Skip to content

Reduce dependencies from qs#25

Open
benmccann wants to merge 1 commit into
hellosign:mainfrom
benmccann:neoqs
Open

Reduce dependencies from qs#25
benmccann wants to merge 1 commit into
hellosign:mainfrom
benmccann:neoqs

Conversation

@benmccann

@benmccann benmccann commented May 31, 2025
edited
Loading

Copy link
Copy Markdown

https://npmgraph.js.org/?q=qs - 18 dependencies
https://npmgraph.js.org/?q=neoqs - 0 dependencies

Used the legacy entrypoint for CJS support

@CLAassistant

CLAassistant commented May 31, 2025
edited
Loading

Copy link
Copy Markdown

CLA assistant check
All committers have signed the CLA.

@dt-eric-lefevreardant

dt-eric-lefevreardant commented Dec 30, 2025

Copy link
Copy Markdown

snyk test on my project reports vulnerabilities in qs@6.14.0:

Issues with no direct upgrade or patch:
  ✗ Allocation of Resources Without Limits or Throttling [High Severity][https://security.snyk.io/vuln/SNYK-JS-QS-14724253] in qs@6.14.0
    introduced by @dropbox/sign@1.10.0 > qs@6.14.0 and 1 other path(s)
  This issue was fixed in versions: 6.14.1

Sounds like this PR could fix this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@4c9pybp7vd-debug 4c9pybp7vd-debug 4c9pybp7vd-debug approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@benmccann @CLAassistant @dt-eric-lefevreardant @4c9pybp7vd-debug