How to update QS version in [email protected]/[email protected]/[email protected]

[YashvantYadavTR]

Select Topic Area

Question

Body

Hi,
Facing this issue, how to resolve it
qs 6.5.0 - 6.5.2
Severity: high
qs vulnerable to Prototype Pollution - GHSA-hrpp-h998-j3pp
fix available via npm audit fix --force
Will install [email protected], which is a breaking change
node_modules/restler-base/node_modules/qs
restler-base >=3.4.4
Depends on vulnerable versions of qs
node_modules/restler-base
sailthru-client >=3.0.4
Depends on vulnerable versions of restler-base
node_modules/sailthru-client

3 high severity vulnerabilities
Please help me.

[Matteo-it]

Use ncu and you'll see your dependencies that can be updated. With ncu -u dep@version you'll choose how update.

[YashvantYadavTR]

Hi I want to update only qs lib is dependency of sailthru-client>restler-base>qs.

Thanks in advance

[jge162]

Hi I want to update only qs lib is dependency of sailthru-client>restler-base>qs.

@YashvantYadavTR To update only the qs library, which is a dependency of sailthru-client and restler-base, you can run the command "npm install qs@latest" or "npm install qs@[latest version number]" to update to the latest version of the qs library. This should work...

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬