chore(deps-dev): bump qs from 6.14.1 to 6.14.2

[dependabot]

Bumps qs from 6.14.1 to 6.14.2.

Changelog

Sourced from qs's changelog.

6.14.2

• [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit (#546)
• [Fix] arrayLimit means max count, not max index, in combine/merge/parseArrayValue
• [Fix] parse: throw on arrayLimit exceeded with indexed notation when throwOnLimitExceeded is true (#529)
• [Fix] parse: enforce arrayLimit on comma-parsed values
• [Fix] parse: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)
• [Robustness] avoid .push, use void
• [readme] document that addQueryPrefix does not add ? to empty output (#418)
• [readme] clarify parseArrays and arrayLimit documentation (#543)
• [readme] replace runkit CI badge with shields.io check-runs badge
• [meta] fix changelog typo (arrayLength → arrayLimit)
• [actions] fix rebase workflow permissions

Commits

• bdcf0c7 v6.14.2
• 294db90 [readme] document that addQueryPrefix does not add ? to empty output
• 5c308e5 [readme] clarify parseArrays and arrayLimit documentation
• 6addf8c [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit
• cfc108f [Fix] arrayLimit means max count, not max index, in combine/merge/`pars...
• febb644 [Fix] parse: throw on arrayLimit exceeded with indexed notation when `thr...
• f6a7abf [Fix] parse: enforce arrayLimit on comma-parsed values
• fbc5206 [Fix] parse: fix error message to reflect arrayLimit as max index; remove e...
• 1b9a8b4 [actions] fix rebase workflow permissions
• 2a35775 [meta] fix changelog typo (arrayLength → arrayLimit)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Trivy image scan report

ghcr.io/miracum/loinc-conversion:pr-147 (debian 12.13)

8 known vulnerabilities found (CRITICAL: 1 HIGH: 2 MEDIUM: 5 LOW: 0)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
libssl3	CVE-2025-15467	CRITICAL	3.0.18-1~deb12u1	3.0.18-1~deb12u2
libssl3	CVE-2025-69419	HIGH	3.0.18-1~deb12u1	3.0.18-1~deb12u2
libssl3	CVE-2025-69421	HIGH	3.0.18-1~deb12u1	3.0.18-1~deb12u2
libssl3	CVE-2025-68160	MEDIUM	3.0.18-1~deb12u1	3.0.18-1~deb12u2
libssl3	CVE-2025-69418	MEDIUM	3.0.18-1~deb12u1	3.0.18-1~deb12u2
libssl3	CVE-2025-69420	MEDIUM	3.0.18-1~deb12u1	3.0.18-1~deb12u2
libssl3	CVE-2026-22795	MEDIUM	3.0.18-1~deb12u1	3.0.18-1~deb12u2
libssl3	CVE-2026-22796	MEDIUM	3.0.18-1~deb12u1	3.0.18-1~deb12u2

No Misconfigurations found

Node.js

2 known vulnerabilities found (CRITICAL: 0 HIGH: 1 MEDIUM: 0 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
fastify	CVE-2026-25223	HIGH	5.7.1	5.7.2
fastify	CVE-2026-25224	LOW	5.7.1	5.7.3

No Misconfigurations found

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	4		0	0	0.07s
✅ DOCKERFILE	hadolint	1		0	0	0.13s
✅ JSON	jsonlint	4		0	0	0.22s
✅ JSON	npm-package-json-lint	yes		no	no	0.79s
✅ JSON	prettier	4		0	0	0.79s
✅ JSON	v8r	4		0	0	8.15s
✅ MARKDOWN	markdownlint	1		0	0	1.11s
✅ REPOSITORY	checkov	yes		no	no	26.87s
✅ REPOSITORY	dustilock	yes		no	no	0.81s
✅ REPOSITORY	gitleaks	yes		no	no	907.8s
✅ REPOSITORY	git_diff	yes		no	no	1.48s
❌ REPOSITORY	grype	yes		1	1	57.94s
⚠️ REPOSITORY	kics	yes		no	4	5.08s
✅ REPOSITORY	secretlint	yes		no	no	5.21s
✅ REPOSITORY	syft	yes		no	no	4.61s
❌ REPOSITORY	trivy	yes		1	no	13.76s
✅ REPOSITORY	trivy-sbom	yes		no	no	2.61s
✅ REPOSITORY	trufflehog	yes		no	no	16.56s
✅ YAML	prettier	6		0	0	0.59s
✅ YAML	v8r	6		0	0	7.34s
✅ YAML	yamllint	6		0	0	0.83s

Detailed Issues

❌ REPOSITORY / grype - 1 error

error: A high vulnerability in npm package: fastify, version 5.7.1 was found at: /package-lock.json

note: A low vulnerability in npm package: fastify, version 5.7.1 was found at: /package-lock.json

error: 1 errors emitted

❌ REPOSITORY / trivy - 1 error

error: Package: fastify
Installed Version: 5.7.1
Vulnerability CVE-2026-25223
Severity: HIGH
Fixed Version: 5.7.2
Link: [CVE-2026-25223](https://avd.aquasec.com/nvd/cve-2026-25223)
     ┌─ package-lock.json:3389:1
     │  
3389 │ ╭     "node_modules/fastify": {
3390 │ │       "version": "5.7.1",
3391 │ │       "resolved": "https://registry.npmjs.org/fastify/-/fastify-5.7.1.tgz",
3392 │ │       "integrity": "sha512-ZW7S4fxlZhE+tYWVokFzjh+i56R+buYKNGhrVl6DtN8sxkyMEzpJnzvO8A/ZZrsg5w6X37u6I4EOQikYS5DXpA==",
     · │
3420 │ │       }
3421 │ │     },
     │ ╰^
     │  
     = Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact
     = Fastify is a fast and low overhead web framework, for Node.js. Prior to version 5.7.2, a validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely circumvented. By appending a tab character (\t) followed by arbitrary content to the Content-Type header, attackers can bypass body validation while the server still processes the body as the original content type. This issue has been patched in version 5.7.2.

error: 1 errors emitted

⚠️ REPOSITORY / kics - 4 warnings

warning: Healthcheck is not defined.
  ┌─ tests/e2e/compose.yaml:2:1
  │
2 │   loinc-conversion:
  │ ^^^^^^^^^^^^^^^^^^^
  │
  = Healthcheck Not Set
  = Check containers periodically to see if they are running properly.

warning: Healthcheck is not defined.
   ┌─ tests/e2e/compose.yaml:14:1
   │
14 │   tester:
   │ ^^^^^^^^^
   │
   = Healthcheck Not Set
   = Check containers periodically to see if they are running properly.

warning: Docker compose file does not have 'security_opt' attribute
   ┌─ tests/e2e/compose.yaml:14:1
   │
14 │   tester:
   │ ^^^^^^^^^
   │
   = Security Opt Not Set
   = Attribute 'security_opt' should be defined.

warning: Dockerfile doesn't contain instruction 'HEALTHCHECK'
   ┌─ Dockerfile:21:1
   │
21 │ FROM gcr.io/distroless/nodejs24-debian12:nonroot@sha256:7dbb2f897dd49fae32c053b1af3635bd81458dbbd805fc79b988508bea738198
   │ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   │
   = Healthcheck Instruction Missing
   = Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working

warning: 4 warnings emitted

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

• oxsecurity/megalinter/flavors/cupcake@v9.2.0 (88 linters)

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.2.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_DUSTILOCK,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R