Skip to content

Bump qs, @nestjs/core, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing in /library-nest-server#53

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/library-nest-server/multi-90aa77c522
Open

Bump qs, @nestjs/core, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing in /library-nest-server#53
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/library-nest-server/multi-90aa77c522

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 12, 2026

Bumps qs to 6.14.2 and updates ancestor dependencies qs, @nestjs/core, @nestjs/platform-express, @nestjs/swagger and @nestjs/testing. These dependencies need to be updated together.

Updates qs from 6.11.0 to 6.14.2

Changelog

Sourced from qs's changelog.

6.14.2

  • [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit (#546)
  • [Fix] arrayLimit means max count, not max index, in combine/merge/parseArrayValue
  • [Fix] parse: throw on arrayLimit exceeded with indexed notation when throwOnLimitExceeded is true (#529)
  • [Fix] parse: enforce arrayLimit on comma-parsed values
  • [Fix] parse: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)
  • [Robustness] avoid .push, use void
  • [readme] document that addQueryPrefix does not add ? to empty output (#418)
  • [readme] clarify parseArrays and arrayLimit documentation (#543)
  • [readme] replace runkit CI badge with shields.io check-runs badge
  • [meta] fix changelog typo (arrayLengtharrayLimit)
  • [actions] fix rebase workflow permissions

6.14.1

  • [Fix] ensure arrayLimit applies to [] notation as well
  • [Fix] parse: when a custom decoder returns null for a key, ignore that key
  • [Refactor] parse: extract key segment splitting helper
  • [meta] add threat model
  • [actions] add workflow permissions
  • [Tests] stringify: increase coverage
  • [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect

6.14.0

  • [New] parse: add throwOnParameterLimitExceeded option (#517)
  • [Refactor] parse: use utils.combine more
  • [patch] parse: add explicit throwOnLimitExceeded default
  • [actions] use shared action; re-add finishers
  • [meta] Fix changelog formatting bug
  • [Deps] update side-channel
  • [Dev Deps] update es-value-fixtures, has-bigints, has-proto, has-symbols
  • [Tests] increase coverage

6.13.1

  • [Fix] stringify: avoid a crash when a filter key is null
  • [Fix] utils.merge: functions should not be stringified into keys
  • [Fix] parse: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset
  • [Fix] stringify: ensure a non-string filter does not crash
  • [Refactor] use __proto__ syntax instead of Object.create for null objects
  • [Refactor] misc cleanup
  • [Tests] utils.merge: add some coverage
  • [Tests] fix a test case
  • [actions] split out node 10-20, and 20+
  • [Dev Deps] update es-value-fixtures, mock-property, object-inspect, tape

6.13.0

  • [New] parse: add strictDepth option (#511)
  • [Tests] use npm audit instead of aud

6.12.3

  • [Fix] parse: properly account for strictNullHandling when allowEmptyArrays

... (truncated)

Commits
  • bdcf0c7 v6.14.2
  • 294db90 [readme] document that addQueryPrefix does not add ? to empty output
  • 5c308e5 [readme] clarify parseArrays and arrayLimit documentation
  • 6addf8c [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit
  • cfc108f [Fix] arrayLimit means max count, not max index, in combine/merge/`pars...
  • febb644 [Fix] parse: throw on arrayLimit exceeded with indexed notation when `thr...
  • f6a7abf [Fix] parse: enforce arrayLimit on comma-parsed values
  • fbc5206 [Fix] parse: fix error message to reflect arrayLimit as max index; remove e...
  • 1b9a8b4 [actions] fix rebase workflow permissions
  • 2a35775 [meta] fix changelog typo (arrayLengtharrayLimit)
  • Additional commits viewable in compare view

Updates @nestjs/core from 9.3.5 to 11.1.13

Release notes

Sourced from @​nestjs/core's releases.

v11.1.13 (2026-02-03)

Bug fixes

  • common
    • #16230 fix(common): Fix skipping maxArrayLength and maxStringLength option (@​chojs23)

Enhancements

Dependencies

Committers: 6

v11.1.12 (2026-01-15)

Bug fixes

Dependencies

Committers: 3

v11.1.11 (2025-12-29)

Bug fixes

  • platform-fastify

... (truncated)

Commits
  • e3a958a chore(release): publish v11.1.13 release
  • db9494a perf(core): use set instead of array for module registry lookup
  • 909b504 test(core): add unit tests for discovery service
  • 96932ad chore(release): publish v11.1.12 release
  • 4fdeb0b style: address lint issues
  • e5616c2 feat: apply instance decorator to all enhancers
  • 585f55f chore: revert lerna version
  • fef323b chore(release): publish v11.1.11 release
  • 15198c6 fix(core): add missing catch handler for forward-ref provider resolution
  • de5e026 chore(@​nestjs) publish v11.1.10 release
  • Additional commits viewable in compare view

Updates @nestjs/platform-express from 9.3.5 to 11.1.13

Release notes

Sourced from @​nestjs/platform-express's releases.

v11.1.13 (2026-02-03)

Bug fixes

  • common
    • #16230 fix(common): Fix skipping maxArrayLength and maxStringLength option (@​chojs23)

Enhancements

Dependencies

Committers: 6

v11.1.12 (2026-01-15)

Bug fixes

Dependencies

Committers: 3

v11.1.11 (2025-12-29)

Bug fixes

  • platform-fastify

... (truncated)

Commits
  • e3a958a chore(release): publish v11.1.13 release
  • 58c761a fix(deps): update dependency cors to v2.8.6
  • 96932ad chore(release): publish v11.1.12 release
  • 585f55f chore: revert lerna version
  • fef323b chore(release): publish v11.1.11 release
  • de5e026 chore(@​nestjs) publish v11.1.10 release
  • 8f0840a test(express): Add tests for getBodyParserOptions utility
  • 0c93692 chore: update prettier
  • 0430f3f chore: resolve conflicts
  • 5045fea chore: update eslint monorepo
  • Additional commits viewable in compare view

Updates @nestjs/swagger from 6.2.1 to 11.2.6

Release notes

Sourced from @​nestjs/swagger's releases.

11.2.6

What's Changed

New Contributors

Full Changelog: nestjs/swagger@11.2.5...11.2.6

Release 11.2.5

11.2.5 (2026-01-14)

Bug fixes

Enhancements

Committers: 2

11.2.4

What's Changed

New Contributors

Full Changelog: nestjs/swagger@11.2.3...11.2.4

Release 11.2.3

What's Changed

Full Changelog: nestjs/swagger@11.2.2...11.2.3

Release 11.2.2

11.2.2 (2025-11-16)

... (truncated)

Commits
  • 3281744 chore(): release v11.2.6
  • bca62d9 Merge pull request #3705 from nestjs/renovate/npm-lodash-vulnerability
  • b06e08a Merge pull request #3697 from ismaildasci/feat/add-format-type-definition
  • 0eeb8af Merge pull request #3707 from wanderer-s/fix/api_query_type
  • 4869d1b Merge pull request #3715 from micalevisk/feat/add-server-custom-fields
  • 8c64c72 chore(deps): update nest monorepo to v11.1.13 (#3722)
  • 128aac4 chore(deps): update dependency @​types/node to v24.10.10 (#3721)
  • 61fec42 chore(deps): update dependency fastify to v5.7.4 (#3720)
  • d453a02 chore(deps): update commitlint monorepo to v20.4.1 (#3718)
  • 1447671 fix(deps): update dependency lodash to v4.17.23 [security]
  • Additional commits viewable in compare view

Updates @nestjs/testing from 9.3.5 to 11.1.13

Release notes

Sourced from @​nestjs/testing's releases.

v11.1.13 (2026-02-03)

Bug fixes

  • common
    • #16230 fix(common): Fix skipping maxArrayLength and maxStringLength option (@​chojs23)

Enhancements

Dependencies

Committers: 6

v11.1.12 (2026-01-15)

Bug fixes

Dependencies

Committers: 3

v11.1.11 (2025-12-29)

Bug fixes

  • platform-fastify

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump qs, @nestjs/core, @nestjs/platform-express, @nestjs/swagger and …
efaae56 
…@nestjs/testing

Bumps [qs](https://github.com/ljharb/qs) to 6.14.2 and updates ancestor dependencies [qs](https://github.com/ljharb/qs), [@nestjs/core](https://github.com/nestjs/nest/tree/HEAD/packages/core), [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express), [@nestjs/swagger](https://github.com/nestjs/swagger) and [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). These dependencies need to be updated together.


Updates `qs` from 6.11.0 to 6.14.2
- [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md)
- [Commits](ljharb/qs@v6.11.0...v6.14.2)

Updates `@nestjs/core` from 9.3.5 to 11.1.13
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.13/packages/core)

Updates `@nestjs/platform-express` from 9.3.5 to 11.1.13
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.13/packages/platform-express)

Updates `@nestjs/swagger` from 6.2.1 to 11.2.6
- [Release notes](https://github.com/nestjs/swagger/releases)
- [Commits](nestjs/swagger@6.2.1...11.2.6)

Updates `@nestjs/testing` from 9.3.5 to 11.1.13
- [Release notes](https://github.com/nestjs/nest/releases)
- [Commits](https://github.com/nestjs/nest/commits/v11.1.13/packages/testing)

---
updated-dependencies:
- dependency-name: qs
  dependency-version: 6.14.2
  dependency-type: indirect
- dependency-name: "@nestjs/core"
  dependency-version: 11.1.13
  dependency-type: direct:production
- dependency-name: "@nestjs/platform-express"
  dependency-version: 11.1.13
  dependency-type: direct:production
- dependency-name: "@nestjs/swagger"
  dependency-version: 11.2.6
  dependency-type: direct:production
- dependency-name: "@nestjs/testing"
  dependency-version: 11.1.13
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 12, 2026
@dependabot dependabot bot mentioned this pull request Feb 12, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants