6 by @ eashaw in #7242
  • update async dependency to 2.6.4 by @ eashaw in #7244
  • Docs: Update session config docs by @ eashaw in #7245
  • Upgrade ejs dependency to 3.1.7 by @ eashaw in #7243
  • Update helpers.md docs to explain subfolders by @ itsalaidbacklife in #7263
  • bump expressjs to version 4.17.3 by @ f3lang in #7268
  • Removed "Newsgroup" link by @ Sampfluger88 in #7277
  • [feat] Implement custom inspect on sails.helpers by @ DominusKelvin in #7282

  New Contributors

  • @ alxndrsn made their first contribution in #7069
  • @ DominusKelvin made their first contribution in #7086
  • @ anilbhanushali made their first contribution in #7097
  • @ jdsapariya18 made their first contribution in #7101
  • @ anurbol made their first contribution in #7134
  • @ AlanConstantino made their first contribution in #7079
  • @ zsteinkamp made their first contribution in #7158
  • @ eltociear made their first contribution in #7174
  • @ jarodccrowe made their first contribution in #7175
  • @ ElizabethForest made their first contribution in #7172
  • @ dhwaneetbhatt made their first contribution in #7202
  • @ pbkompasz made their first contribution in #7219
  • @ itsalaidbacklife made their first contribution in #7263
  • @ f3lang made their first contribution in #7268
  • @ Sampfluger88 made their first contribution in #7277

  Full Changelog: v1.4.0...v1.5.5

• 1.5.4 - 2023-02-17
  

  1.5.4

• 1.5.3 - 2022-08-11
  

  1.5.3

• 1.5.2 - 2022-01-14
  

  1.5.2

• 1.5.1 - 2022-01-10
• 1.5.0 - 2021-09-16
• 1.4.4 - 2021-07-27
• 1.4.3 - 2021-05-17
• 1.4.2 - 2021-03-10
• 1.4.1 - 2021-03-10
• 1.4.0 - 2020-10-09
• 1.3.1 - 2020-09-08

from sails GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs