chore(deps): update dependency qs to v6.10.7 (master) by mend-for-github-com[bot] · Pull Request #928 · opentok/opentok-rtc

mend-for-github-com · 2025-09-26T00:30:59Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
qs	`6.9.4` → `6.10.7`

This PR resolves the vulnerabilities described in Issue #829

Version 6.9.4

Risk Change	Critical	High	Medium	Low
N/A	0	1	0	2

Version 6.10.7

Risk Change	Critical	High	Medium	Low
-100%	0 (--)	0 (-1 )	0 (--)	0 (-2 )

Version 6.15.1

Risk Change	Critical	High	Medium	Low
-99%	0 (--)	0 (-1 )	1 (+1)	0 (-2 )

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

Release Notes

ljharb/qs (qs)

`v6.10.7`

Compare Source

[Fix] fix regressions from robustness refactor
[actions] update reusable workflows

`v6.10.6`

Compare Source

[Robustness] avoid .push, use void
[readme] clarify parseArrays and arrayLimit documentation (#543)
[readme] document that addQueryPrefix does not add ? to empty output (#418)
[readme] replace runkit CI badge with shields.io check-runs badge
[actions] fix rebase workflow permissions

`v6.10.5`

Compare Source

[Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

`v6.10.4`

Compare Source

[Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
[meta] use npmignore to autogenerate an npmignore file
[Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

`v6.10.3`

Compare Source

[Fix] parse: ignore __proto__ keys (#428)
[Robustness] stringify: avoid relying on a global undefined (#427)
[actions] reuse common workflows
[Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

`v6.10.2`

Compare Source

[Fix] stringify: actually fix cyclic references (#426)
[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
[readme] remove travis badge; add github actions/codecov badges; update URLs
[Docs] add note and links for coercing primitive values (#408)
[actions] update codecov uploader
[actions] update workflows
[Tests] clean up stringify tests slightly
[Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

`v6.10.1`

Compare Source

[Fix] stringify: avoid exception on repeated object values (#402)

`v6.10.0`

Compare Source

[New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
[New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
[meta] fix README.md (#399)
[meta] only run npm run dist in publish, not install
[Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
[Tests] fix tests on node v0.6
[Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
[Tests] Revert "[meta] ignore eclint transitive audit warning"

`v6.9.9`

Compare Source

[Fix] fix regressions from robustness refactor
[meta] add npmignore to autogenerate an npmignore file
[actions] update reusable workflows

`v6.9.8`

Compare Source

[Robustness] avoid .push, use void
[readme] clarify parseArrays and arrayLimit documentation (#543)
[readme] document that addQueryPrefix does not add ? to empty output (#418)
[readme] replace runkit CI badge with shields.io check-runs badge
[actions] fix rebase workflow permissions

`v6.9.7`

Compare Source

[Fix] parse: ignore __proto__ keys (#428)
[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
[Robustness] stringify: avoid relying on a global undefined (#427)
[readme] remove travis badge; add github actions/codecov badges; update URLs
[Docs] add note and links for coercing primitive values (#408)
[Tests] clean up stringify tests slightly
[meta] fix README.md (#399)
Revert "[meta] ignore eclint transitive audit warning"
[actions] backport actions from main
[Dev Deps] backport updates from main

`v6.9.6`

Compare Source

[Fix] restore dist dir; mistakenly removed in d4f6c32

`v6.9.5`

Compare Source

[Fix] stringify: do not encode parens for RFC1738
[Fix] stringify: fix arrayFormat comma with empty array/objects (#350)
[Refactor] format: remove util.assign call
[meta] add "Allow Edits" workflow; update rebase workflow
[actions] switch Automatic Rebase workflow to pull_request_target event
[Tests] stringify: add tests for #378
[Tests] migrate tests to Github Actions
[Tests] run nyc on all tests; use tape runner
[Dev Deps] update eslint, @ljharb/eslint-config, browserify, mkdirp, object-inspect, tape; add aud

If you want to rebase/retry this PR, check this box

mend-for-github-com Bot added the security fix Security fix generated by Mend label Sep 26, 2025

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.9.7 (master)~~ chore(deps): update dependency qs to v6.9.7 (master) - autoclosed Oct 26, 2025

mend-for-github-com Bot closed this Oct 26, 2025

mend-for-github-com Bot deleted the whitesource-remediate/master-qs-6.x-lockfile branch October 26, 2025 10:28

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.9.7 (master) - autoclosed~~ chore(deps): update dependency qs to v6.9.7 (master) Oct 28, 2025

mend-for-github-com Bot reopened this Oct 28, 2025

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch 2 times, most recently from 2c84add to b053e54 Compare October 28, 2025 01:23

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch from b053e54 to 413f42f Compare December 1, 2025 06:51

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch from 413f42f to 59d74a1 Compare December 30, 2025 14:46

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.9.7 (master)~~ chore(deps): update dependency qs to v6.14.0 (master) Dec 30, 2025

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch from 59d74a1 to 111c9d5 Compare January 8, 2026 02:18

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.14.0 (master)~~ chore(deps): update dependency qs to v6.14.1 (master) Jan 8, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch from 111c9d5 to abbb0a3 Compare February 18, 2026 00:50

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.14.1 (master)~~ chore(deps): update dependency qs to v6.15.0 (master) Feb 18, 2026

mend-for-github-com Bot added patch release and removed security fix Security fix generated by Mend labels Mar 26, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch 2 times, most recently from abe997c to 2e4d1aa Compare April 13, 2026 07:03

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.15.0 (master)~~ chore(deps): update dependency qs to v6.15.1 (master) Apr 13, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch from 2e4d1aa to 6550c4b Compare April 18, 2026 06:37

mend-for-github-com Bot added security fix Security fix generated by Mend and removed patch release labels Apr 23, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch from 6550c4b to 43e476b Compare May 21, 2026 07:03

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.15.1 (master)~~ chore(deps): update dependency qs to v6.13.3 (master) May 21, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch 2 times, most recently from 12f165d to 953820b Compare May 22, 2026 18:47

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.13.3 (master)~~ chore(deps): update dependency qs to v6.10.7 (master) May 22, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch from 953820b to b8d5bc7 Compare May 29, 2026 07:15

chore(deps): update dependency qs to v6.10.7

e7dd3d4

mend-for-github-com Bot force-pushed the whitesource-remediate/master-qs-6.x-lockfile branch from b8d5bc7 to e7dd3d4 Compare June 9, 2026 08:09

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency qs to v6.10.7 (master)#928

chore(deps): update dependency qs to v6.10.7 (master)#928
mend-for-github-com[bot] wants to merge 1 commit into
masterfrom
whitesource-remediate/master-qs-6.x-lockfile

mend-for-github-com Bot commented Sep 26, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

mend-for-github-com Bot commented Sep 26, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

This PR resolves the vulnerabilities described in Issue #829

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

Release Notes

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

mend-for-github-com Bot commented Sep 26, 2025 •

edited

Loading