Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump qs and @types/qs #2353

Merged
merged 1 commit into from
May 22, 2024
Merged

Bump qs and @types/qs #2353

merged 1 commit into from
May 22, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 15, 2024

Bumps qs and @types/qs. These dependencies needed to be updated together.
Updates qs from 6.11.2 to 6.12.1

Changelog

Sourced from qs's changelog.

6.12.1

  • [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior (#501)
  • [Performance] utils: Optimize performance under large data volumes, reduce memory usage, and speed up processing (#502)
  • [Refactor] utils: use +=
  • [Tests] increase coverage

6.12.0

  • [New] parse/stringify: add decodeDotInKeys/encodeDotKeys options (#488)
  • [New] parse: add duplicates option
  • [New] parse/stringify: add allowEmptyArrays option to allow [] in object values (#487)
  • [Refactor] parse/stringify: move allowDots config logic to its own variable
  • [Refactor] stringify: move option-handling code into normalizeStringifyOptions
  • [readme] update readme, add logos (#484)
  • [readme] stringify: clarify default arrayFormat behavior
  • [readme] fix line wrapping
  • [readme] remove dead badges
  • [Deps] update side-channel
  • [meta] make the dist build 50% smaller
  • [meta] add sideEffects flag
  • [meta] run build in prepack, not prepublish
  • [Tests] parse: remove useless tests; add coverage
  • [Tests] stringify: increase coverage
  • [Tests] use mock-property
  • [Tests] stringify: improve coverage
  • [Dev Deps] update @ljharb/eslint-config , aud, has-override-mistake, has-property-descriptors, mock-property, npmignore, object-inspect, tape
  • [Dev Deps] pin glob, since v10.3.8+ requires a broken jackspeak
  • [Dev Deps] pin jackspeak since 2.1.2+ depends on npm aliases, which kill the install process in npm < 6
Commits
  • 29dda21 v6.12.1
  • 7e18298 [Fix] parse: Disable decodeDotInKeys by default to restore previous behavior
  • fd3cd7a [Tests] increase coverage
  • 6d7df02 [Performance] utils: Optimize performance under large data volumes, reduce ...
  • 572533c [Refactor] utils: use +=
  • c4d29f3 [meta] add tea.yaml
  • 062334a v6.12.0
  • f09cffc [meta] make the dist build 50% smaller
  • 934dfe8 [meta] run build in prepack, not prepublish
  • c8a269f [Tests] parse: remove useless tests; add coverage
  • Additional commits viewable in compare view

Updates @types/qs from 6.9.7 to 6.9.15

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump qs and @types/qs
5ab8efd 
Bumps [qs](https://github.com/ljharb/qs) and [@types/qs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/qs). These dependencies needed to be updated together.

Updates `qs` from 6.11.2 to 6.12.1
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.11.2...v6.12.1)

Updates `@types/qs` from 6.9.7 to 6.9.15
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/qs)

---
updated-dependencies:
- dependency-name: qs
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: "@types/qs"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner May 15, 2024 20:09
@dependabot dependabot bot added Changed Required label for PR that categorizes merge commit message as "Changed" for changelog dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 15, 2024
@dependabot dependabot bot requested review from cmmarslender and emlowe May 15, 2024 20:09
@socket-security Socket Security
Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@types/qs@6.9.15 None 0 7.34 kB types
npm/qs@6.12.1 Transitive: eval +14 588 kB ljharb

🚮 Removed packages: npm/@types/qs@6.9.7, npm/qs@6.11.2

View full report↗︎

ChiaMineJP
ChiaMineJP approved these changes May 22, 2024
View reviewed changes
Copy link
Contributor

@ChiaMineJP ChiaMineJP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

qs module is used when creating a github issue URL for error reporting.
I intentionally threw an error in GUI and tested whether the URL is correctly generated.
The test succeeded.

@cmmarslender cmmarslender merged commit f5dbf53 into main May 22, 2024
8 checks passed
@cmmarslender cmmarslender deleted the dependabot/npm_and_yarn/multi-d521145fb8 branch May 22, 2024 17:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emlowe emlowe emlowe approved these changes

@ChiaMineJP ChiaMineJP ChiaMineJP approved these changes

@cmmarslender cmmarslender Awaiting requested review from cmmarslender

Assignees
No one assigned
Labels
Changed Required label for PR that categorizes merge commit message as "Changed" for changelog dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@emlowe @ChiaMineJP @cmmarslender