Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency qs to v6.9.7 - autoclosed #830

Closed

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Nov 28, 2022

This PR contains the following updates:

Package Type Update Change
qs dependencies patch 6.9.4 -> 6.9.7

By merging this PR, the issue #829 will be automatically resolved and closed:

Severity CVSS Score CVE
High High 7.5 CVE-2022-24999

Release Notes

ljharb/qs

v6.9.7

Compare Source

  • [Fix] parse: ignore __proto__ keys (#​428)
  • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#​424)
  • [Robustness] stringify: avoid relying on a global undefined (#​427)
  • [readme] remove travis badge; add github actions/codecov badges; update URLs
  • [Docs] add note and links for coercing primitive values (#​408)
  • [Tests] clean up stringify tests slightly
  • [meta] fix README.md (#​399)
  • Revert "[meta] ignore eclint transitive audit warning"
  • [actions] backport actions from main
  • [Dev Deps] backport updates from main

v6.9.6

Compare Source

  • [Fix] restore dist dir; mistakenly removed in d4f6c32

v6.9.5

Compare Source

  • [Fix] stringify: do not encode parens for RFC1738
  • [Fix] stringify: fix arrayFormat comma with empty array/objects (#​350)
  • [Refactor] format: remove util.assign call
  • [meta] add "Allow Edits" workflow; update rebase workflow
  • [actions] switch Automatic Rebase workflow to pull_request_target event
  • [Tests] stringify: add tests for #​378
  • [Tests] migrate tests to Github Actions
  • [Tests] run nyc on all tests; use tape runner
  • [Dev Deps] update eslint, @ljharb/eslint-config, browserify, mkdirp, object-inspect, tape; add aud

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label Nov 28, 2022
@mend-for-github-com mend-for-github-com bot changed the title Update dependency qs to v6.9.7 Update dependency qs to v6.9.7 - autoclosed Feb 20, 2024
@mend-for-github-com mend-for-github-com bot deleted the whitesource-remediate/qs-6.x-lockfile branch February 20, 2024 04:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by Mend
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants