From e0f30746c0535adca0aa509184d75a7bdd3da14b Mon Sep 17 00:00:00 2001
From: nik <n.nagoraynsky@gmail.com>
Date: Thu, 24 Jul 2025 23:57:35 +0300
Subject: [PATCH 1/3] feat(module): introduce option to disable automatic
 connection closing

The default behavior of closing the connection in the `onApplicationShutdown` hook can cause a race condition in applications with long-running background tasks, such as queue consumers. This leads to errors when an active task attempts to query the database after the connection has been closed.
This change introduces an `autoCloseConnection: boolean` option to the module configuration, defaulting to `true` for backward compatibility.
Setting `autoCloseConnection: false` prevents the automatic closing, allowing developers to manage the connection lifecycle manually at a later point in their own `onApplicationShutdown` logic for a more robust graceful shutdown.
---
 lib/interfaces/sequelize-options.interface.ts | 5 +++++
 lib/sequelize-core.module.ts                  | 8 ++++++++
 2 files changed, 13 insertions(+)

diff --git a/lib/interfaces/sequelize-options.interface.ts b/lib/interfaces/sequelize-options.interface.ts
index 7fcadfbe..ff92b7f8 100644
--- a/lib/interfaces/sequelize-options.interface.ts
+++ b/lib/interfaces/sequelize-options.interface.ts
@@ -33,6 +33,11 @@ export type SequelizeModuleOptions = {
    * Sequelize connection string
    */
   uri?: string;
+  /**
+   * If `true`, Sequelize connection will close automatically by `onApplicationShutdown` hook handler if shutdown lifecycle hooks are enabled.
+   * Default value is `true`
+   */
+  autoCloseConnection?: boolean;
 } & Partial<SequelizeOptions>;
 
 /**
diff --git a/lib/sequelize-core.module.ts b/lib/sequelize-core.module.ts
index 08a1d8d6..624c6471 100644
--- a/lib/sequelize-core.module.ts
+++ b/lib/sequelize-core.module.ts
@@ -85,6 +85,14 @@ export class SequelizeCoreModule implements OnApplicationShutdown {
   }
 
   async onApplicationShutdown() {
+    if (
+      typeof this.options.autoCloseConnection !== 'undefined' &&
+      !this.options.autoCloseConnection
+    ) {
+      /* Skip closing Sequelize connection automatically by shutdown hook */
+      return;
+    }
+
     const connection = this.moduleRef.get<Sequelize>(
       getConnectionToken(this.options as SequelizeOptions) as Type<Sequelize>,
     );

From bef6a032d7a09249f76007eb24739c26fc406786 Mon Sep 17 00:00:00 2001
From: nik <n.nagoraynsky@gmail.com>
Date: Thu, 24 Jul 2025 23:59:27 +0300
Subject: [PATCH 2/3] style(module): eslint fix of module file

---
 lib/sequelize-core.module.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/sequelize-core.module.ts b/lib/sequelize-core.module.ts
index 624c6471..f178e669 100644
--- a/lib/sequelize-core.module.ts
+++ b/lib/sequelize-core.module.ts
@@ -14,13 +14,13 @@ import {
   generateString,
   getConnectionToken,
   handleRetry,
-} from './common/sequelize.utils';
+} from './common';
 import { EntitiesMetadataStorage } from './entities-metadata.storage';
 import {
   SequelizeModuleAsyncOptions,
   SequelizeModuleOptions,
   SequelizeOptionsFactory,
-} from './interfaces/sequelize-options.interface';
+} from './interfaces';
 import {
   DEFAULT_CONNECTION_NAME,
   SEQUELIZE_MODULE_ID,

From 3aabb97034182f0012dab0d26aacf88daed3f452 Mon Sep 17 00:00:00 2001
From: nik <n.nagoraynsky@gmail.com>
Date: Fri, 25 Jul 2025 00:05:06 +0300
Subject: [PATCH 3/3] chore(deps): resolve security vulnerabilities

Running `npm audit fix` to update dependencies and resolve known security issues.
This addresses the following advisories:
- GHSA-xffm-g5w8-qvg7: ReDoS in @eslint/plugin-kit
- GHSA-v6h2-p8h4-qcjw: ReDoS in brace-expansion
---
 package-lock.json | 39 +++++++++++++--------------------------
 1 file changed, 13 insertions(+), 26 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index b67ab715..32c4afdd 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -961,9 +961,9 @@
       }
     },
     "node_modules/@eslint/core": {
-      "version": "0.14.0",
-      "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.14.0.tgz",
-      "integrity": "sha512-qIbV0/JZr7iSDjqAc60IqbLdsj9GDt16xQtWD+B78d/HAlvysGdZZ6rpJHGAc2T0FQx1X6thsSPdnoiGKdNtdg==",
+      "version": "0.15.1",
+      "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.15.1.tgz",
+      "integrity": "sha512-bkOp+iumZCCbt1K1CmWf0R9pM5yKpDv+ZXtvSyQpudrI9kuFLp+bM2WOPXImuD/ceQuaa8f5pj93Y7zyECIGNA==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -1058,13 +1058,13 @@
       }
     },
     "node_modules/@eslint/plugin-kit": {
-      "version": "0.3.1",
-      "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.3.1.tgz",
-      "integrity": "sha512-0J+zgWxHN+xXONWIyPWKFMgVuJoZuGiIFu8yxk7RJjxkzpGmyja5wRFqZIVtjDVOQpV+Rw0iOAjYPE2eQyjr0w==",
+      "version": "0.3.4",
+      "resolved": "https://registry.npmjs.org/@eslint/plugin-kit/-/plugin-kit-0.3.4.tgz",
+      "integrity": "sha512-Ul5l+lHEcw3L5+k8POx6r74mxEYKG5kOb6Xpy2gCRW6zweT6TEhAf8vhxGgjhqrd/VO/Dirhsb+1hNpD1ue9hw==",
       "dev": true,
       "license": "Apache-2.0",
       "dependencies": {
-        "@eslint/core": "^0.14.0",
+        "@eslint/core": "^0.15.1",
         "levn": "^0.4.1"
       },
       "engines": {
@@ -4213,9 +4213,9 @@
       }
     },
     "node_modules/brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.12.tgz",
+      "integrity": "sha512-9T9UjW3r0UW5c1Q7GTwllptXwhvYmEzFhzMfZ9H7FQWt+uZePjZPjBP/W1ZEyZ1twGWom5/56TF4lPcqjnDHcg==",
       "dev": true,
       "license": "MIT",
       "dependencies": {
@@ -5526,19 +5526,6 @@
         "url": "https://opencollective.com/eslint"
       }
     },
-    "node_modules/eslint/node_modules/@eslint/core": {
-      "version": "0.15.1",
-      "resolved": "https://registry.npmjs.org/@eslint/core/-/core-0.15.1.tgz",
-      "integrity": "sha512-bkOp+iumZCCbt1K1CmWf0R9pM5yKpDv+ZXtvSyQpudrI9kuFLp+bM2WOPXImuD/ceQuaa8f5pj93Y7zyECIGNA==",
-      "dev": true,
-      "license": "Apache-2.0",
-      "dependencies": {
-        "@types/json-schema": "^7.0.15"
-      },
-      "engines": {
-        "node": "^18.18.0 || ^20.9.0 || >=21.1.0"
-      }
-    },
     "node_modules/eslint/node_modules/ajv": {
       "version": "6.12.6",
       "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
@@ -6081,9 +6068,9 @@
       }
     },
     "node_modules/filelist/node_modules/brace-expansion": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.1.tgz",
-      "integrity": "sha512-XnAIvQ8eM+kC6aULx6wuQiwVsnzsi9d3WxzV3FpWTGA19F621kwdbsAcFKXgKUHZWsy+mY6iL1sHTxWEFCytDA==",
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-2.0.2.tgz",
+      "integrity": "sha512-Jt0vHyM+jmUBqojB7E1NIYadt0vI0Qxjxd2TErW94wDz+E2LAm5vKMXXwg6ZZBTHPuUlDgQHKXvjGBdfcF1ZDQ==",
       "dev": true,
       "license": "MIT",
       "dependencies": {