This is an automated email from the ASF dual-hosted git repository.
tbonelee pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/zeppelin.git
The following commit(s) were added to refs/heads/master by this push:
new c6dcbe666d Bump qs and express in
/zeppelin-web-angular/projects/zeppelin-react
c6dcbe666d is described below
commit c6dcbe666d617393e62a56b601850cba6829af70
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Mon May 25 02:44:25 2026 +0900
Bump qs and express in /zeppelin-web-angular/projects/zeppelin-react
Bumps [qs](https://github.com/ljharb/qs) and
[express](https://github.com/expressjs/express). These dependencies needed to
be updated together.
Updates `qs` from 6.14.2 to 6.15.2
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md";>qs's
changelog</a>.</em></p>
<blockquote>
<h2><strong>6.15.2</strong></h2>
<ul>
<li>[Fix] <code>stringify</code>: skip null/undefined entries in
<code>arrayFormat: 'comma'</code> + <code>encodeValuesOnly</code> instead of
crashing in <code>encoder</code></li>
<li>[Fix] <code>stringify</code>: use configured <code>delimiter</code>
after <code>charsetSentinel</code> (<a
href="https://redirect.github.com/ljharb/qs/issues/555";>#555</a>)</li>
<li>[Fix] <code>stringify</code>: apply <code>formatter</code> to encoded
key under <code>strictNullHandling</code> (<a
href="https://redirect.github.com/ljharb/qs/issues/554";>#554</a>)</li>
<li>[Fix] <code>stringify</code>: skip null/undefined filter-array entries
instead of crashing in <code>encoder</code> (<a
href="https://redirect.github.com/ljharb/qs/issues/551";>#551</a>)</li>
<li>[Fix] <code>parse</code>: handle nested bracket groups and add
regression tests (<a
href="https://redirect.github.com/ljharb/qs/issues/530";>#530</a>)</li>
<li>[readme] fix grammar (<a
href="https://redirect.github.com/ljharb/qs/issues/550";>#550</a>)</li>
<li>[Dev Deps] update <code><at>ljharb/eslint-config</code></li>
<li>[Tests] add regression tests for keys containing percent-encoded
bracket text</li>
</ul>
<h2><strong>6.15.1</strong></h2>
<ul>
<li>[Fix] <code>parse</code>: <code>parameterLimit: Infinity</code> with
<code>throwOnLimitExceeded: true</code> silently drops all parameters</li>
<li>[Deps] update <code><at>ljharb/eslint-config</code></li>
<li>[Dev Deps] update <code><at>ljharb/eslint-config</code>,
<code>iconv-lite</code></li>
<li>[Tests] increase coverage</li>
</ul>
<h2><strong>6.15.0</strong></h2>
<ul>
<li>[New] <code>parse</code>: add <code>strictMerge</code> option to wrap
object/primitive conflicts in an array (<a
href="https://redirect.github.com/ljharb/qs/issues/425";>#425</a>, <a
href="https://redirect.github.com/ljharb/qs/issues/122";>#122</a>)</li>
<li>[Fix] <code>duplicates</code> option should not apply to bracket
notation keys (<a
href="https://redirect.github.com/ljharb/qs/issues/514";>#514</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ljharb/qs/commit/9aca4076fe788338c67cf7e115f0be6bc58d85a8";><code>9aca407</code></a>
v6.15.2</li>
<li><a
href="https://github.com/ljharb/qs/commit/5e33d33447ed0bf1ddab9abc41d27dea4687d992";><code>5e33d33</code></a>
[Dev Deps] update <code><at>ljharb/eslint-config</code></li>
<li><a
href="https://github.com/ljharb/qs/commit/21f80b33e5c8b3f7eba1034fff0da4a4a37a1d41";><code>21f80b3</code></a>
[Fix] <code>stringify</code>: skip null/undefined entries in
<code>arrayFormat: 'comma'</code> + `e...</li>
<li><a
href="https://github.com/ljharb/qs/commit/a0a81ea2071acce3eff41a040f719ac8f5c4f64c";><code>a0a81ea</code></a>
[Fix] <code>stringify</code>: use configured <code>delimiter</code> after
<code>charsetSentinel</code></li>
<li><a
href="https://github.com/ljharb/qs/commit/e3062f78f5233b338ceeb8e8dfa5a07dea4b32a8";><code>e3062f7</code></a>
[Fix] <code>stringify</code>: apply <code>formatter</code> to encoded key
under <code>strictNullHandling</code></li>
<li><a
href="https://github.com/ljharb/qs/commit/0c180a40adb8c6703fffc85b2ff06ca209f5c1e0";><code>0c180a4</code></a>
[Fix] <code>stringify</code>: skip null/undefined filter-array entries instead
of crashi...</li>
<li><a
href="https://github.com/ljharb/qs/commit/3a8b94aec19bd664720f6f6b1e66c4a0dfe4b656";><code>3a8b94a</code></a>
[Tests] add regression tests for keys containing percent-encoded bracket
text</li>
<li><a
href="https://github.com/ljharb/qs/commit/96755abd357c0e534dd3442a84a04d08864bfe0d";><code>96755ab</code></a>
[readme] fix grammar</li>
<li><a
href="https://github.com/ljharb/qs/commit/a419ce5bbfcdb98a299f1a0bb47ea055baef20e6";><code>a419ce5</code></a>
[Fix] <code>parse</code>: handle nested bracket groups and add regression
tests</li>
<li><a
href="https://github.com/ljharb/qs/commit/3f5e1c528c967d915096787efbffa73cf6044170";><code>3f5e1c5</code></a>
v6.15.1</li>
<li>Additional commits viewable in <a
href="https://github.com/ljharb/qs/compare/v6.14.2...v6.15.2";>compare
view</a></li>
</ul>
</details>
<br />
Updates `express` from 4.22.1 to 4.22.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases";>express's
releases</a>.</em></p>
<blockquote>
<h2>v4.22.2</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: restore >20 array parsing for <code>req.query</code> repeated
keys (<a
href="https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db";><code>8d09bfe6</code></a>)
<ul>
<li>This also unifies array-cap behavior across notations. Indexed notation
(<code>a[0]=...</code>) was historically capped at qs's default
<code>arrayLimit</code> of 20 even in older qs versions; after this change it
also allows up to 1000 items.</li>
</ul>
</li>
<li>deps: qs<at>~6.15.1</li>
<li>deps: body-parser<at>~1.20.5</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/suuuuuuminnnnnn";><code><at>suuuuuuminnnnnn</code></a>
made their first contribution in <a
href="https://redirect.github.com/expressjs/express/pull/7021";>expressjs/express#7021</a></li>
<li><a href="https://github.com/SAY-5";><code><at>SAY-5</code></a> made
their first contribution in <a
href="https://redirect.github.com/expressjs/express/pull/7181";>expressjs/express#7181</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/expressjs/express/compare/v4.22.1...v4.22.2";>https://github.com/expressjs/express/compare/v4.22.1...v4.22.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/v4.22.2/History.md";>express's
changelog</a>.</em></p>
<blockquote>
<h1>4.22.2 / 2026-05-011</h1>
<ul>
<li>fix: restore >20 array parsing for <code>req.query</code> repeated
keys (<a
href="https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db";><code>8d09bfe6</code></a>)
<ul>
<li>This also unifies array-cap behavior across notations. Indexed notation
(<code>a[0]=...</code>) was historically capped at qs's default
<code>arrayLimit</code> of 20 even in older qs versions; after this change it
also allows up to 1000 items.</li>
</ul>
</li>
<li>deps: qs<at>~6.15.1</li>
<li>deps: body-parser<at>~1.20.5</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/expressjs/express/commit/df0abc9333a3398b97b71f6ea7cd77d5ea3e9f97";><code>df0abc9</code></a>
4.22.2</li>
<li><a
href="https://github.com/expressjs/express/commit/836d36668ea750f78b4373b4de79bbd22634e6ec";><code>836d366</code></a>
<code>4.x</code> update qs to 6.15.1, body-parser 1.20.5 (<a
href="https://redirect.github.com/expressjs/express/issues/7224";>#7224</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/8d09bfe6d88983da5c3e12cfdd54782c4dc675db";><code>8d09bfe</code></a>
fix: restore array parsing for req.query repeated keys (<a
href="https://redirect.github.com/expressjs/express/issues/7181";>#7181</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/d39e8ad1778a0b8a606a5a7b17096d0cc5ec722d";><code>d39e8ad</code></a>
deps: body-parser<at>~1.20.4 (<a
href="https://redirect.github.com/expressjs/express/issues/7021";>#7021</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/efe85d9fdc9e3a62f7a1121b4f5f484862298b48";><code>efe85d9</code></a>
deps: qs<at>^6.14.1 (<a
href="https://redirect.github.com/expressjs/express/issues/6972";>#6972</a>)</li>
<li><a
href="https://github.com/expressjs/express/commit/f62378e1bc776259c0a471476c2dc043a02ac762";><code>f62378e</code></a>
📝 add note to history</li>
<li>See full diff in <a
href="https://github.com/expressjs/express/compare/v4.22.1...v4.22.2";>compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`<at>dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `<at>dependabot rebase` will rebase this PR
- `<at>dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `<at>dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `<at>dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `<at>dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `<at>dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security
Alerts page](https://github.com/apache/zeppelin/network/alerts).
</details>
Closes #5255 from
dependabot[bot]/dependabot/npm_and_yarn/zeppelin-web-angular/projects/zeppelin-react/multi-f792d6d6d9.
Signed-off-by: ChanHo Lee <[email protected]>
---
.../projects/zeppelin-react/package-lock.json | 43 +++++++++++++++-------
1 file changed, 29 insertions(+), 14 deletions(-)
diff --git a/zeppelin-web-angular/projects/zeppelin-react/package-lock.json
b/zeppelin-web-angular/projects/zeppelin-react/package-lock.json
index 2b45bacda3..80986ca4df 100644
--- a/zeppelin-web-angular/projects/zeppelin-react/package-lock.json
+++ b/zeppelin-web-angular/projects/zeppelin-react/package-lock.json
@@ -1686,6 +1686,7 @@
"integrity":
"sha512-RFA/bURkcKzx/X9oumPG9Vp3D3JUgus/d0b67KB0t5S/raciymilkOa66olh78MUI92QLbEJevO7rvqU/kjwKA==",
"dev": true,
"license": "MIT",
+ "peer": true,
"dependencies": {
"@types/prop-types": "*",
"csstype": "^3.0.2"
@@ -1806,6 +1807,7 @@
"integrity":
"sha512-klQbnPAAiGYFyI02+znpBRLyjL4/BrBd0nyWkdC0s/6xFLkXYQ8OoRrSkqacS1ddVxf/LDyODIKbQ5TgKAf/Fg==",
"dev": true,
"license": "MIT",
+ "peer": true,
"dependencies": {
"@typescript-eslint/scope-manager": "8.56.1",
"@typescript-eslint/types": "8.56.1",
@@ -2406,6 +2408,7 @@
"integrity":
"sha512-UVJyE9MttOsBQIDKw1skb9nAwQuR5wuGD3+82K6JgJlm/Y+KI92oNsMNGZCYdDsVtRHSak0pcV5Dno5+4jh9sw==",
"dev": true,
"license": "MIT",
+ "peer": true,
"bin": {
"acorn": "bin/acorn"
},
@@ -2873,9 +2876,9 @@
}
},
"node_modules/body-parser": {
- "version": "1.20.4",
- "resolved":
"https://registry.npmjs.org/body-parser/-/body-parser-1.20.4.tgz";,
- "integrity":
"sha512-ZTgYYLMOXY9qKU/57FAo8F+HA2dGX7bqGc71txDRC1rS4frdFI5R7NhluHxH6M0YItAP0sHB4uqAOcYKxO6uGA==",
+ "version": "1.20.5",
+ "resolved":
"https://registry.npmjs.org/body-parser/-/body-parser-1.20.5.tgz";,
+ "integrity":
"sha512-3grm+/2tUOvu2cjJkvsIxrv/wVpfXQW4PsQHYm7yk4vfpu7Ekl6nEsYBoJUL6qDwZUx8wUhQ8tR2qz+ad9c9OA==",
"dev": true,
"license": "MIT",
"dependencies": {
@@ -2887,7 +2890,7 @@
"http-errors": "~2.0.1",
"iconv-lite": "~0.4.24",
"on-finished": "~2.4.1",
- "qs": "~6.14.0",
+ "qs": "~6.15.1",
"raw-body": "~2.5.3",
"type-is": "~1.6.18",
"unpipe": "~1.0.0"
@@ -2959,6 +2962,7 @@
}
],
"license": "MIT",
+ "peer": true,
"dependencies": {
"baseline-browser-mapping": "^2.9.0",
"caniuse-lite": "^1.0.30001759",
@@ -3544,7 +3548,8 @@
"version": "1.11.18",
"resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.18.tgz";,
"integrity":
"sha512-zFBQ7WFRvVRhKcWoUh+ZA1g2HVgUbsZm9sbddh8EC5iv93sui8DVVz1Npvz+r6meo9VKfa8NyLWBsQK1VvIKPA==",
- "license": "MIT"
+ "license": "MIT",
+ "peer": true
},
"node_modules/debug": {
"version": "2.6.9",
@@ -4104,6 +4109,7 @@
"deprecated": "This version is no longer supported. Please see
https://eslint.org/version-support for other options.",
"dev": true,
"license": "MIT",
+ "peer": true,
"dependencies": {
"@eslint-community/eslint-utils": "^4.2.0",
"@eslint-community/regexpp": "^4.6.1",
@@ -4604,15 +4610,15 @@
}
},
"node_modules/express": {
- "version": "4.22.1",
- "resolved": "https://registry.npmjs.org/express/-/express-4.22.1.tgz";,
- "integrity":
"sha512-F2X8g9P1X7uCPZMA3MVf9wcTqlyNp7IhH5qPCI0izhaOIYXaW9L535tGA3qmjRzpH+bZczqq7hVKxTR4NWnu+g==",
+ "version": "4.22.2",
+ "resolved": "https://registry.npmjs.org/express/-/express-4.22.2.tgz";,
+ "integrity":
"sha512-IuL+Elrou2ZvCFHs18/CIzy2Nzvo25nZ1/D2eIZlz7c+QUayAcYoiM2BthCjs+EBHVpjYjcuLDAiCWgeIX3X1Q==",
"dev": true,
"license": "MIT",
"dependencies": {
"accepts": "~1.3.8",
"array-flatten": "1.1.1",
- "body-parser": "~1.20.3",
+ "body-parser": "~1.20.5",
"content-disposition": "~0.5.4",
"content-type": "~1.0.4",
"cookie": "~0.7.1",
@@ -4631,7 +4637,7 @@
"parseurl": "~1.3.3",
"path-to-regexp": "~0.1.12",
"proxy-addr": "~2.0.7",
- "qs": "~6.14.0",
+ "qs": "~6.15.1",
"range-parser": "~1.2.1",
"safe-buffer": "5.2.1",
"send": "~0.19.0",
@@ -7065,6 +7071,7 @@
}
],
"license": "MIT",
+ "peer": true,
"dependencies": {
"nanoid": "^3.3.11",
"picocolors": "^1.1.1",
@@ -7272,9 +7279,9 @@
}
},
"node_modules/qs": {
- "version": "6.14.2",
- "resolved": "https://registry.npmjs.org/qs/-/qs-6.14.2.tgz";,
- "integrity":
"sha512-V/yCWTTF7VJ9hIh18Ugr2zhJMP01MY7c5kh4J870L7imm6/DIzBsNLTXzMwUA3yZ5b/KBqLx8Kp3uRvd7xSe3Q==",
+ "version": "6.15.2",
+ "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.2.tgz";,
+ "integrity":
"sha512-Rzq0KEyX/w/tEybncDgdkZrJgVUsUMk3xjh3t5bv3S1HTAtg+uOYt72+ZfwiQwKdysThkTBdL/rTi6HDmX9Ddw==",
"dev": true,
"license": "BSD-3-Clause",
"dependencies": {
@@ -7945,6 +7952,7 @@
"resolved": "https://registry.npmjs.org/react/-/react-18.3.1.tgz";,
"integrity":
"sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==",
"license": "MIT",
+ "peer": true,
"dependencies": {
"loose-envify": "^1.1.0"
},
@@ -7957,6 +7965,7 @@
"resolved":
"https://registry.npmjs.org/react-dom/-/react-dom-18.3.1.tgz";,
"integrity":
"sha512-5m4nQKp+rZRb09LNH59GM4BxTh9251/ylbKIbpe7TpGxfJ+9kv6BLkLBXIjjspbgbnIBNqlI23tRnTWT0snUIw==",
"license": "MIT",
+ "peer": true,
"dependencies": {
"loose-envify": "^1.1.0",
"scheduler": "^0.23.2"
@@ -8366,6 +8375,7 @@
"integrity":
"sha512-PlXPeEWMXMZ7sPYOHqmDyCJzcfNrUr3fGNKtezX14ykXOEIvyK81d+qydx89KY5O71FKMPaQ2vBfBFI5NHR63A==",
"dev": true,
"license": "MIT",
+ "peer": true,
"dependencies": {
"fast-deep-equal": "^3.1.3",
"fast-uri": "^3.0.1",
@@ -9298,6 +9308,7 @@
"integrity":
"sha512-QP88BAKvMam/3NxH6vj2o21R6MjxZUAd6nlwAS/pnGvN9IVLocLHxGYIzFhg6fUQ+5th6P4dv4eW9jX3DSIj7A==",
"dev": true,
"license": "MIT",
+ "peer": true,
"engines": {
"node": ">=12"
},
@@ -9434,7 +9445,8 @@
"version": "2.8.1",
"resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz";,
"integrity":
"sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==",
- "license": "0BSD"
+ "license": "0BSD",
+ "peer": true
},
"node_modules/tsyringe": {
"version": "4.10.0",
@@ -9580,6 +9592,7 @@
"integrity":
"sha512-1FXk9E2Hm+QzZQ7z+McJiHL4NW1F2EzMu9Nq9i3zAaGqibafqYwCVU6WyWAuyQRRzOlxou8xZSyXLEN8oKj24g==",
"dev": true,
"license": "Apache-2.0",
+ "peer": true,
"bin": {
"tsc": "bin/tsc",
"tsserver": "bin/tsserver"
@@ -9745,6 +9758,7 @@
"integrity":
"sha512-jTywjboN9aHxFlToqb0K0Zs9SbBoW4zRUlGzI2tYNxVYcEi/IPpn+Xi4ye5jTLvX2YeLuic/IvxNot+Q1jMoOw==",
"dev": true,
"license": "MIT",
+ "peer": true,
"dependencies": {
"@types/eslint-scope": "^3.7.7",
"@types/estree": "^1.0.8",
@@ -9794,6 +9808,7 @@
"integrity":
"sha512-pIDJHIEI9LR0yxHXQ+Qh95k2EvXpWzZ5l+d+jIo+RdSm9MiHfzazIxwwni/p7+x4eJZuvG1AJwgC4TNQ7NRgsg==",
"dev": true,
"license": "MIT",
+ "peer": true,
"dependencies": {
"@discoveryjs/json-ext": "^0.5.0",
"@webpack-cli/configtest": "^2.1.1",
