Skip to content

chore(deps): bump qs and body-parser in /datafusion/wasmtest/datafusion-wasm-app#22321

Merged
Jefffrey merged 1 commit into
mainfrom
dependabot/npm_and_yarn/datafusion/wasmtest/datafusion-wasm-app/multi-eb38dee27d
May 20, 2026
Merged

chore(deps): bump qs and body-parser in /datafusion/wasmtest/datafusion-wasm-app#22321
Jefffrey merged 1 commit into
mainfrom
dependabot/npm_and_yarn/datafusion/wasmtest/datafusion-wasm-app/multi-eb38dee27d

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 18, 2026
edited
Loading

Bumps qs and body-parser. These dependencies needed to be updated together.
Updates qs from 6.14.0 to 6.14.2

Changelog

Sourced from qs's changelog.

6.14.2

  • [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit (#546)
  • [Fix] arrayLimit means max count, not max index, in combine/merge/parseArrayValue
  • [Fix] parse: throw on arrayLimit exceeded with indexed notation when throwOnLimitExceeded is true (#529)
  • [Fix] parse: enforce arrayLimit on comma-parsed values
  • [Fix] parse: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)
  • [Robustness] avoid .push, use void
  • [readme] document that addQueryPrefix does not add ? to empty output (#418)
  • [readme] clarify parseArrays and arrayLimit documentation (#543)
  • [readme] replace runkit CI badge with shields.io check-runs badge
  • [meta] fix changelog typo (arrayLengtharrayLimit)
  • [actions] fix rebase workflow permissions

6.14.1

  • [Fix] ensure arrayLimit applies to [] notation as well
  • [Fix] parse: when a custom decoder returns null for a key, ignore that key
  • [Refactor] parse: extract key segment splitting helper
  • [meta] add threat model
  • [actions] add workflow permissions
  • [Tests] stringify: increase coverage
  • [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect
Commits
  • bdcf0c7 v6.14.2
  • 294db90 [readme] document that addQueryPrefix does not add ? to empty output
  • 5c308e5 [readme] clarify parseArrays and arrayLimit documentation
  • 6addf8c [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit
  • cfc108f [Fix] arrayLimit means max count, not max index, in combine/merge/`pars...
  • febb644 [Fix] parse: throw on arrayLimit exceeded with indexed notation when `thr...
  • f6a7abf [Fix] parse: enforce arrayLimit on comma-parsed values
  • fbc5206 [Fix] parse: fix error message to reflect arrayLimit as max index; remove e...
  • 1b9a8b4 [actions] fix rebase workflow permissions
  • 2a35775 [meta] fix changelog typo (arrayLengtharrayLimit)
  • Additional commits viewable in compare view

Updates body-parser from 1.20.3 to 1.20.5

Release notes

Sourced from body-parser's releases.

v1.20.5

What's Changed

The reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (> 100) on qs@6.14.2+. (expressjs/body-parser#716)

New Contributors

Special thanks to triager @​krzysdz for keeping this on our radar and effectively triaging the specific issue!

Full Changelog: expressjs/body-parser@1.20.4...1.20.5

1.20.4

What's Changed

Full Changelog: expressjs/body-parser@1.20.3...1.20.4

Changelog

Sourced from body-parser's changelog.

1.20.5 / 2026-04-24

  • refactor(json): simplify strict mode error string construction
  • fix: extended urlencoded parsing of arrays with >100 elements (#716)
  • deps: qs@~6.15.1

1.20.4 / 2025-12-01

  • deps: qs@~6.14.0
  • deps: use tilde notation for dependencies
  • deps: http-errors@~2.0.1
  • deps: raw-body@~2.5.3
Commits
Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for body-parser since your current version.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 18, 2026
@dependabot
chore(deps): bump qs and body-parser
66a17c9 
Bumps [qs](https://github.com/ljharb/qs) and [body-parser](https://github.com/expressjs/body-parser). These dependencies needed to be updated together.

Updates `qs` from 6.14.0 to 6.14.2
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.14.0...v6.14.2)

Updates `body-parser` from 1.20.3 to 1.20.5
- [Release notes](https://github.com/expressjs/body-parser/releases)
- [Changelog](https://github.com/expressjs/body-parser/blob/1.20.5/HISTORY.md)
- [Commits](expressjs/body-parser@1.20.3...1.20.5)

---
updated-dependencies:
- dependency-name: body-parser
  dependency-version: 1.20.5
  dependency-type: indirect
- dependency-name: qs
  dependency-version: 6.14.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/datafusion/wasmtest/datafusion-wasm-app/multi-eb38dee27d branch from 0ff4f48 to 66a17c9 Compare May 20, 2026 02:59
@Jefffrey Jefffrey added this pull request to the merge queue May 20, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to no response for status checks May 20, 2026
@Jefffrey Jefffrey added this pull request to the merge queue May 20, 2026
Merged via the queue into main with commit 199fbc8 May 20, 2026
66 checks passed
@Jefffrey Jefffrey deleted the dependabot/npm_and_yarn/datafusion/wasmtest/datafusion-wasm-app/multi-eb38dee27d branch May 20, 2026 13:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Jefffrey Jefffrey Jefffrey approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Jefffrey