Skip to content

Bump qs from 6.15.1 to 6.15.3 in /meta_configurator#983

Open
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/meta_configurator/qs-6.15.2
Open

Bump qs from 6.15.1 to 6.15.3 in /meta_configurator#983
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/meta_configurator/qs-6.15.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 23, 2026

Copy link
Copy Markdown
Contributor

Bumps qs from 6.15.1 to 6.15.3.

Changelog

Sourced from qs's changelog.

6.15.3

  • [Fix] parse: enforce throwOnLimitExceeded for cumulative array growth via combine/merge
  • [Fix] utils: respect encoding of surrogate pairs across chunks (#559)
  • [Robustness] parse: throw the arrayLimit error before splitting oversized comma values
  • [Robustness] utils.merge / utils.assign: avoid invoking __proto__ setter when copying own properties
  • [Robustness] utils: enforce arrayLimit consistently across merge's array paths
  • [Perf] utils: make compact O(n) via a side-channel visited-set instead of Array.indexOf
  • [Deps] update side-channel
  • [Dev Deps] update eslint, mock-property, tape
  • [Tests] parse: characterize current lenient handling of unbalanced bracket keys (#558)

6.15.2

  • [Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + encodeValuesOnly instead of crashing in encoder
  • [Fix] stringify: use configured delimiter after charsetSentinel (#555)
  • [Fix] stringify: apply formatter to encoded key under strictNullHandling (#554)
  • [Fix] stringify: skip null/undefined filter-array entries instead of crashing in encoder (#551)
  • [Fix] parse: handle nested bracket groups and add regression tests (#530)
  • [readme] fix grammar (#550)
  • [Dev Deps] update @ljharb/eslint-config
  • [Tests] add regression tests for keys containing percent-encoded bracket text
Commits
  • 18d085e v6.15.3
  • c38af42 [Deps] update side-channel
  • adce539 [Dev Deps] update eslint, mock-property, tape
  • 74a0f6a [Robustness] utils: enforce arrayLimit consistently across merge's arra...
  • f4938f5 [Tests] parse: characterize current lenient handling of unbalanced bracket ...
  • 5d5f723 [Perf] utils: make compact O(n) via a side-channel visited-set instead of...
  • 52afe00 [Robustness] parse: throw the arrayLimit error before splitting oversized...
  • 963e538 [Fix] parse: enforce throwOnLimitExceeded for cumulative array growth via...
  • 59da434 [Fix] utils: respect encoding of surrogate pairs across chunks
  • 9532969 [Robustness] utils.merge / utils.assign: avoid invoking __proto__ sette...
  • Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 23, 2026
@Logende

Logende commented Jun 29, 2026

Copy link
Copy Markdown
Collaborator

@dependabot recreate

Bumps [qs](https://github.com/ljharb/qs) from 6.15.1 to 6.15.3.
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.15.1...v6.15.3)

---
updated-dependencies:
- dependency-name: qs
  dependency-version: 6.15.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump qs from 6.15.1 to 6.15.2 in /meta_configurator Bump qs from 6.15.1 to 6.15.3 in /meta_configurator Jun 29, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/meta_configurator/qs-6.15.2 branch from 8ec8155 to 6876e5e Compare June 29, 2026 09:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant