From 2e67225b2b378f7f54e78a3dcd8a60e230dae79d Mon Sep 17 00:00:00 2001
From: Shubhangi-Microsoft <v-shubsahu@microsoft.com>
Date: Tue, 26 May 2026 16:14:17 +0530
Subject: [PATCH] fix: resolve dependabot alert #191 - update qs to 6.15.2

- qs: 6.15.1 -> 6.15.2 (fixes GHSA-q8mj-m7cp-5q26 - remotely triggerable DoS via null/undefined entries in comma-format arrays)
---
 src/App/server/package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/App/server/package-lock.json b/src/App/server/package-lock.json
index d2c760bf7..69627aeca 100644
--- a/src/App/server/package-lock.json
+++ b/src/App/server/package-lock.json
@@ -750,9 +750,9 @@
       }
     },
     "node_modules/qs": {
-      "version": "6.15.1",
-      "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.1.tgz",
-      "integrity": "sha512-6YHEFRL9mfgcAvql/XhwTvf5jKcOiiupt2FiJxHkiX1z4j7WL8J/jRHYLluORvc1XxB5rV20KoeK00gVJamspg==",
+      "version": "6.15.2",
+      "resolved": "https://registry.npmjs.org/qs/-/qs-6.15.2.tgz",
+      "integrity": "sha512-Rzq0KEyX/w/tEybncDgdkZrJgVUsUMk3xjh3t5bv3S1HTAtg+uOYt72+ZfwiQwKdysThkTBdL/rTi6HDmX9Ddw==",
       "license": "BSD-3-Clause",
       "dependencies": {
         "side-channel": "^1.1.0"