Bump qs, ampersand-model and express

[dependabot[bot]]

Bumps qs to 6.11.0 and updates ancestor dependencies qs, ampersand-model and express. These dependencies need to be updated together.

Updates qs from 6.5.1 to 6.11.0

Changelog

Sourced from qs's changelog.

6.11.0

• [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
• [readme] fix version badge

6.10.5

• [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

6.10.4

• [Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
• [meta] use npmignore to autogenerate an npmignore file
• [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

6.10.3

• [Fix] parse: ignore __proto__ keys (#428)
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [actions] reuse common workflows
• [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

6.10.2

• [Fix] stringify: actually fix cyclic references (#426)
• [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] add note and links for coercing primitive values (#408)
• [actions] update codecov uploader
• [actions] update workflows
• [Tests] clean up stringify tests slightly
• [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

6.10.1

• [Fix] stringify: avoid exception on repeated object values (#402)

6.10.0

• [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
• [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
• [meta] fix README.md (#399)
• [meta] only run npm run dist in publish, not install
• [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
• [Tests] fix tests on node v0.6
• [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
• [Tests] Revert "[meta] ignore eclint transitive audit warning"

6.9.7

• [Fix] parse: ignore __proto__ keys (#428)
• [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
• [Robustness] stringify: avoid relying on a global undefined (#427)
• [readme] remove travis badge; add github actions/codecov badges; update URLs
• [Docs] add note and links for coercing primitive values (#408)
• [Tests] clean up stringify tests slightly
• [meta] fix README.md (#399)
• Revert "[meta] ignore eclint transitive audit warning"

... (truncated)

Commits

• 56763c1 v6.11.0
• ddd3e29 [readme] fix version badge
• c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
• 95bc018 v6.10.5
• 0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
• ba9703c v6.10.4
• 4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
• 113b990 [Dev Deps] update object-inspect
• c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
• 2cf45b2 [meta] use npmignore to autogenerate an npmignore file
• Additional commits viewable in compare view

Updates ampersand-model from 4.1.0 to 8.0.1

Commits

• 34eb3de 8.0.1
• d52aeba Update phantomjs, tape; Check in package-lock.json
• f191441 Merge pull request #79 from spencerbyw/patch-1
• f010967 Fix code typo in model.save section
• cec083b 8.0.0
• 0e4d652 update ampersand sync
• 6042bf1 7.0.0
• 12bdbd3 Bump ampersand-state to ^5.0.1 (#74)
• b312686 improve lodash dep bundling (#75)
• 1e7d2b1 6.0.3
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by dhritzkiv, a new releaser for ampersand-model since your current version.

Updates express from 3.3.6 to 3.21.2

Release notes

Sourced from express's releases.

3.21.2

• deps: connect@2.30.2
  • deps: body-parser@~1.13.3
  • deps: compression@~1.5.2
  • deps: errorhandler@~1.4.2
  • deps: method-override@~2.3.5
  • deps: serve-index@~1.7.2
  • deps: type-is@~1.6.6
  • deps: vhost@~3.0.1
• deps: vary@~1.0.1
  • Fix setting empty header from empty field
  • perf: enable strict mode
  • perf: remove argument reassignments

3.21.1

• deps: basic-auth@~1.0.3
• deps: connect@2.30.1
  • deps: body-parser@~1.13.2
  • deps: compression@~1.5.1
  • deps: errorhandler@~1.4.1
  • deps: morgan@~1.6.1
  • deps: pause@0.1.0
  • deps: qs@4.0.0
  • deps: serve-index@~1.7.1
  • deps: type-is@~1.6.4

3.21.0

• deps: basic-auth@1.0.2
  • perf: enable strict mode
  • perf: hoist regular expression
  • perf: parse with regular expressions
  • perf: remove argument reassignment
• deps: connect@2.30.0
  • deps: body-parser@~1.13.1
  • deps: bytes@2.1.0
  • deps: compression@~1.5.0
  • deps: cookie@0.1.3
  • deps: cookie-parser@~1.3.5
  • deps: csurf@~1.8.3
  • deps: errorhandler@~1.4.0
  • deps: express-session@~1.11.3
  • deps: finalhandler@0.4.0
  • deps: fresh@0.3.0
  • deps: morgan@~1.6.0
  • deps: serve-favicon@~2.3.0
  • deps: serve-index@~1.7.0
  • deps: serve-static@~1.10.0
  • deps: type-is@~1.6.3
• deps: cookie@0.1.3
  • perf: deduce the scope of try-catch deopt

... (truncated)

Changelog

Sourced from express's changelog.

3.21.2 / 2015-07-31

• deps: connect@2.30.2
  • deps: body-parser@~1.13.3
  • deps: compression@~1.5.2
  • deps: errorhandler@~1.4.2
  • deps: method-override@~2.3.5
  • deps: serve-index@~1.7.2
  • deps: type-is@~1.6.6
  • deps: vhost@~3.0.1
• deps: vary@~1.0.1
  • Fix setting empty header from empty field
  • perf: enable strict mode
  • perf: remove argument reassignments

3.21.1 / 2015-07-05

• deps: basic-auth@~1.0.3
• deps: connect@2.30.1
  • deps: body-parser@~1.13.2
  • deps: compression@~1.5.1
  • deps: errorhandler@~1.4.1
  • deps: morgan@~1.6.1
  • deps: pause@0.1.0
  • deps: qs@4.0.0
  • deps: serve-index@~1.7.1
  • deps: type-is@~1.6.4

3.21.0 / 2015-06-18

• deps: basic-auth@1.0.2
  • perf: enable strict mode
  • perf: hoist regular expression
  • perf: parse with regular expressions
  • perf: remove argument reassignment
• deps: connect@2.30.0
  • deps: body-parser@~1.13.1
  • deps: bytes@2.1.0
  • deps: compression@~1.5.0
  • deps: cookie@0.1.3
  • deps: cookie-parser@~1.3.5
  • deps: csurf@~1.8.3
  • deps: errorhandler@~1.4.0
  • deps: express-session@~1.11.3
  • deps: finalhandler@0.4.0
  • deps: fresh@0.3.0
  • deps: morgan@~1.6.0

... (truncated)

Commits

• cb59086 3.21.2
• ce087e5 build: marked@0.3.5
• 93dd15c deps: connect@2.30.2
• b53feaa deps: vary@~1.0.1
• d51d1ea build: ejs@2.3.3
• fc95112 build: should@7.0.2
• 3c0ff81 3.21.1
• f247a41 deps: basic-auth@~1.0.3
• 71d56db build: ejs@2.3.2
• 3ec7cca deps: connect@2.30.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by dougwilson, a new releaser for express since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/AmpersandJS/tools.ampersandjs.com/network/alerts).