chore(deps): bump qs from 6.15.0 to 6.15.2 in /Projects/JavaScript/code-compiler in the npm_and_yarn group across 1 directory by dependabot[bot] · Pull Request #411 · skanda890/CodePark

dependabot · 2026-05-23T13:41:06Z

Bumps the npm_and_yarn group with 1 update in the /Projects/JavaScript/code-compiler directory: qs.

Updates qs from 6.15.0 to 6.15.2

Changelog

6.15.2

[Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + encodeValuesOnly instead of crashing in encoder

[Fix] stringify: use configured delimiter after charsetSentinel (#555)

[Fix] stringify: apply formatter to encoded key under strictNullHandling (#554)

[Fix] stringify: skip null/undefined filter-array entries instead of crashing in encoder (#551)

[Fix] parse: handle nested bracket groups and add regression tests (#530)

[readme] fix grammar (#550)

[Dev Deps] update @ljharb/eslint-config

[Tests] add regression tests for keys containing percent-encoded bracket text

6.15.1

[Fix] parse: parameterLimit: Infinity with throwOnLimitExceeded: true silently drops all parameters

[Deps] update @ljharb/eslint-config

[Dev Deps] update @ljharb/eslint-config, iconv-lite

[Tests] increase coverage

Commits

9aca407 v6.15.2
5e33d33 [Dev Deps] update @ljharb/eslint-config
21f80b3 [Fix] stringify: skip null/undefined entries in arrayFormat: 'comma' + `e...
a0a81ea [Fix] stringify: use configured delimiter after charsetSentinel
e3062f7 [Fix] stringify: apply formatter to encoded key under strictNullHandling
0c180a4 [Fix] stringify: skip null/undefined filter-array entries instead of crashi...
3a8b94a [Tests] add regression tests for keys containing percent-encoded bracket text
96755ab [readme] fix grammar
a419ce5 [Fix] parse: handle nested bracket groups and add regression tests
3f5e1c5 v6.15.1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 1 update in the /Projects/JavaScript/code-compiler directory: [qs](https://github.com/ljharb/qs). Updates `qs` from 6.15.0 to 6.15.2 - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](ljharb/qs@v6.15.0...v6.15.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.15.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

netlify · 2026-05-23T13:41:10Z

❌ Deploy Preview for silver-entremet-633411 failed.

Name	Link
🔨 Latest commit	`de6b925`
🔍 Latest deploy log	https://app.netlify.com/projects/silver-entremet-633411/deploys/6a11ae75564507000826a57f

codeant-ai · 2026-05-23T13:41:11Z

Skipping PR review because a bot author is detected.

If you want to trigger CodeAnt AI, comment @codeant-ai review to trigger a manual review.

skanda890 · 2026-05-23T13:41:19Z

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

github-actions · 2026-05-23T13:41:32Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package

Version

Score

Details

npm/path-to-regexp

8.4.2

🟢 7.6

Details

Check	Score	Reason
Binary-Artifacts	🟢 10	no binaries found in the repo
Branch-Protection	⚠️ 1	branch protection is not maximal on development and all release branches
CI-Tests	🟢 10	26 out of 26 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
Code-Review	🟢 5	found 12 unreviewed changesets out of 29 -- score normalized to 5
Contributors	🟢 10	25 different organizations found -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Dependency-Update-Tool	🟢 10	update tool detected
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Maintained	🟢 10	16 commit(s) out of 30 and 3 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging	⚠️ -1	no published package detected
Pinned-Dependencies	🟢 3	dependency not pinned by hash detected -- score normalized to 3
SAST	🟢 10	SAST tool is run on all commits
Security-Policy	🟢 9	security policy file detected
Signed-Releases	⚠️ -1	no releases found
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	🟢 10	no vulnerabilities detected

npm/qs

6.15.2

🟢 5.3

Details

Check	Score	Reason
Code-Review	⚠️ 1	Found 5/30 approved changesets -- score normalized to 1
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Security-Policy	🟢 10	security policy file detected
Packaging	⚠️ -1	packaging workflow not detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Maintained	🟢 10	13 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices	🟢 5	badge detected: Passing
Fuzzing	⚠️ 0	project is not fuzzed
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0

Scanned Files

Projects/JavaScript/code-compiler/package-lock.json

sonarqubecloud · 2026-05-23T13:41:45Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

deepsource-io · 2026-05-23T13:42:11Z

DeepSource Code Review

We reviewed changes in 678cbb6...de6b925 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade	Security Reliability Complexity Hygiene

Code Review Summary

Analyzer	Updated (UTC)	Details
Code coverage	May 23, 2026 1:41p.m.	Review ↗
Terraform	May 23, 2026 1:41p.m.	Review ↗
Swift	May 23, 2026 1:41p.m.	Review ↗
SQL	May 23, 2026 1:41p.m.	Review ↗
Shell	May 23, 2026 1:41p.m.	Review ↗
Secrets	May 23, 2026 1:41p.m.	Review ↗
Scala	May 23, 2026 1:41p.m.	Review ↗
Ruby	May 23, 2026 1:41p.m.	Review ↗
PHP	May 23, 2026 1:41p.m.	Review ↗
Kotlin	May 23, 2026 1:41p.m.	Review ↗
Go	May 23, 2026 1:41p.m.	Review ↗
Docker	May 23, 2026 1:41p.m.	Review ↗
Ansible	May 23, 2026 1:41p.m.	Review ↗
Rust	May 23, 2026 1:41p.m.	Review ↗
C#	May 23, 2026 1:41p.m.	Review ↗
C & C++	May 23, 2026 1:41p.m.	Review ↗
Java	May 23, 2026 1:41p.m.	Review ↗
JavaScript	May 23, 2026 1:41p.m.	Review ↗
Python	May 23, 2026 1:41p.m.	Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

codacy-production · 2026-05-23T13:44:07Z

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 complexity · 0 duplication

Metric Results

Complexity 0

Duplication 0

View in Codacy

_{NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer}
_{TIP This summary will be updated as you push new changes.}

dependabot · 2026-05-23T14:39:29Z

Superseded by #412.

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 23, 2026

dependabot Bot closed this May 23, 2026

dependabot Bot deleted the dependabot/npm_and_yarn/Projects/JavaScript/code-compiler/npm_and_yarn-05b1f1d78b branch May 23, 2026 14:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump qs from 6.15.0 to 6.15.2 in /Projects/JavaScript/code-compiler in the npm_and_yarn group across 1 directory#411

chore(deps): bump qs from 6.15.0 to 6.15.2 in /Projects/JavaScript/code-compiler in the npm_and_yarn group across 1 directory#411
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/Projects/JavaScript/code-compiler/npm_and_yarn-05b1f1d78b

dependabot Bot commented on behalf of github May 23, 2026

Uh oh!

netlify Bot commented May 23, 2026 •

edited

Loading

Uh oh!

codeant-ai Bot commented May 23, 2026

Uh oh!

skanda890 commented May 23, 2026

Uh oh!

github-actions Bot commented May 23, 2026

Uh oh!

sonarqubecloud Bot commented May 23, 2026

Uh oh!

deepsource-io Bot commented May 23, 2026 •

edited

Loading

Uh oh!

codacy-production Bot commented May 23, 2026

Uh oh!

dependabot Bot commented on behalf of github May 23, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github May 23, 2026

6.15.2

6.15.1

Uh oh!

netlify Bot commented May 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

❌ Deploy Preview for silver-entremet-633411 failed.

Uh oh!

codeant-ai Bot commented May 23, 2026

Uh oh!

skanda890 commented May 23, 2026

✅ Snyk checks have passed. No issues have been found so far.

Uh oh!

github-actions Bot commented May 23, 2026

Dependency Review

OpenSSF Scorecard

Scanned Files

Uh oh!

sonarqubecloud Bot commented May 23, 2026

Quality Gate passed

Uh oh!

deepsource-io Bot commented May 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

DeepSource Code Review

PR Report Card

Code Review Summary

Uh oh!

codacy-production Bot commented May 23, 2026

Up to standards ✅

Uh oh!

dependabot Bot commented on behalf of github May 23, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

netlify Bot commented May 23, 2026 •

edited

Loading

deepsource-io Bot commented May 23, 2026 •

edited

Loading