Breaking Changes

Support for Node 6 and up

Sequelize v5 will only support Node 6 and up#9015

Secure Operators

With v4 you started to get a deprecation warningString based operators are now deprecated. Also concept of operators was introduced. These operators are Symbols which prevent hash injection attacks.

http://docs.sequelizejs.com/manual/querying.html#operators-security

With v5

• Operators are now enabled by default.
• You can still use string operators by passing an operators map inoperatorsAliases, but that will give you deprecation warning.
• Op.$raw is removed

Typescript Support

Sequelize now ship official typings#10287. You can consider migrating away from external typings which may get out of sync.

Pooling

With v5 Sequelize now usesequelize-pool which is a modernized fork ofgeneric-pool@2.5. You no longer need to callsequelize.close to shutdown pool, this helps with lambda executions.#8468

Model

Validators

Custom validators defined per attribute (as opposed to the custom validators defined in the model's options) now run when the attribute's value isnull andallowNull istrue (while previously they didn't run and the validation succeeded immediately). To avoid problems when upgrading, please check all your custom validators defined per attribute, whereallowNull istrue, and make sure all these validators behave correctly when the value isnull. See#9143.

Attributes

Model.attributes now removed, useModel.rawAttributes.#5320

Note:Please don't confuse this withoptions.attributes, they are still valid

Paranoid Mode

With v5 ifdeletedAt is set, record will be considered as deleted.paranoid option will only usedeletedAt as flag.#8496

Model.bulkCreate

updateOnDuplicate option which used to accept boolean and array, now only accepts non-empty array of attributes.#9288

Underscored Mode

Implementation ofModel.options.underscored is changed. You can find full specificationshere.

Main outline

1. BothunderscoredAll andunderscored options are merged into singleunderscored option
2. All attributes are now generated with camelcase naming by default. With theunderscored option set totrue, thefield option for attributes will be set as underscored version of attribute name.
3. underscored will control all attributes including timestamps, version and foreign keys. It will not affect any attribute which already specifies thefield option.

#9304

Removed aliases

Many model based aliases has been removed#9372

Datatypes

Range

Now supports only one standard format[{ value: 1, inclusive: true }, { value: 20, inclusive: false }]#9364

Case insensitive text

Added support forCITEXT for Postgres and SQLite

Removed

NONE type has been removed, useVIRTUAL instead

Hooks

Removed aliases

Hooks aliases has been removed#9372

Sequelize

Removed aliases

Prototype references for many constants, objects and classes has been removed#9372

importSequelizefrom'sequelize';constsequelize=newSequelize('postgres://user:password@127.0.0.1:mydb');
/**
 * In v4 you can do this
*/
console.log(sequelize.Op===Sequelize.Op)// logstrue
console.log(sequelize.UniqueConstraintError===Sequelize.UniqueConstraintError)// logstrue
Model.findAll({
where: {
[sequelize.Op.and]: [// Using sequelize.Op or Sequelize.Op interchangeably
{
name:"Abc"
},
{
age: {
[Sequelize.Op.gte]:18
}
}
]
}
}).catch(sequelize.ConnectionError, ()=> {
console.error('Something wrong with connection?');
});
/**
 * In v5 aliases has been removed from Sequelize prototype
 * You should use Sequelize directly to access Op, Errors etc
*/
Model.findAll({
where: {
[Sequelize.Op.and]: [// Dont use sequelize.Op, use Sequelize.Op instead
{
name:"Abc"
},
{
age: {
[Sequelize.Op.gte]:18
}
}
]
}
}).catch(Sequelize.ConnectionError, ()=> {
console.error('Something wrong with connection?');
});

Query Interface

• changeColumn no longer generates constraint with_idx suffix. Now Sequelize does not specify any name for constraints thus defaulting to database engine naming. This aligns behavior ofsync,createTable andchangeColumn.

Others

• Sequelize now use parameterized queries for all INSERT / UPDATE operations (except UPSERT). They provide better protection against SQL Injection attack.
• ValidationErrorItem now holds reference to original error in theoriginal property, rather than the__raw property.
• retry-as-promised has been updated to3.1.0, which useany-promise. This module repeat allsequelize.query operations. You can configureany-promise to usebluebird for better performance on Node 4 or 6
• Sequelize will throw for allundefined keys inwhere options, In past versionsundefined was converted tonull.

Dialect Specific

MSSQL

• Sequelize now works withtedious >= 6.0.0. OlddialectOptions has to be updated to match their new format. Please refer to tediousdocumentation. An example of newdialectOptions is given below

dialectOptions: {authentication: {domain:'my-domain'  },options: {requestTimeout:60000,cryptoCredentialsDetails: {ciphers:"RC4-MD5"    }  }}

MySQL

• Requiresmysql2 >= 1.5.2 for prepared statements

MariaDB

• dialect: 'mariadb' is nowsupported withmariadb package

Packages

• removed: terraformer-wkt-parser#9545
• removed:generic-pool
• added:sequelize-pool

Changelog

5.0.0-beta.17

• fix(build): default null for multiple primary keys
• fix(util): improve performance of classToInvokable#10534
• fix(model/update): propagate paranoid to individualHooks query#10369
• fix(association): use minimal select for hasAssociation#10529
• fix(query-interface): reject with error for describeTable#10528
• fix(model): throw for invalid include type#10527
• fix(types): additional options for db.query and add missing retry#10512
• fix(query): don't prepare options & sql for every retry#10498
• feat: expose Sequelize.BaseError
• feat: upgrade to tedious@6.0.0#10494
• feat(sqlite/query-generator): support restart identity for truncate-table#10522
• feat(data-types): handle numbers passed as objects#10492
• feat(types): enabled string association#10481
• feat(postgres): allow customizing client_min_messages#10448
• refactor(data-types): move to classes#10495
• docs(legacy): fix N:M example#10509
• docs(migrations): use migrationStorageTableSchema#10417
• docs(hooks): add documentation for connection hooks#10410
• docs(addIndex): concurrently option#10409
• docs(model): fix typo#10405
• docs(usage): fix broken link on Basic Usage#10381
• docs(package.json): add homepage#10372

5.0.0-beta.16

• feat: add typescript typings#10287
• fix(mysql): match with newlines in error message#10320
• fix(update): skips update when nothing to update#10248
• fix(utils): flattenObject for null values#10293
• fix(instance-validator): don't skip custom validators on null#9143
• docs(transaction): after save example#10280
• docs(query-generator): typo#10277
• refactor(errors): restructure#10355
• refactor(scope): documentation#9087#10312
• refactor: cleanup association and spread use#10276

5.0.0-beta.15

• fix(query-generator): fix addColumn create comment#10117
• fix(sync): throw when no models defined#10175
• fix(association): enable eager load with include all(#9928)#10173
• fix(sqlite): simplify connection error handling
• fix(model): prevent version number from being incremented as string#10217
• feat(dialect): mariadb#10192
• docs(migrations): improve dialect options docs
• docs: fix favicon#10242
• docs(model.init):attribute.column.validate option#10237
• docs(bulk-create): update support information about ignoreDuplicates
• docs: explain custom/new data types#10170
• docs(migrations): Simplify CLI Call#10201
• docs(migrations): added advanced skeleton example#10190
• docs(transaction): default isolation level#10111
• docs: typo in associations.md#10157
• refactor: reduce code complexity#10120
• refactor: optimize memoize use, misc cases#10122
• chore(lint): enforce consistent spacing#10193

5.0.0-beta.14

• fix(query): correctly quote identifier for attributes (#9964)#10118
• feat(postgres): dyanmic oids#10077
• fix(error): optimistic lock message#10068
• fix(package): update depd to version 2.0.0#10081
• fix(model): validate virtual attribute (#9947)#10085
• fix(test): actually test get method with raw option#10059
• fix(model): return deep cloned value for toJSON#10058
• fix(model): create instance with many-to-many association with extra column (#10034)#10050
• fix(query-generator): fix bad property access#10056
• docs(upgrade-to-v4): typo#10060
• docs(model-usage): order expression format#10061
• chore(package): update retry-as-promised to version 3.1.0#10065
• refactor(scopes): just in time options conforming#9735
• refactor: use sequelize-pool for pooling#10051
• refactor(*): cleanup code#10091
• refactor: use template strings#10055
• refactor(query-generation): cleanup template usage#10047

5.0.0-beta.13

• fix: throw on undefined where parameters#10048
• fix(model): improve wrong alias error message#10041
• feat(sqlite): CITEXT datatype#10036
• fix(postgres): remove if not exists and cascade from create/drop database queries#10033
• fix(syntax): correct parentheses around union#10003
• feat(query-interface): createDatabase / dropDatabase support#10027
• feat(postgres): CITEXT datatype#10024
• feat: pass uri query parameters to dialectOptions#10025
• docs(query-generator): remove doc about where raw query#10017
• fix(query): handle undefined field on unique constraint error#10018
• fix(model): sum returns zero when empty matching#9984
• feat(query-generator): add startsWith, endsWith and substring operators#9999
• docs(sequelize): correct jsdoc annotations for authenticate#10002
• docs(query-interface): add bulkUpdate docs#10005
• fix(tinyint): ignore params for TINYINT on postgres#9992
• fix(belongs-to): create now returns target model#9980
• refactor(model): remove .all alias#9975
• perf: fix memory leak due to instance reference by isImmutable#9973
• feat(sequelize): dialectModule option#9972
• fix(query): check valid warn message#9948
• fix(model): check for own property when overriding association mixins#9953
• fix(create-table): support for uniqueKeys#9946
• refactor(transaction): remove autocommit mode#9921
• feat(sequelize): getDatabaseName#9937
• refactor: remove aliases#9933
• feat(belongsToMany): override unique constraint name with uniqueKey#9914
• fix(postgres): properly disconnect connections#9911
• docs(instances.md): add section for restore()#9917
• docs(hooks.md): add warning about memory limits of individual hooks#9881
• fix(package): update debug to version 4.0.0#9908
• feat(postgres): support ignoreDuplicates with ON CONFLICT DO NOTHING#9883

5.0.0-beta.12

• fix(changeColumn): normalize attribute#9897
• feat(describeTable): support string length for mssql#9896
• feat(describeTable): support autoIncrement for mysql#9894
• fix(sqlite): unable to reference foreignKey on primaryKey#9893
• fix(postgres): enum with string COMMENT breaks query#9891
• fix(changeColumn): use engine defaults for foreign/unique key naming#9890
• fix(transaction): fixed unhandled rejection when connection acquire timeout#9879
• fix(sqlite): close connection properly and cleanup files#9851
• fix(model): incorrect error message for findCreateFind#9849

5.0.0-beta.11

• fix(count): duplicate mapping of fields break scopes#9788
• fix(model): bulkCreate should populate dataValues directly#9797
• fix(mysql): improve unique key violation handling#9724
• fix(separate): don't propagate group to separated queries#9754
• fix(scope): incorrect query generated when sequelize.fn used with scopes#9730
• fix(json): access included data with attributes#9662
• (fix): pass offset in UNION'ed queries#9577
• fix(destroy): attributes updated in a beforeDestroy hook are now persisted on soft delete#9319
• fix(addScope): only throw when defaultScope is defined#9703

5.0.0-beta.10

• fix(belongsToMany): association.add returns array of array of through records#9700
• feat: association hooks#9590
• fix(bulkCreate): dont map dataValue to fields for individualHooks:true#9672
• feat(postgres): drop enum support#9641
• feat(validation): improve validation for type#9660
• feat: allow querying sqlite_master table#9645
• fix(hasOne.sourceKey): setup sourceKeyAttribute for joins#9658
• fix: throw when type of array values is not defined#9649
• fix(query-generator): ignore undefined keys in query#9548
• fix(model): unable to override rejectOnEmpty#9632
• fix(reload): instance.changed() remains unaffected#9615
• feat(model): column level comments#9573
• docs: cleanup / correct jsdoc references#9702

5.0.0-beta.9

• fix(model): ignore undefined values in update payload#9587
• fix(mssql): set encrypt as default false for dialect options#9588
• fix(model): ignore VIRTUAL/getters with attributes.exclude#9568
• feat(data-types): CIDR, INET, MACADDR support for Postgres#9567
• fix: customize allowNull message with notNull validator#9549

5.0.0-beta.8

• feat(query-generator): Generate INSERT / UPDATE using bind parameters#9431#9492
• performance: remove terraformer-wkt-parser dependency#9545
• fix(constructor): set username, password, database via options in addition to connection string#9517
• fix(associations/belongs-to-many): catch EmptyResultError in set/add helpers#9535
• fix: sync with alter:true doesn't use field name#9529
• fix(UnknownConstraintError): improper handling of error options#9547

5.0.0-beta.7

• fix(data-types/blob): only return null for mysql binary null#9441
• fix(errors): use standard .original rather than .__raw for actual error
• fix(connection-manager): mssql datatype parsing#9470
• fix(query/removeConstraint): support schemas
• fix: use Buffer.from
• fix(transactions): return patched promise from sequelize.query#9473

5.0.0-beta.6

• fix(postgres/query-generator): syntax error with auto-increment SMALLINT#9406
• fix(postgres/range): inclusive property lost in JSON format#8471
• fix(postgres/range): range bound not applied#8176
• fix(mssql): no unique constraint error thrown for PRIMARY case#9415
• fix(query-generator): regexp operator escaping
• docs: various improvements and hinting update

5.0.0-beta.5

• fix: inject foreignKey when using separate:true#9396
• fix(isSoftDeleted): just use deletedAt as flag
• feat(hasOne): sourceKey support with key validation#9382
• fix(query-generator/deleteQuery): remove auto limit#9377
• feat(postgres): skip locked support#9197
• fix(mssql): case sensitive operation fails because of uppercased system table references#9337

5.0.0-beta.4

• change(model): setDataValue should not mark null to null as changed#9347
• change(mysql/connection-manager): do not execute SET time_zone query if keepDefaultTimezone config is true#9358
• feat(transactions): Add afterCommit hooks for transactions#9287

5.0.0-beta.3

• change(model): new options.underscored implementation#9304
• fix(mssql): duplicate order generated with limit offset#9307
• fix(scope): do not assign scope on eagerly loaded associations#9292
• change(bulkCreate): only support non-empty array as updateOnDuplicate

5.0.0-beta.2

• change(operators): Symbol operators now enabled by default, removed deprecation warning
• fix(model): don't add LIMIT in findOne() queries on unique key#9248
• fix(model): use schema when generating foreign keys#9029

5.0.0-beta.1

• fix(postgres): reserved words support#9236
• fix(findOrCreate): warn and handle unknown attributes in defaults
• fix(query-generator): 1-to-many join in subQuery filter missing where clause#9228

5.0.0-beta

• Model.attributes now removed, useModel.rawAttributes#5320
• paranoid mode will now treat any record withdeletedAt as deleted#8496
• Node 6 and up#9015

The new version differs by 316 commits ahead by 316, behind by 28.

• 0a9b8a65.1.0
• 6d84ceddocs: fix styling issue with long comments
• cf5aeeachore: v5 release (#10544)
• 1275de0docs: remove extra entries
• d6d9d815.0.0-beta.17
• bc6c133docs: v5.0.0-beta.17
• 4478d74chore: strict linting for code and jsdocs (#10535)
• f862e6bfix(util): improve performance of classToInvokable (#10534)
• a26193achore: enforce stricter linting (#10532)
• 786b19bfix(build): default null for multiple primary keys
• ae7d4b9feat: expose Sequelize.BaseError
• e03a537fix(tests): missing clock instance
• d7241f7fix(tests): path for instance tests
• 69b85c3refactor: instance tests
• 0c68590feat(sqlite/query-generator): support restart identity for truncate-table (#10522)

There are 250 commits in total.

See thefull diff

There is a collection offrequently asked questions. If those don’t help, you can alwaysask the humans behind Greenkeeper.