fix(deps): force qs >= 6.15.2 to resolve DoS advisory

express 4 pins qs to ~6.14.0, which falls in the vulnerable range of GHSA-q8mj-m7cp-5q26 (remotely triggerable TypeError in qs.stringify). Add an npm override so the transitive dependency resolves to the patched 6.15.2.
2026-06-11 22:29:52 -06:00
parent 34540e410c
commit 5d66d1f575
2 changed files with 6 additions and 3 deletions
@@ -21,6 +21,9 @@
  "devDependencies": {
    "nodemon": "^3.1.0"
  },
+  "overrides": {
+    "qs": "^6.15.2"
+  },
  "engines": {
    "node": ">=20"
  }