build(deps): bump @tootallnate/once and sqlite3

[dependabot]

Removes @tootallnate/once. It's no longer used after updating ancestor dependency sqlite3. These dependencies need to be updated together.

Removes @tootallnate/once

Updates sqlite3 from 5.1.7 to 6.0.1

Release notes

Sourced from sqlite3's releases.

v6.0.1

• Fixed prebuilt binaries for alpine/musl

Full Changelog: TryGhost/node-sqlite3@v6.0.0...v6.0.1

v6.0.0

What's Changed

• Mark repository as unmaintained by @​lsinger in TryGhost/node-sqlite3#1844
• v6.0.0 — Bump all dependencies, SQLite, and modernise CI by @​jonatansberg in TryGhost/node-sqlite3#1857

New Contributors

• @​lsinger made their first contribution in TryGhost/node-sqlite3#1844
• @​jonatansberg made their first contribution in TryGhost/node-sqlite3#1857

Full Changelog: TryGhost/node-sqlite3@v5.1.7...v6.0.0

Commits

• a7badce v6.0.1
• 0ed0c97 Fixed Alpine/musl builds, replaced QEMU with native ARM runners
• 20a3bd2 v6.0.0
• d808e57 Bumped bundled SQLite from 3.45.0 to 3.52.0
• a962b72 Bumped all dependencies and modernised CI for Node 20+/22+/24+
• 66d054a 2026
• a85f9e8 Mark repository as unmaintained (#1844)
• 528e15a 2025
• 2f0c799 Updated actions/upload-artifact to v4
• 1609684 Updated bundled SQLite to v3.45.0
• See full diff in compare view

Maintainer changes

This version was pushed to npm by jonatan-ghost, a new releaser for sqlite3 since your current version.

[cursor]

PR Summary

Medium Risk
Upgrading sqlite3 to a new major version changes native build/runtime dependencies and introduces tighter Node version constraints via transitive deps, which could break installs or persistence at runtime.

Overview
Upgrades the direct dependency sqlite3 from ^5.1.7 to ^6.0.1 in package.json.

Regenerates package-lock.json, replacing/removing several transitive packages (notably dropping @tootallnate/once) and pulling in newer node-gyp/fetch/cache toolchain dependencies with updated engine requirements.

^{Reviewed by Cursor Bugbot for commit 9d8c1a8. Bugbot is set up for automated code reviews on this repo. Configure here.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	sqlite3@​5.1.7 ⏵ 6.0.1

View full report

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 3a6c445. Configure here.}

[cursor]

Node.js engine requirement conflicts with sqlite3 v6

High Severity

The engines field still declares "node": ">=18.0.0", but sqlite3 v6.0.1 requires "node": ">=20.17.0". Users on Node 18 who rely on the declared engine constraint will install successfully but encounter runtime failures from the native sqlite3 module. The engines field needs to be updated to match the new minimum Node version required by sqlite3 6.x.

 

^{Reviewed by Cursor Bugbot for commit 3a6c445. Configure here.}

[dependabot]

Looks like these dependencies are no longer a dependency, so this is no longer needed.