chore(deps): update dependency sqlite3 to v5.0.3 [security]

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
sqlite3	5.0.2 -> 5.0.3

GitHub Vulnerability Alerts

CVE-2022-21227

Affected versions of sqlite3 will experience a fatal error when supplying a specific object in the parameter array. This error causes the application to crash and could not be caught. Users of sqlite3 v5.0.0, v5.0.1 and v5.0.2 are affected by this. This issue is fixed in v5.0.3. All users are recommended to upgrade to v5.0.3 or later. Ensure there is sufficient sanitization in the parent application to protect against invalid values being supplied to binding parameters as a workaround.

---

Release Notes

TryGhost/node-sqlite3

v5.0.3

Compare Source

What's Changed

• Updated bundled SQLite to v3.38.2 - @​daniellockyer
• Enabled math functions in compiler options - @​kewde
• Updated node-gyp to v8.x - @​daniellockyer
• Re-enabled Node-API v6 builds - @​daniellockyer
• Fixed segfault of invalid toString() object by @​kewde in bug: fix segfault of invalid toString() object TryGhost/node-sqlite3#1450
• Fixed building on MacOS Monterey 12.3 - @​daniellockyer
• Replaced Python extraction script with JS by @​xPaw in Replaced Python extraction script with JS TryGhost/node-sqlite3#1570
• Switched prebuilt binary hosting to GitHub Releases - @​daniellockyer

Known Problems

• Prebuilt binaries from version 5.0.3 do not work on the Node v12 docker image TryGhost/node-sqlite3#1578 - the minimum glibc version for prebuilt binaries was bumped to 2.29. We hope to bring this back down within the next few releases but you will need to compile from source if your system ships with a lower version.
• Prebuilt binaries for Linux do not work on musl systems. This should be fixed with TryGhost/node-sqlite3@8b2cdd9 but you will need to compile from source to use v5.0.3.

Full Changelog: TryGhost/node-sqlite3@v5.0.2...v5.0.3

---

Configuration

📅 Schedule: "" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Renovate will not automatically rebase this PR, because other commits have been found.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

[codecov]

Codecov Report

Merging #994 (c247eca) into main (8b36fe1) will increase coverage by 0.08%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main     #994      +/-   ##
==========================================
+ Coverage   95.91%   95.99%   +0.08%     
==========================================
  Files          13       17       +4     
  Lines         856     1024     +168     
  Branches      178      208      +30     
==========================================
+ Hits          821      983     +162     
- Misses         35       41       +6     

Impacted Files	Coverage Δ
...de/opentelemetry-instrumentation-knex/src/utils.ts	88.88% <0.00%> (ø)
...pentelemetry-instrumentation-knex/src/constants.ts	100.00% <0.00%> (ø)
...emetry-instrumentation-knex/src/instrumentation.ts	98.78% <0.00%> (ø)
...tapackages/auto-instrumentations-node/src/utils.ts	97.91% <0.00%> (ø)