chore(qs): update to v6.14.1

fix security issue https://github.com/advisories/GHSA-6rw7-vpxm-498p Signed-off-by: Florent Benoit <fbenoit@redhat.com>
2026-04-21 17:47:22 +00:00 · 2026-01-19 08:52:22 +01:00 · 2026-01-19 08:52:22 +01:00 · 61d902f25a
commit 61d902f25a
parent a6690ca4a6
2 changed files with 12 additions and 10 deletions
--- a/package.json
+++ b/package.json
@ -235,6 +235,7 @@
      "react-router>path-to-regexp": "^1.9.0",
      "serve-handler>path-to-regexp": "^3.3.0",
      "express>cookie": "^0.7.0",
+      "express>qs": "^6.14.1",
      "monaco-editor>dompurify": "^3.2.7",
      "webpack-dev-server>http-proxy-middleware": "^2.0.9",
      "esbuild-register>esbuild": "^0.25.0",
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@ -9,6 +9,7 @@ overrides:
  react-router>path-to-regexp: ^1.9.0
  serve-handler>path-to-regexp: ^3.3.0
  express>cookie: ^0.7.0
+  express>qs: ^6.14.1
  monaco-editor>dompurify: ^3.2.7
  webpack-dev-server>http-proxy-middleware: ^2.0.9
  esbuild-register>esbuild: ^0.25.0
@ -83,7 +84,7 @@ importers:
        version: 1.0.0
      express:
        specifier: ^4.22.0
-        version: 4.22.0
+        version: 4.22.1
      getos:
        specifier: ^3.2.1
        version: 3.2.1
@ -6938,8 +6939,8 @@ packages:
  exponential-backoff@3.1.3:
    resolution: {integrity: sha512-ZgEeZXj30q+I0EN+CbSSpIyPaJ5HVQD18Z1m+u1FXbAeT94mr1zw50q4q6jiiC447Nl/YTcIYSAftiGqetwXCA==}

-  express@4.22.0:
-    resolution: {integrity: sha512-c2iPh3xp5vvCLgaHK03+mWLFPhox7j1LwyxcZwFVApEv5i0X+IjPpbT50SJJwwLpdBVfp45AkK/v+AFgv/XlfQ==}
+  express@4.22.1:
+    resolution: {integrity: sha512-F2X8g9P1X7uCPZMA3MVf9wcTqlyNp7IhH5qPCI0izhaOIYXaW9L535tGA3qmjRzpH+bZczqq7hVKxTR4NWnu+g==}
    engines: {node: '>= 0.10.0'}

  exsolve@1.0.7:
@ -10030,8 +10031,8 @@ packages:

      (For a CapTP with native promises, see @endo/eventual-send and @endo/captp)

-  qs@6.14.0:
-    resolution: {integrity: sha512-YWWTjgABSKcvs/nWBi9PycY/JiPJqOD4JA6o9Sej2AtvSGarXxKC3OQSk4pAarbdQlKAh5D4FCQkJNkW+GAn3w==}
+  qs@6.14.1:
+    resolution: {integrity: sha512-4EK3+xJl8Ts67nLYNwqw/dsFVnCf+qR7RgXSK9jEEm9unao3njwMDdmsdvoKBKHzxd7tCYz5e5M+SnMjdtXGQQ==}
    engines: {node: '>=0.6'}

  quansync@0.2.11:
@ -17471,7 +17472,7 @@ snapshots:
      http-errors: 2.0.1
      iconv-lite: 0.4.24
      on-finished: 2.4.1
-      qs: 6.14.0
+      qs: 6.14.1
      raw-body: 2.5.3
      type-is: 1.6.18
      unpipe: 1.0.0
@ -19546,7 +19547,7 @@ snapshots:

  exponential-backoff@3.1.3: {}

-  express@4.22.0:
+  express@4.22.1:
    dependencies:
      accepts: 1.3.8
      array-flatten: 1.1.1
@ -19569,7 +19570,7 @@ snapshots:
      parseurl: 1.3.3
      path-to-regexp: 0.1.12
      proxy-addr: 2.0.7
-      qs: 6.14.0
+      qs: 6.14.1
      range-parser: 1.2.1
      safe-buffer: 5.2.1
      send: 0.19.1
@ -23132,7 +23133,7 @@ snapshots:

  q@1.5.1: {}

-  qs@6.14.0:
+  qs@6.14.1:
    dependencies:
      side-channel: 1.1.0

@ -25204,7 +25205,7 @@ snapshots:
      colorette: 2.0.20
      compression: 1.7.5
      connect-history-api-fallback: 2.0.0
-      express: 4.22.0
+      express: 4.22.1
      graceful-fs: 4.2.11
      http-proxy-middleware: 2.0.9(@types/express@4.17.21)
      ipaddr.js: 2.2.0