Skip to content

fix(deps): vuln qs (minor → 6.15.3) [test/crashtracker]#161

Open
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
mainfrom
engraver-auto-version-upgrade/minorpatch/npm/crashtracker/0-1783383294
Open

fix(deps): vuln qs (minor → 6.15.3) [test/crashtracker]#161
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
mainfrom
engraver-auto-version-upgrade/minorpatch/npm/crashtracker/0-1783383294

Conversation

@gh-worker-campaigns-3e9aa4

Copy link
Copy Markdown
Contributor

Summary: Security update — 1 package upgraded (MINOR changes included)

Manifests changed:

  • test/crashtracker (yarn)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.


Updates

Package From To Type Dep Type Vulnerabilities Fixed
qs 6.14.2 6.15.3 minor Transitive 1 MEDIUM

Security Details

ℹ️ Other Vulnerabilities (1)
Package CVE Severity Summary Unsafe Version Fixed In Case
qs GHSA-q8mj-m7cp-5q26 MODERATE qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set 6.14.2 6.15.2 -

Review Checklist

Standard review:

  • Review changes for compatibility with your code
  • Check for breaking changes in release notes
  • Run tests locally or wait for CI
  • Approve and merge this PR

Update Mode: all_vulns

🤖 Generated by DataDog Automated Dependency Management System

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown

Overall package size

Self size: 30.06 MB
Deduped: 30.06 MB
No deduping: 30.06 MB

Dependency sizes | name | version | self size | total size | |------|---------|-----------|------------|

🤖 This report was automatically generated by heaviest-objects-in-the-universe

@campaigner-prod campaigner-prod Bot marked this pull request as ready for review July 7, 2026 13:37
@campaigner-prod campaigner-prod Bot requested review from a team as code owners July 7, 2026 13:37
@dd-prapprover-prod-77c48c

dd-prapprover-prod-77c48c Bot commented Jul 7, 2026

Copy link
Copy Markdown

PRApprover will approve and merge this PR, FAQ, #dx-source-code-management

🛠️ PRApproval Status

  • ✅ PR is eligible for auto-approval by rule dependency-management-version-updater - 2026-07-07T13:38:23Z
  • ✅ CI tests passed - 2026-07-07T13:38:27Z
  • ✅ Approved (commit: 043718d) - 2026-07-07T13:38:30Z
  • ✅ Merge Started
  • ⬜ Merged

➡️ Current phase: merge in progress...

@dd-prapprover-prod-77c48c dd-prapprover-prod-77c48c Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR has been automatically approved by the DD PR Approver bot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants