chore(deps): update dependency qs to v6.15.1#5458
Merged
Conversation
thomhurst
added
dependencies
thomhurst
added
dependencies
Up to standards ✅🟢 Issues
|
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
This is a routine Renovate bot dependency update for the qs npm package (used in the docs site) from 6.15.0 to 6.15.1. The change is limited to docs/package.json and docs/yarn.lock — no production .NET code is touched.
What changed in qs 6.15.1
The upstream changelog lists one behavioural fix: when parameterLimit is set to Infinity and throwOnLimitExceeded is true, all parameters were silently dropped instead of being preserved. The rest of the release is eslint-config bumps and test coverage increases with no API or security changes.
Assessment
- The scope is correct: only the
resolutionspin inpackage.jsonand the corresponding lockfile entry are updated. - The lockfile hash change (
db8fd5d...→bdb55ae...) is consistent with a legitimate upstream patch release. qsis listed underresolutions(a Yarn override) rather than as a direct dependency. This means it is a transitive dependency being pinned for security/correctness reasons, which is the right practice.- Auto-merge is already enabled, which is appropriate for a patch-level lockfile-only update to a docs-only dependency.
One minor observation
The qs@~6.14.0 alias in the lockfile is preserved alongside qs@6.15.1 in the same entry. This is expected Yarn behaviour — the ~6.14.0 range is satisfied by 6.15.1 — but it is worth being aware that if any transitive package ever requires a version outside that range, this resolution override will silently shadow it. That is pre-existing behaviour and not introduced by this PR.
No blocking issues. This is safe to merge.
This was referenced Apr 9, 2026
intellitect-bot
pushed a commit
to IntelliTect/EssentialCSharp.Web
that referenced
this pull request
Apr 9, 2026
Updated [TUnit](https://github.com/thomhurst/TUnit) from 1.29.0 to 1.30.0. <details> <summary>Release notes</summary> _Sourced from [TUnit's releases](https://github.com/thomhurst/TUnit/releases)._ ## 1.30.0 <!-- Release notes generated using configuration in .github/release.yml at v1.30.0 --> ## What's Changed ### Other Changes * perf: eliminate locks from mock invocation and verification hot paths by @thomhurst in thomhurst/TUnit#5422 * feat: TUnit0074 analyzer for redundant hook attributes on overrides by @thomhurst in thomhurst/TUnit#5459 * fix(mocks): respect generic type argument accessibility (#5453) by @thomhurst in thomhurst/TUnit#5460 * fix(mocks): skip inaccessible internal accessors when mocking Azure.Response by @thomhurst in thomhurst/TUnit#5461 * fix: apply CultureAttribute and STAThreadExecutorAttribute to hooks (#5452) by @thomhurst in thomhurst/TUnit#5463 ### Dependencies * chore(deps): update tunit to 1.29.0 by @thomhurst in thomhurst/TUnit#5446 * chore(deps): update react to ^19.2.5 by @thomhurst in thomhurst/TUnit#5457 * chore(deps): update opentelemetry to 1.15.2 by @thomhurst in thomhurst/TUnit#5456 * chore(deps): update dependency qs to v6.15.1 by @thomhurst in thomhurst/TUnit#5458 **Full Changelog**: thomhurst/TUnit@v1.29.0...v1.30.0 Commits viewable in [compare view](thomhurst/TUnit@v1.29.0...v1.30.0). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Apr 9, 2026
This was referenced Apr 13, 2026
Closed
Merged
github-actions bot
pushed a commit
to IntelliTect/CodingGuidelines
that referenced
this pull request
Apr 13, 2026
Updated [TUnit.Core](https://github.com/thomhurst/TUnit) from 1.28.7 to 1.33.0. <details> <summary>Release notes</summary> _Sourced from [TUnit.Core's releases](https://github.com/thomhurst/TUnit/releases)._ ## 1.33.0 <!-- Release notes generated using configuration in .github/release.yml at v1.33.0 --> ## What's Changed ### Other Changes * perf: engine-wide performance optimizations by @thomhurst in thomhurst/TUnit#5520 * feat: Add TUnitSettings static API for programmatic configuration by @thomhurst in thomhurst/TUnit#5522 * perf: reduce allocations and improve hot-path performance by @thomhurst in thomhurst/TUnit#5524 * fix: enforce ParallelLimiter semaphore in TestRunner to prevent DependsOn bypass by @thomhurst in thomhurst/TUnit#5526 ### Dependencies * chore(deps): update tunit to 1.32.0 by @thomhurst in thomhurst/TUnit#5513 **Full Changelog**: thomhurst/TUnit@v1.32.0...v1.33.0 ## 1.32.0 <!-- Release notes generated using configuration in .github/release.yml at v1.32.0 --> ## What's Changed ### Other Changes * fix: auto-register correlated logging for minimal API hosts (#5503) by @thomhurst in thomhurst/TUnit#5511 * fix: cascade HookExecutorAttribute from class/assembly to hooks (#5462) by @thomhurst in thomhurst/TUnit#5512 ### Dependencies * chore(deps): update dependency polyfill to 10.3.0 by @thomhurst in thomhurst/TUnit#5508 * chore(deps): update tunit to 1.31.0 by @thomhurst in thomhurst/TUnit#5510 * chore(deps): update dependency polyfill to 10.3.0 by @thomhurst in thomhurst/TUnit#5509 **Full Changelog**: thomhurst/TUnit@v1.31.0...v1.32.0 ## 1.31.0 <!-- Release notes generated using configuration in .github/release.yml at v1.31.0 --> ## What's Changed ### Other Changes * feat(reporters): overhaul GitHub Actions step summary by @thomhurst in thomhurst/TUnit#5483 * fix: truncate large stdout/stderr in HTML report to prevent JSON serialization failure by @thomhurst in thomhurst/TUnit#5485 * feat(html-report): add failure clustering to test report by @thomhurst in thomhurst/TUnit#5490 * feat(html-report): add chevron affordance to failure cluster headers by @thomhurst in thomhurst/TUnit#5492 * feat(reporters): group GitHub summary failures by exception type by @thomhurst in thomhurst/TUnit#5491 * feat(reporters): add minimap sidebar navigator to HTML report by @thomhurst in thomhurst/TUnit#5494 * feat(html-report): add category/tag filter pills to toolbar by @thomhurst in thomhurst/TUnit#5496 * feat(html-report): omit redundant test body span from trace timeline by @thomhurst in thomhurst/TUnit#5497 * fix(tests): clear reporter env vars before each GitHubReporterTest to fix flaky CI on macOS/Windows by @thomhurst in thomhurst/TUnit#5499 * feat: add TestContext.MakeCurrent() for console output correlation by @thomhurst in thomhurst/TUnit#5502 * feat(html-report): add flaky test detection and summary section by @thomhurst in thomhurst/TUnit#5498 * fix: smarter stack trace filtering that preserves TUnit-internal traces by @thomhurst in thomhurst/TUnit#5506 * feat: add Activity baggage-based test context correlation by @thomhurst in thomhurst/TUnit#5505 ### Dependencies * chore(deps): update actions/github-script action to v9 by @thomhurst in thomhurst/TUnit#5476 * chore(deps): update tunit to 1.30.8 by @thomhurst in thomhurst/TUnit#5477 * chore(deps): update dependency polyfill to 10.2.0 by @thomhurst in thomhurst/TUnit#5482 * chore(deps): update dependency polyfill to 10.2.0 by @thomhurst in thomhurst/TUnit#5481 * chore(deps): update actions/upload-artifact action to v7.0.1 by @thomhurst in thomhurst/TUnit#5495 **Full Changelog**: thomhurst/TUnit@v1.30.8...v1.31.0 ## 1.30.8 <!-- Release notes generated using configuration in .github/release.yml at v1.30.8 --> ## What's Changed ### Other Changes * feat(mocks): migrate to T.Mock() extension syntax by @thomhurst in thomhurst/TUnit#5472 * feat: split TUnit.AspNetCore into Core + meta package by @thomhurst in thomhurst/TUnit#5474 * feat: add async Member() overloads for Task-returning member selectors by @thomhurst in thomhurst/TUnit#5475 ### Dependencies * chore(deps): update aspire to 13.2.2 by @thomhurst in thomhurst/TUnit#5464 * chore(deps): update dependency polyfill to 10.1.1 by @thomhurst in thomhurst/TUnit#5468 * chore(deps): update dependency polyfill to 10.1.1 by @thomhurst in thomhurst/TUnit#5467 * chore(deps): update tunit to 1.30.0 by @thomhurst in thomhurst/TUnit#5469 * chore(deps): update dependency microsoft.playwright to 1.59.0 by @thomhurst in thomhurst/TUnit#5473 **Full Changelog**: thomhurst/TUnit@v1.30.0...v1.30.8 ## 1.30.0 <!-- Release notes generated using configuration in .github/release.yml at v1.30.0 --> ## What's Changed ### Other Changes * perf: eliminate locks from mock invocation and verification hot paths by @thomhurst in thomhurst/TUnit#5422 * feat: TUnit0074 analyzer for redundant hook attributes on overrides by @thomhurst in thomhurst/TUnit#5459 * fix(mocks): respect generic type argument accessibility (#5453) by @thomhurst in thomhurst/TUnit#5460 * fix(mocks): skip inaccessible internal accessors when mocking Azure.Response by @thomhurst in thomhurst/TUnit#5461 * fix: apply CultureAttribute and STAThreadExecutorAttribute to hooks (#5452) by @thomhurst in thomhurst/TUnit#5463 ### Dependencies * chore(deps): update tunit to 1.29.0 by @thomhurst in thomhurst/TUnit#5446 * chore(deps): update react to ^19.2.5 by @thomhurst in thomhurst/TUnit#5457 * chore(deps): update opentelemetry to 1.15.2 by @thomhurst in thomhurst/TUnit#5456 * chore(deps): update dependency qs to v6.15.1 by @thomhurst in thomhurst/TUnit#5458 **Full Changelog**: thomhurst/TUnit@v1.29.0...v1.30.0 ## 1.29.0 <!-- Release notes generated using configuration in .github/release.yml at v1.29.0 --> ## What's Changed ### Other Changes * 🤖 Update Mock Benchmark Results by @thomhurst in thomhurst/TUnit#5420 * fix(mocks): resolve build errors when mocking Azure SDK clients by @thomhurst in thomhurst/TUnit#5440 * fix: deduplicate virtual hook overrides across class hierarchy (#5428) by @thomhurst in thomhurst/TUnit#5441 * fix(mocks): unique __argArray locals per event in RaiseEvent dispatch (#5423) by @thomhurst in thomhurst/TUnit#5442 * refactor(mocks): extract MockTypeModel.Visibility helper by @thomhurst in thomhurst/TUnit#5443 * fix(mocks): preserve nullable annotations on generated event implementations by @thomhurst in thomhurst/TUnit#5444 * fix(mocks): preserve nullability on event handler types (#5425) by @thomhurst in thomhurst/TUnit#5445 ### Dependencies * chore(deps): update tunit to 1.28.7 by @thomhurst in thomhurst/TUnit#5416 * chore(deps): update dependency polyfill to v10 by @thomhurst in thomhurst/TUnit#5417 * chore(deps): update dependency polyfill to v10 by @thomhurst in thomhurst/TUnit#5418 * chore(deps): update dependency mockolate to 2.4.0 by @thomhurst in thomhurst/TUnit#5431 * chore(deps): update mstest to 4.2.1 by @thomhurst in thomhurst/TUnit#5433 * chore(deps): update dependency microsoft.net.test.sdk to 18.4.0 by @thomhurst in thomhurst/TUnit#5435 * chore(deps): update microsoft.testing to 2.2.1 by @thomhurst in thomhurst/TUnit#5432 * chore(deps): update dependency microsoft.testing.extensions.codecoverage to 18.6.2 by @thomhurst in thomhurst/TUnit#5437 * chore(deps): update dependency @docusaurus/theme-mermaid to ^3.10.0 by @thomhurst in thomhurst/TUnit#5438 * chore(deps): update docusaurus to v3.10.0 by @thomhurst in thomhurst/TUnit#5439 **Full Changelog**: thomhurst/TUnit@v1.28.7...v1.29.0 Commits viewable in [compare view](thomhurst/TUnit@v1.28.7...v1.33.0). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Apr 13, 2026
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
6.15.0→6.15.1Release Notes
ljharb/qs (qs)
v6.15.1Compare Source
parse:parameterLimit: InfinitywiththrowOnLimitExceeded: truesilently drops all parameters@ljharb/eslint-config@ljharb/eslint-config,iconv-liteConfiguration
📅 Schedule: (UTC)
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.