Skip to content

chore(deps): bump qs from 6.15.2 to 6.15.3 in the minor-production-deps group across 1 directory#341

Merged
erunion merged 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-production-deps-6160763558
Jul 3, 2026
Merged

chore(deps): bump qs from 6.15.2 to 6.15.3 in the minor-production-deps group across 1 directory#341
erunion merged 1 commit into
mainfrom
dependabot/npm_and_yarn/minor-production-deps-6160763558

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown

Bumps the minor-production-deps group with 1 update in the / directory: qs.

Updates qs from 6.15.2 to 6.15.3

Changelog

Sourced from qs's changelog.

6.15.3

  • [Fix] parse: enforce throwOnLimitExceeded for cumulative array growth via combine/merge
  • [Fix] utils: respect encoding of surrogate pairs across chunks (#559)
  • [Robustness] parse: throw the arrayLimit error before splitting oversized comma values
  • [Robustness] utils.merge / utils.assign: avoid invoking __proto__ setter when copying own properties
  • [Robustness] utils: enforce arrayLimit consistently across merge's array paths
  • [Perf] utils: make compact O(n) via a side-channel visited-set instead of Array.indexOf
  • [Deps] update side-channel
  • [Dev Deps] update eslint, mock-property, tape
  • [Tests] parse: characterize current lenient handling of unbalanced bracket keys (#558)
Commits
  • 18d085e v6.15.3
  • c38af42 [Deps] update side-channel
  • adce539 [Dev Deps] update eslint, mock-property, tape
  • 74a0f6a [Robustness] utils: enforce arrayLimit consistently across merge's arra...
  • f4938f5 [Tests] parse: characterize current lenient handling of unbalanced bracket ...
  • 5d5f723 [Perf] utils: make compact O(n) via a side-channel visited-set instead of...
  • 52afe00 [Robustness] parse: throw the arrayLimit error before splitting oversized...
  • 963e538 [Fix] parse: enforce throwOnLimitExceeded for cumulative array growth via...
  • 59da434 [Fix] utils: respect encoding of surrogate pairs across chunks
  • 9532969 [Robustness] utils.merge / utils.assign: avoid invoking __proto__ sette...
  • See full diff in compare view

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 1, 2026
@dependabot dependabot Bot requested a review from erunion as a code owner July 1, 2026 15:43
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 1, 2026
Bumps the minor-production-deps group with 1 update in the / directory: [qs](https://github.com/ljharb/qs).


Updates `qs` from 6.15.2 to 6.15.3
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.15.2...v6.15.3)

---
updated-dependencies:
- dependency-name: qs
  dependency-version: 6.15.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-production-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(deps): bump qs from 6.15.2 to 6.15.3 in the minor-production-deps group chore(deps): bump qs from 6.15.2 to 6.15.3 in the minor-production-deps group across 1 directory Jul 2, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/minor-production-deps-6160763558 branch from 5548547 to ec9ed49 Compare July 2, 2026 21:36
@erunion erunion merged commit e509937 into main Jul 3, 2026
13 of 14 checks passed
@erunion erunion deleted the dependabot/npm_and_yarn/minor-production-deps-6160763558 branch July 3, 2026 00:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant