chore(deps): update dependency qs to v6.10.7 (develop) by mend-for-github-com[bot] · Pull Request #930 · opentok/opentok-rtc

mend-for-github-com · 2025-09-26T00:37:08Z

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
qs	`6.9.4` → `6.10.7`

This PR resolves the vulnerabilities described in Issue #829

Version 6.9.4

Risk Change	Critical	High	Medium	Low
N/A	0	1	0	2

Version 6.10.7

Risk Change	Critical	High	Medium	Low
-100%	0 (--)	0 (-1 )	0 (--)	0 (-2 )

Version 6.15.1

Risk Change	Critical	High	Medium	Low
-99%	0 (--)	0 (-1 )	1 (+1)	0 (-2 )

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

Release Notes

ljharb/qs (qs)

`v6.10.7`

Compare Source

[Fix] fix regressions from robustness refactor
[actions] update reusable workflows

`v6.10.6`

Compare Source

[Robustness] avoid .push, use void
[readme] clarify parseArrays and arrayLimit documentation (#543)
[readme] document that addQueryPrefix does not add ? to empty output (#418)
[readme] replace runkit CI badge with shields.io check-runs badge
[actions] fix rebase workflow permissions

`v6.10.5`

Compare Source

[Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

`v6.10.4`

Compare Source

[Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
[meta] use npmignore to autogenerate an npmignore file
[Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

`v6.10.3`

Compare Source

[Fix] parse: ignore __proto__ keys (#428)
[Robustness] stringify: avoid relying on a global undefined (#427)
[actions] reuse common workflows
[Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

`v6.10.2`

Compare Source

[Fix] stringify: actually fix cyclic references (#426)
[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
[readme] remove travis badge; add github actions/codecov badges; update URLs
[Docs] add note and links for coercing primitive values (#408)
[actions] update codecov uploader
[actions] update workflows
[Tests] clean up stringify tests slightly
[Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

`v6.10.1`

Compare Source

[Fix] stringify: avoid exception on repeated object values (#402)

`v6.10.0`

Compare Source

[New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
[New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
[meta] fix README.md (#399)
[meta] only run npm run dist in publish, not install
[Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
[Tests] fix tests on node v0.6
[Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
[Tests] Revert "[meta] ignore eclint transitive audit warning"

`v6.9.9`

Compare Source

[Fix] fix regressions from robustness refactor
[meta] add npmignore to autogenerate an npmignore file
[actions] update reusable workflows

`v6.9.8`

Compare Source

[Robustness] avoid .push, use void
[readme] clarify parseArrays and arrayLimit documentation (#543)
[readme] document that addQueryPrefix does not add ? to empty output (#418)
[readme] replace runkit CI badge with shields.io check-runs badge
[actions] fix rebase workflow permissions

`v6.9.7`

Compare Source

[Fix] parse: ignore __proto__ keys (#428)
[Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
[Robustness] stringify: avoid relying on a global undefined (#427)
[readme] remove travis badge; add github actions/codecov badges; update URLs
[Docs] add note and links for coercing primitive values (#408)
[Tests] clean up stringify tests slightly
[meta] fix README.md (#399)
Revert "[meta] ignore eclint transitive audit warning"
[actions] backport actions from main
[Dev Deps] backport updates from main

`v6.9.6`

Compare Source

[Fix] restore dist dir; mistakenly removed in d4f6c32

`v6.9.5`

Compare Source

[Fix] stringify: do not encode parens for RFC1738
[Fix] stringify: fix arrayFormat comma with empty array/objects (#350)
[Refactor] format: remove util.assign call
[meta] add "Allow Edits" workflow; update rebase workflow
[actions] switch Automatic Rebase workflow to pull_request_target event
[Tests] stringify: add tests for #378
[Tests] migrate tests to Github Actions
[Tests] run nyc on all tests; use tape runner
[Dev Deps] update eslint, @ljharb/eslint-config, browserify, mkdirp, object-inspect, tape; add aud

If you want to rebase/retry this PR, check this box

mend-for-github-com Bot added the security fix Security fix generated by Mend label Sep 26, 2025

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.9.7 (develop)~~ chore(deps): update dependency qs to v6.9.7 (develop) - autoclosed Oct 26, 2025

mend-for-github-com Bot closed this Oct 26, 2025

mend-for-github-com Bot deleted the whitesource-remediate/develop-qs-6.x-lockfile branch October 26, 2025 10:28

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.9.7 (develop) - autoclosed~~ chore(deps): update dependency qs to v6.9.7 (develop) Oct 28, 2025

mend-for-github-com Bot reopened this Oct 28, 2025

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch 2 times, most recently from d6ee123 to 3880a41 Compare October 28, 2025 01:30

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from 3880a41 to be233dc Compare December 1, 2025 06:52

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.9.7 (develop)~~ chore(deps): update dependency qs to v6.14.0 (develop) Dec 30, 2025

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from be233dc to 25f106b Compare December 30, 2025 14:48

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.14.0 (develop)~~ chore(deps): update dependency qs to v6.14.1 (develop) Jan 8, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from 25f106b to ca065e5 Compare January 8, 2026 02:19

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.14.1 (develop)~~ chore(deps): update dependency qs to v6.15.0 (develop) Feb 18, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from ca065e5 to 9d9ea62 Compare February 18, 2026 00:51

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch 2 times, most recently from 062a5be to c33a635 Compare March 26, 2026 09:34

mend-for-github-com Bot added patch release and removed security fix Security fix generated by Mend labels Mar 26, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from c33a635 to 5a2e5ad Compare March 26, 2026 11:30

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch 2 times, most recently from c2d4dfa to 422b177 Compare April 13, 2026 07:01

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.15.0 (develop)~~ chore(deps): update dependency qs to v6.15.1 (develop) Apr 13, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from 422b177 to ceab551 Compare April 18, 2026 06:36

mend-for-github-com Bot added security fix Security fix generated by Mend and removed patch release labels Apr 23, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from ceab551 to ecabded Compare May 21, 2026 07:01

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.15.1 (develop)~~ chore(deps): update dependency qs to v6.13.3 (develop) May 21, 2026

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from ecabded to 9fe4bb4 Compare May 22, 2026 18:45

mend-for-github-com Bot changed the title ~~chore(deps): update dependency qs to v6.13.3 (develop)~~ chore(deps): update dependency qs to v6.10.7 (develop) May 22, 2026

chore(deps): update dependency qs to v6.10.7

8f48af9

mend-for-github-com Bot force-pushed the whitesource-remediate/develop-qs-6.x-lockfile branch from 9fe4bb4 to 8f48af9 Compare May 29, 2026 07:13

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency qs to v6.10.7 (develop)#930

chore(deps): update dependency qs to v6.10.7 (develop)#930
mend-for-github-com[bot] wants to merge 1 commit into
developfrom
whitesource-remediate/develop-qs-6.x-lockfile

mend-for-github-com Bot commented Sep 26, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

mend-for-github-com Bot commented Sep 26, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

This PR resolves the vulnerabilities described in Issue #829

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

Release Notes

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

mend-for-github-com Bot commented Sep 26, 2025 •

edited

Loading