Skip to content

chore(deps): Bump qs from 6.15.0 to 6.15.2 in /tools/visual-chromatic#165

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/tools/visual-chromatic/qs-6.15.2
Open

chore(deps): Bump qs from 6.15.0 to 6.15.2 in /tools/visual-chromatic#165
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/tools/visual-chromatic/qs-6.15.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 23, 2026
edited by cubic-dev-ai Bot
Loading

Bumps qs from 6.15.0 to 6.15.2.

Changelog

Sourced from qs's changelog.

6.15.2

  • [Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + encodeValuesOnly instead of crashing in encoder
  • [Fix] stringify: use configured delimiter after charsetSentinel (#555)
  • [Fix] stringify: apply formatter to encoded key under strictNullHandling (#554)
  • [Fix] stringify: skip null/undefined filter-array entries instead of crashing in encoder (#551)
  • [Fix] parse: handle nested bracket groups and add regression tests (#530)
  • [readme] fix grammar (#550)
  • [Dev Deps] update @ljharb/eslint-config
  • [Tests] add regression tests for keys containing percent-encoded bracket text

6.15.1

  • [Fix] parse: parameterLimit: Infinity with throwOnLimitExceeded: true silently drops all parameters
  • [Deps] update @ljharb/eslint-config
  • [Dev Deps] update @ljharb/eslint-config, iconv-lite
  • [Tests] increase coverage
Commits
  • 9aca407 v6.15.2
  • 5e33d33 [Dev Deps] update @ljharb/eslint-config
  • 21f80b3 [Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + `e...
  • a0a81ea [Fix] stringify: use configured delimiter after charsetSentinel
  • e3062f7 [Fix] stringify: apply formatter to encoded key under strictNullHandling
  • 0c180a4 [Fix] stringify: skip null/undefined filter-array entries instead of crashi...
  • 3a8b94a [Tests] add regression tests for keys containing percent-encoded bracket text
  • 96755ab [readme] fix grammar
  • a419ce5 [Fix] parse: handle nested bracket groups and add regression tests
  • 3f5e1c5 v6.15.1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by cubic

Updates qs to 6.15.2 in tools/visual-chromatic to pull in upstream bug fixes for safer query parsing and stringifying.

  • Bug Fixes
    • Prevents stringify crashes on null/undefined entries (including arrayFormat: 'comma' and filter arrays).
    • Improves parse for nested bracket groups and respects configured delimiters; applies formatter to encoded keys with strictNullHandling.

Written for commit 72bc5f4. Summary will update on new commits. Review in cubic

@dependabot
chore(deps): Bump qs from 6.15.0 to 6.15.2 in /tools/visual-chromatic
72bc5f4 
Bumps [qs](https://github.com/ljharb/qs) from 6.15.0 to 6.15.2.
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.15.0...v6.15.2)

---
updated-dependencies:
- dependency-name: qs
  dependency-version: 6.15.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added area:ci CI/CD and automation dependencies Dependency updates type:chore Maintenance or housekeeping labels May 23, 2026
@dependabot dependabot Bot requested a review from Prekzursil as a code owner May 23, 2026 13:53
@dependabot dependabot Bot added type:chore Maintenance or housekeeping area:ci CI/CD and automation dependencies Dependency updates labels May 23, 2026
@codeant-ai
Copy link
Copy Markdown

codeant-ai Bot commented May 23, 2026

Skipping PR review because a bot author is detected.

If you want to trigger CodeAnt AI, comment @codeant-ai review to trigger a manual review.

@deepsource-io
Copy link
Copy Markdown

deepsource-io Bot commented May 23, 2026
edited
Loading

DeepSource Code Review

We reviewed changes in 3871476...72bc5f4 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Security  

Reliability  

Complexity  

Hygiene  

Code Review Summary

Analyzer Status Updated (UTC) Details
Terraform May 23, 2026 1:53p.m. Review ↗
SQL May 23, 2026 1:53p.m. Review ↗
Rust May 23, 2026 1:53p.m. Review ↗
Shell May 23, 2026 1:53p.m. Review ↗
Ruby May 23, 2026 1:53p.m. Review ↗
PHP May 23, 2026 1:53p.m. Review ↗
Kotlin May 23, 2026 1:53p.m. Review ↗
Swift May 23, 2026 1:53p.m. Review ↗
Scala May 23, 2026 1:53p.m. Review ↗
Python May 23, 2026 1:53p.m. Review ↗
JavaScript May 23, 2026 1:53p.m. Review ↗
Java May 23, 2026 1:53p.m. Review ↗
Go May 23, 2026 1:53p.m. Review ↗
Docker May 23, 2026 1:53p.m. Review ↗
C & C++ May 23, 2026 1:53p.m. Review ↗
Ansible May 23, 2026 1:53p.m. Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 23, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@codacy-production
Copy link
Copy Markdown

codacy-production Bot commented May 23, 2026

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Prekzursil Prekzursil Awaiting requested review from Prekzursil Prekzursil is a code owner

Assignees

No one assigned

Labels

area:ci CI/CD and automation dependencies Dependency updates type:chore Maintenance or housekeeping

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants