From 239db7037483e2c46b1a7f6d0eacd91730bca7c6 Mon Sep 17 00:00:00 2001
From: Tom Moor <tom.moor@gmail.com>
Date: Wed, 7 Dec 2022 22:05:35 -0500
Subject: [PATCH] fix: Bump qs, fix prototype pollution

---
 package.json |  3 ++-
 yarn.lock    | 15 ++++-----------
 2 files changed, 6 insertions(+), 12 deletions(-)

diff --git a/package.json b/package.json
index 1e06270a9..0b7150d2b 100644
--- a/package.json
+++ b/package.json
@@ -359,7 +359,8 @@
     "prosemirror-transform": "1.2.5",
     "dot-prop": "^5.2.0",
     "js-yaml": "^3.14.1",
-    "jpeg-js": "0.4.4"
+    "jpeg-js": "0.4.4",
+    "qs": "6.9.7"
   },
   "version": "0.66.2"
 }
diff --git a/yarn.lock b/yarn.lock
index 22d333b2e..1d7b0383c 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -12629,17 +12629,10 @@ punycode@^2.1.0, punycode@^2.1.1:
   resolved "https://registry.yarnpkg.com/punycode/-/punycode-2.1.1.tgz#b58b010ac40c22c5657616c8d2c2c02c7bf479ec"
   integrity sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==
 
-qs@6.9.3:
-  version "6.9.3"
-  resolved "https://registry.yarnpkg.com/qs/-/qs-6.9.3.tgz#bfadcd296c2d549f1dffa560619132c977f5008e"
-  integrity sha512-EbZYNarm6138UKKq46tdx08Yo/q9ZhFoAXAI1meAFd2GtbRDhbZY2WQSICskT0c5q99aFzLG1D4nvTk9tqfXIw==
-
-qs@^6.10.3, qs@^6.4.0:
-  version "6.11.0"
-  resolved "https://registry.yarnpkg.com/qs/-/qs-6.11.0.tgz#fd0d963446f7a65e1367e01abd85429453f0c37a"
-  integrity sha512-MvjoMCJwEarSbUYk5O+nmoSzSutSsTwF85zcHPQ9OrlFoZOYIjaqBAJIqIXjptyD5vThxGq52Xu/MaJzRkIk4Q==
-  dependencies:
-    side-channel "^1.0.4"
+qs@6.9.3, qs@6.9.7, qs@^6.10.3, qs@^6.4.0:
+  version "6.9.7"
+  resolved "https://registry.yarnpkg.com/qs/-/qs-6.9.7.tgz#4610846871485e1e048f44ae3b94033f0e675afe"
+  integrity sha512-IhMFgUmuNpyRfxA90umL7ByLlgRXu6tIfKPpF5TmcfRLlLCckfP/g3IQmju6jjpu+Hh8rA+2p6A27ZSPOOHdKw==
 
 query-string@^7.1.1:
   version "7.1.1"