Update dependency sqlite3 to v6

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
sqlite3	dependencies	major	^5.0.2 → ^6.0.0

By merging this PR, the issue #2 will be automatically resolved and closed:

Severity	CVSS Score	Vulnerability
Critical	9.8	CVE-2021-44906
High	8.8	CVE-2026-23950
High	8.8	CVE-2026-23950
High	8.2	CVE-2021-32803
High	8.2	CVE-2021-32804
High	8.2	CVE-2021-32804
High	8.2	CVE-2021-37701
High	8.2	CVE-2021-37713
High	8.2	CVE-2021-37713
High	8.2	CVE-2026-24842
High	8.2	CVE-2026-24842
High	7.5	CVE-2026-27904
High	7.1	CVE-2026-26960
High	7.1	CVE-2026-26960
Medium	5.3	CVE-2022-25883
Low	3.1	CVE-2025-5889

---

Release Notes

TryGhost/node-sqlite3 (sqlite3)

v6.0.1

Compare Source

• Fixed prebuilt binaries for alpine/musl

Full Changelog: TryGhost/node-sqlite3@v6.0.0...v6.0.1

v5.1.7

Compare Source

What's Changed

• Updated bundled SQLite to v3.44.2 by @​daniellockyer
• Replaced @mapbox/node-pre-gyp with prebuild + prebuild-install (605c7f9) by @​daniellockyer
  • this should fix a lot of bundling issues reported by the community
• Improved RowToJS performance by removing Napi::String::New instantiation by @​daniellockyer
• Various minor code refactors and improvements (thanks @​zenon8adams!)

New Contributors

• @​zenon8adams made their first contribution in #​1701

Full Changelog: TryGhost/node-sqlite3@v5.1.6...v5.1.7

v5.1.6

Compare Source

What's Changed

• Fixed glibc compatibility by hardcoding lower version for log2 by @​daniellockyer
• Add generic type annotations for Statement and Database get/all/each methods callback rows by @​stevescruz in #​1686

New Contributors

• @​stevescruz made their first contribution in #​1686

Full Changelog: TryGhost/node-sqlite3@v5.1.5...v5.1.6

v5.1.5

Compare Source

What's Changed

• 🔒 Fixed code execution vulnerability due to Object coercion by @​daniellockyer
• Updated bundled SQLite to v3.41.1 by @​daniellockyer
• Fixed rpath linker option when using a custom sqlite by @​jeromew in #​1654

Full Changelog: TryGhost/node-sqlite3@v5.1.4...v5.1.5

v5.1.4

Compare Source

What's Changed

• Fixed glibc compatibility by downgrading CI to Ubuntu 20 by @​daniellockyer in #​1664

Full Changelog: TryGhost/node-sqlite3@v5.1.3...v5.1.4

v5.1.3

Compare Source

What's Changed

• Updated bundled SQLite to v3.40.0 by @​daniellockyer

Full Changelog: TryGhost/node-sqlite3@v5.1.2...v5.1.3

v5.1.2

Compare Source

What's Changed

• Updated bundled SQLite to v3.39.4 by @​daniellockyer

Full Changelog: TryGhost/node-sqlite3@v5.1.1...v5.1.2

v5.1.1

Compare Source

What's Changed

• Added Darwin ARM64 binaries by @​daniellockyer in #​1594

A huge thanks to MacStadium for providing an M1 Mac Mini so we can offer ARM64 binaries.

Full Changelog: TryGhost/node-sqlite3@v5.1.0...v5.1.1

v5.1.0

Compare Source

✨ We're very excited to announce node-sqlite3's first minor release of v5, packed with features and improvements.

If you encounter any problems, please open a detailed issue using the templates.

What's Changed

• Updated bundled SQLite to v3.39.3 by @​daniellockyer
• Added ability to receive updates from sqlite3_update_hook by @​soukand in #​1267
• Added support for setting SQLite limits by @​paulfitz in #​1548
• Added library types file by @​bpasero in #​1527
• Added package-lock.json to .gitignore by @​JoelEinbinder in #​1628
• Fixed remaining method declarations by @​alexanderfloh in #​1633
• Fixed importing sqlite3#verbose using destructuring syntax by @​mahdi-farnia in #​1632

New Contributors

• @​JoelEinbinder made their first contribution in #​1628
• @​mahdi-farnia made their first contribution in #​1632
• @​soukand made their first contribution in #​1267

Full Changelog: TryGhost/node-sqlite3@v5.0.11...v5.1.0

v5.0.11

Compare Source

What's Changed

• Restored compatibility for Alpine 3.15 by @​daniellockyer in #​1626

Full Changelog: TryGhost/node-sqlite3@v5.0.10...v5.0.11

v5.0.10

Compare Source

What's Changed

• Updated bundled SQLite to v3.39.2 by @​daniellockyer
• Addressed CodeQL warnings by @​bpasero in #​1614

New Contributors

• @​bpasero made their first contribution in #​1614

Full Changelog: TryGhost/node-sqlite3@v5.0.9...v5.0.10

v5.0.9

Compare Source

What's Changed

• Updated bundled SQLite to v3.39.1 by @​daniellockyer
• Fixed method declarations to conform with napi default for methods by @​alexanderfloh in #​1510
• Fixed propagation of async hook ids through callbacks by @​alexanderfloh in #​1511
• Updated sqlcipher homebrew CPPFLAGS location by @​frovere in #​1613

New Contributors

• @​alexanderfloh made their first contribution in #​1510
• @​frovere made their first contribution in #​1613

Full Changelog: TryGhost/node-sqlite3@v5.0.8...v5.0.9

v5.0.8

Compare Source

What's Changed

• Reverted 5063367, which was causing a segfault with certain queries (#​1605 and #​1606)

Full Changelog: TryGhost/node-sqlite3@v5.0.7...v5.0.8

v5.0.7

Compare Source

What's Changed

• Updated bundled SQLite to v3.38.4 by @​daniellockyer in #​1604
• Improved performance by fetching column names once by @​daniellockyer

Full Changelog: TryGhost/node-sqlite3@v5.0.6...v5.0.7

v5.0.6

Compare Source

What's Changed

• Updated bundled SQLite to v3.38.3 by @​daniellockyer in #​1593. This fixes an upstream bug in SQLite that was reported here: #​1589
• Added Node 18 to CI by @​daniellockyer in #​1587

Full Changelog: TryGhost/node-sqlite3@v5.0.5...v5.0.6

v5.0.5

Compare Source

What's Changed

• Fixed building on certain systems (#​1584) by @​daniellockyer
• General repository maintenance by @​daniellockyer

Thank you to everyone reporting issues with building sqlite3 or the prebuilt binaries 🙂 If you encounter an problem, please search open and closed issues for existing reports or open a new issue with as much system information as possible.

Full Changelog: TryGhost/node-sqlite3@v5.0.4...v5.0.5

v5.0.4

Compare Source

What's Changed

• Added prebuilt Linux musl binaries - @​daniellockyer
• Added prebuilt Linux ARM64 binaries - @​daniellockyer
• Fixed older glibc compatibility - @​daniellockyer

Full Changelog: TryGhost/node-sqlite3@v5.0.3...v5.0.4

v5.0.3

Compare Source

What's Changed

• Updated bundled SQLite to v3.38.2 - @​daniellockyer
• Enabled math functions in compiler options - @​kewde
• Updated node-gyp to v8.x - @​daniellockyer
• Re-enabled Node-API v6 builds - @​daniellockyer
• Fixed segfault of invalid toString() object by @​kewde in #​1450
• Fixed building on MacOS Monterey 12.3 - @​daniellockyer
• Replaced Python extraction script with JS by @​xPaw in #​1570
• Switched prebuilt binary hosting to GitHub Releases - @​daniellockyer

Known Problems

• #​1578 - the minimum glibc version for prebuilt binaries was bumped to 2.29. We hope to bring this back down within the next few releases but you will need to compile from source if your system ships with a lower version.
• Prebuilt binaries for Linux do not work on musl systems. This should be fixed with 8b2cdd9 but you will need to compile from source to use v5.0.3.

Full Changelog: TryGhost/node-sqlite3@v5.0.2...v5.0.3

---

• If you want to rebase/retry this PR, check this box