node-red-contrib-web-worldmap 5.7.1 → 5.7.2

package/node_modules/qs/test/parse.js

@@ -210,6 +210,21 @@ test('parse()', function (t) {
     t.test('uses original key when depth = 0', function (st) {
         st.deepEqual(qs.parse('a[0]=b&a[1]=c', { depth: 0 }), { 'a[0]': 'b', 'a[1]': 'c' });
         st.deepEqual(qs.parse('a[0][0]=b&a[0][1]=c&a[1]=d&e=2', { depth: 0 }), { 'a[0][0]': 'b', 'a[0][1]': 'c', 'a[1]': 'd', e: '2' });
+        st.deepEqual(qs.parse('a.b=c', { depth: 0, allowDots: true }), { 'a[b]': 'c' }, 'normalizes dots before applying depth-0 behavior');
+        st.deepEqual(qs.parse('toString=foo', { depth: 0 }), {}, 'respects prototype guard at depth 0');
+        st.deepEqual(qs.parse('toString=foo', { depth: 0, allowPrototypes: true }), { toString: 'foo' }, 'allows prototypes at depth 0 when enabled');
+        st.end();
+    });
+
+    t.test('ignores prototype keys when depth = 0 and allowPrototypes is false', function (st) {
+        st.deepEqual(qs.parse('toString=foo', { depth: 0 }), {});
+        st.deepEqual(qs.parse('hasOwnProperty=bar', { depth: 0 }), {});
+        st.deepEqual(qs.parse('toString=foo&a=b', { depth: 0 }), { a: 'b' });
+        st.end();
+    });
+
+    t.test('allows prototype keys when depth = 0 and allowPrototypes is true', function (st) {
+        st.deepEqual(qs.parse('toString=foo', { depth: 0, allowPrototypes: true }), { toString: 'foo' });
         st.end();
     });
 
@@ -251,6 +266,52 @@ test('parse()', function (t) {
         st.end();
     });
 
+    t.test('parses keys with literal [] inside a bracket group (#493)', function (st) {
+        // A bracket pair inside a bracket group should be treated literally as part of the key
+        st.deepEqual(
+            qs.parse('search[withbracket[]]=foobar'),
+            { search: { 'withbracket[]': 'foobar' } },
+            'treats inner [] literally when inside a bracket group'
+        );
+
+        // Single-level variant
+        st.deepEqual(
+            qs.parse('a[b[]]=c'),
+            { a: { 'b[]': 'c' } },
+            'keeps "b[]" as a literal key'
+        );
+
+        // Nested with an array push on the outer level
+        st.deepEqual(
+            qs.parse('list[][x[]]=y'),
+            { list: [{ 'x[]': 'y' }] },
+            'preserves inner [] while still treating outer [] as array push'
+        );
+
+        // Multiple nested bracket pairs: inner [] remains literal as part of the key
+        st.deepEqual(
+            qs.parse('a[b[c[]]]=d'),
+            { a: { 'b[c[]]': 'd' } },
+            'treats "b[c[]]" as a literal key inside the bracket group'
+        );
+
+        // Depth limits with literal brackets: preserve inner [] while limiting bracket-group parsing
+        st.deepEqual(
+            qs.parse('a[b[c[]]][d]=e', { depth: 1 }),
+            { a: { 'b[c[]]': { '[d]': 'e' } } },
+            'respects depth: 1 and preserves literal inner [] in the parsed key'
+        );
+
+        // Unterminated inner bracket group is wrapped as a literal remainder segment
+        st.deepEqual(
+            qs.parse('a[[]b=c'),
+            { a: { '[[]b': 'c' } },
+            'handles unterminated inner bracket groups without throwing'
+        );
+
+        st.end();
+    });
+
     t.test('allows to specify array indices', function (st) {
         st.deepEqual(qs.parse('a[1]=c&a[0]=b&a[2]=d'), { a: ['b', 'c', 'd'] });
         st.deepEqual(qs.parse('a[1]=c&a[0]=b'), { a: ['b', 'c'] });
@@ -784,25 +845,25 @@ test('parse()', function (t) {
 
     t.test('add keys to objects', function (st) {
         st.deepEqual(
-            qs.parse('a[b]=c&a=d'),
+            qs.parse('a[b]=c&a=d', { strictMerge: false }),
             { a: { b: 'c', d: true } },
             'can add keys to objects'
         );
 
         st.deepEqual(
-            qs.parse('a[b]=c&a=toString'),
+            qs.parse('a[b]=c&a=toString', { strictMerge: false }),
             { a: { b: 'c' } },
             'can not overwrite prototype'
         );
 
         st.deepEqual(
-            qs.parse('a[b]=c&a=toString', { allowPrototypes: true }),
+            qs.parse('a[b]=c&a=toString', { strictMerge: false, allowPrototypes: true }),
             { a: { b: 'c', toString: true } },
             'can overwrite prototype with allowPrototypes true'
         );
 
         st.deepEqual(
-            qs.parse('a[b]=c&a=toString', { plainObjects: true }),
+            qs.parse('a[b]=c&a=toString', { strictMerge: false, plainObjects: true }),
             { __proto__: null, a: { __proto__: null, b: 'c', toString: true } },
             'can overwrite prototype with plainObjects true'
         );
@@ -810,6 +871,34 @@ test('parse()', function (t) {
         st.end();
     });
 
+    t.test('strictMerge wraps object and primitive into an array', function (st) {
+        st.deepEqual(
+            qs.parse('a[b]=c&a=d'),
+            { a: [{ b: 'c' }, 'd'] },
+            'object then primitive produces array'
+        );
+
+        st.deepEqual(
+            qs.parse('a=d&a[b]=c'),
+            { a: ['d', { b: 'c' }] },
+            'primitive then object produces array'
+        );
+
+        st.deepEqual(
+            qs.parse('a[b]=c&a=toString'),
+            { a: [{ b: 'c' }, 'toString'] },
+            'prototype-colliding value is preserved in array'
+        );
+
+        st.deepEqual(
+            qs.parse('a[b]=c&a=toString', { plainObjects: true }),
+            { __proto__: null, a: [{ __proto__: null, b: 'c' }, 'toString'] },
+            'plainObjects preserved in array wrapping'
+        );
+
+        st.end();
+    });
+
     t.test('dunder proto is ignored', function (st) {
         var payload = 'categories[__proto__]=login&categories[__proto__]&categories[length]=42';
         var result = qs.parse(payload, { allowPrototypes: true });
@@ -1046,6 +1135,15 @@ test('parse()', function (t) {
         };
 
         st.deepEqual(qs.parse('KeY=vAlUe', { decoder: decoder }), { key: 'VALUE' });
+
+        var noopDecoder = function () { return 'x'; };
+        noopDecoder();
+        st['throws'](
+            function () { decoder('x', noopDecoder, 'utf-8', 'unknown'); },
+            'this should never happen! type: unknown',
+            'decoder throws for unexpected type'
+        );
+
         st.end();
     });
 
@@ -1075,6 +1173,14 @@ test('parse()', function (t) {
                 new RangeError('Parameter limit exceeded. Only 3 parameters allowed.'),
                 'throws error when parameter limit is exceeded'
             );
+
+            sst['throws'](
+                function () {
+                    qs.parse('a=1&b=2', { parameterLimit: 1, throwOnLimitExceeded: true });
+                },
+                new RangeError('Parameter limit exceeded. Only 1 parameter allowed.'),
+                'throws error with singular "parameter" when parameterLimit is 1'
+            );
             sst.end();
         });
 
@@ -1096,6 +1202,12 @@ test('parse()', function (t) {
             sst.end();
         });
 
+        st.test('allows unlimited parameters when parameterLimit is Infinity and throwOnLimitExceeded is true', function (sst) {
+            var result = qs.parse('a=1&b=2&c=3&d=4&e=5&f=6', { parameterLimit: Infinity, throwOnLimitExceeded: true });
+            sst.deepEqual(result, { a: '1', b: '2', c: '3', d: '4', e: '5', f: '6' }, 'parses all parameters without truncation or throwing');
+            sst.end();
+        });
+
         st.end();
     });
 
@@ -1161,6 +1273,14 @@ test('parse()', function (t) {
                 'throws error when a sparse index exceeds arrayLimit'
             );
 
+            sst['throws'](
+                function () {
+                    qs.parse('a[2]=b', { arrayLimit: 1, throwOnLimitExceeded: true });
+                },
+                new RangeError('Array limit exceeded. Only 1 element allowed in an array.'),
+                'throws error with singular "element" when arrayLimit is 1'
+            );
+
             sst.end();
         });
 
@@ -1178,6 +1298,17 @@ test('parse()', function (t) {
             sst.end();
         });
 
+        st.test('throws when duplicate bracket keys exceed arrayLimit with throwOnLimitExceeded', function (sst) {
+            sst['throws'](
+                function () {
+                    qs.parse('a[]=1&a[]=2&a[]=3&a[]=4&a[]=5&a[]=6', { arrayLimit: 5, throwOnLimitExceeded: true });
+                },
+                new RangeError('Array limit exceeded. Only 5 elements allowed in an array.'),
+                'throws error when duplicate bracket notation exceeds array limit'
+            );
+            sst.end();
+        });
+
         st.end();
     });
 
@@ -1229,6 +1360,34 @@ test('`duplicates` option', function (t) {
         'duplicates: last'
     );
 
+    t.test('bracket notation always combines regardless of duplicates', function (st) {
+        st.deepEqual(
+            qs.parse('a=1&a=2&b[]=1&b[]=2', { duplicates: 'last' }),
+            { a: '2', b: ['1', '2'] },
+            'duplicates last: unbracketed takes last, bracketed combines'
+        );
+
+        st.deepEqual(
+            qs.parse('b[]=1&b[]=2', { duplicates: 'last' }),
+            { b: ['1', '2'] },
+            'duplicates last: bracketed always combines'
+        );
+
+        st.deepEqual(
+            qs.parse('b[]=1&b[]=2', { duplicates: 'first' }),
+            { b: ['1', '2'] },
+            'duplicates first: bracketed always combines'
+        );
+
+        st.deepEqual(
+            qs.parse('a=1&a=2&b[]=1&b[]=2', { duplicates: 'first' }),
+            { a: '1', b: ['1', '2'] },
+            'duplicates first: unbracketed takes first, bracketed combines'
+        );
+
+        st.end();
+    });
+
     t.end();
 });
 
@@ -1406,6 +1565,14 @@ test('comma + arrayLimit', function (t) {
             new RangeError('Array limit exceeded. Only 3 elements allowed in an array.'),
             'throws error when comma-split exceeds array limit'
         );
+
+        st['throws'](
+            function () {
+                qs.parse('a=1,2,3', { comma: true, arrayLimit: 1, throwOnLimitExceeded: true });
+            },
+            new RangeError('Array limit exceeded. Only 1 element allowed in an array.'),
+            'throws error with singular "element" when arrayLimit is 1'
+        );
         st.end();
     });
 
@@ -1508,5 +1675,29 @@ test('mixed array and object notation', function (t) {
         st.end();
     });
 
+    t.test('uses existing array length for currentArrayLength when parsing object input with bracket keys', function (st) {
+        var input = {};
+        var arr = ['x', 'y'];
+        arr.a = ['z', 'w'];
+        input['a[]'] = arr;
+        st.deepEqual(qs.parse(input), { a: ['x', 'y'] }, 'parses object input with bracket keys using existing array values');
+        st.end();
+    });
+
+    t.test('throws with singular message when object input bracket key exceeds arrayLimit of 1', function (st) {
+        var input = {};
+        var arr = ['x'];
+        arr.a = ['z', 'w'];
+        input['a[]'] = arr;
+        st['throws'](
+            function () {
+                qs.parse(input, { throwOnLimitExceeded: true, arrayLimit: 1 });
+            },
+            new RangeError('Array limit exceeded. Only 1 element allowed in an array.'),
+            'throws singular error for object input exceeding arrayLimit 1'
+        );
+        st.end();
+    });
+
     t.end();
 });

package/node_modules/qs/test/stringify.js

@@ -651,6 +651,49 @@ test('stringify()', function (t) {
         st.end();
     });
 
+    t.test('does not crash on null/undefined entries in arrayFormat=comma with encodeValuesOnly', function (st) {
+        st.doesNotThrow(
+            function () { qs.stringify({ a: [null, 'b'] }, { arrayFormat: 'comma', encodeValuesOnly: true }); },
+            'does not pass a raw null array entry to the encoder'
+        );
+        st.doesNotThrow(
+            function () { qs.stringify({ a: [undefined, 'b'] }, { arrayFormat: 'comma', encodeValuesOnly: true }); },
+            'does not pass a raw undefined array entry to the encoder'
+        );
+        st.doesNotThrow(
+            function () { qs.stringify({ a: [null] }, { arrayFormat: 'comma', encodeValuesOnly: true }); },
+            'does not crash on a single-null array'
+        );
+
+        st.equal(
+            qs.stringify({ a: [null, 'b'] }, { arrayFormat: 'comma', encodeValuesOnly: true }),
+            'a=,b',
+            'null entry joins as empty, comma stays unencoded under encodeValuesOnly'
+        );
+        st.equal(
+            qs.stringify({ a: [undefined, 'b'] }, { arrayFormat: 'comma', encodeValuesOnly: true }),
+            'a=,b',
+            'undefined entry joins as empty, comma stays unencoded under encodeValuesOnly'
+        );
+        st.equal(
+            qs.stringify({ a: [null] }, { arrayFormat: 'comma', encodeValuesOnly: true }),
+            'a=',
+            'single-null array stringifies as empty value'
+        );
+        st.equal(
+            qs.stringify({ a: [null] }, { arrayFormat: 'comma', encodeValuesOnly: true, strictNullHandling: true }),
+            'a',
+            'strictNullHandling drops the equals sign for a single-null array'
+        );
+        st.equal(
+            qs.stringify({ a: [null] }, { arrayFormat: 'comma', encodeValuesOnly: true, skipNulls: true }),
+            '',
+            'skipNulls drops a single-null array entirely'
+        );
+
+        st.end();
+    });
+
     t.test('stringifies a null object', { skip: !hasProto }, function (st) {
         st.equal(qs.stringify({ __proto__: null, a: 'b' }), 'a=b');
         st.end();
@@ -825,6 +868,35 @@ test('stringify()', function (t) {
         st.end();
     });
 
+    t.test('skips null/undefined entries in filter=array', function (st) {
+        st.doesNotThrow(
+            function () { qs.stringify({ a: 'b', undefined: 'x' }, { filter: ['a', undefined] }); },
+            'does not pass a raw undefined filter entry to the encoder'
+        );
+        st.doesNotThrow(
+            function () { qs.stringify({ a: 'b', 'null': 'x' }, { filter: ['a', null] }); },
+            'does not pass a raw null filter entry to the encoder'
+        );
+
+        st.equal(
+            qs.stringify({ a: 'b', undefined: 'x', c: 'd' }, { filter: ['a', undefined, 'c'] }),
+            'a=b&c=d',
+            'undefined filter entry is skipped, remaining keys are kept'
+        );
+        st.equal(
+            qs.stringify({ a: 'b', 'null': 'x', c: 'd' }, { filter: ['a', null, 'c'] }),
+            'a=b&c=d',
+            'null filter entry is skipped, remaining keys are kept'
+        );
+        st.equal(
+            qs.stringify({ a: 'b', 'null': 'x' }, { filter: [null] }),
+            '',
+            'filter array containing only null yields empty string'
+        );
+
+        st.end();
+    });
+
     t.test('supports custom representations when filter=function', function (st) {
         var calls = 0;
         var obj = { a: 'b', c: 'd', e: { f: new Date(1257894000000) } };
@@ -1111,6 +1183,28 @@ test('stringify()', function (t) {
         st.end();
     });
 
+    t.test('strictNullHandling: applies the formatter to the encoded key (RFC1738)', function (st) {
+        st.equal(
+            qs.stringify(
+                { 'a b': null, 'c d': 'e f' },
+                { strictNullHandling: false, format: 'RFC1738' }
+            ),
+            'a+b=&c+d=e+f',
+            'without: as expected'
+        );
+
+        st.equal(
+            qs.stringify(
+                { 'a b': null, 'c d': 'e f' },
+                { strictNullHandling: true, format: 'RFC1738' }
+            ),
+            'a+b&c+d=e+f',
+            'with: as expected'
+        );
+
+        st.end();
+    });
+
     t.test('throws if an invalid charset is specified', function (st) {
         st['throws'](function () {
             qs.stringify({ a: 'b' }, { charset: 'foobar' });
@@ -1146,6 +1240,12 @@ test('stringify()', function (t) {
             'adds the right sentinel when instructed to and the charset is iso-8859-1'
         );
 
+        st.equal(
+            qs.stringify({ a: 1, b: 2 }, { charsetSentinel: true, delimiter: ';' }),
+            'utf8=%E2%9C%93;a=1;b=2',
+            'uses the configured delimiter after the sentinel'
+        );
+
         st.end();
     });
 
@@ -1188,6 +1288,15 @@ test('stringify()', function (t) {
         };
 
         st.deepEqual(qs.stringify({ KeY: 'vAlUe' }, { encoder: encoder }), 'key=VALUE');
+
+        var noopEncoder = function () { return 'x'; };
+        noopEncoder();
+        st['throws'](
+            function () { encoder('x', noopEncoder, 'utf-8', 'unknown'); },
+            'this should never happen! type: unknown',
+            'encoder throws for unexpected type'
+        );
+
         st.end();
     });
 
@@ -1307,4 +1416,33 @@ test('stringifies empty keys', function (t) {
 
         st.end();
     });
+
+    t.test('round-trips keys containing percent-encoded bracket text', function (st) {
+        var cases = [
+            { 'a%5Bb': 'c' },
+            { 'a%5Db': 'c' },
+            { 'a%255Bb': 'c' },
+            { 'a%255Db': 'c' },
+            { a: { 'b%5Bc': 'd' } },
+            { a: { 'b%255Bc': 'd' } },
+            { 'a%5B%255Bb': 'c' }
+        ];
+        for (var i = 0; i < cases.length; i++) {
+            st.deepEqual(
+                qs.parse(qs.stringify(cases[i])),
+                cases[i],
+                'round-trips ' + JSON.stringify(cases[i])
+            );
+        }
+
+        st.end();
+    });
+
+    t.test('parses input containing percent-encoded bracket text without mangling', function (st) {
+        st.deepEqual(qs.parse('a%25255Bb=c'), { 'a%255Bb': 'c' }, 'a%25255Bb decodes to a%255Bb, not a%5Bb');
+        st.deepEqual(qs.parse('a%25255Db=c'), { 'a%255Db': 'c' }, 'a%25255Db decodes to a%255Db, not a%5Db');
+        st.deepEqual(qs.parse('a%5Bb%25255Bc%5D=d'), { a: { 'b%255Bc': 'd' } }, 'nested %25255B decodes to %255B inside segment, not %5B');
+
+        st.end();
+    });
 });

package/node_modules/qs/test/utils.js

@@ -31,6 +31,7 @@ test('merge()', function (t) {
     t.deepEqual(noOptionsNonObjectSource, { foo: 'baz', bar: true });
 
     var func = function f() {};
+    func();
     t.deepEqual(
         utils.merge(func, { foo: 'bar' }),
         [func, { foo: 'bar' }],
@@ -95,6 +96,13 @@ test('merge()', function (t) {
             s2t.end();
         });
 
+        st.test('with strictMerge, wraps object and primitive in array', function (s2t) {
+            var obj = { foo: 'bar' };
+            var merged = utils.merge(obj, 'baz', { strictMerge: true });
+            s2t.deepEqual(merged, [{ foo: 'bar' }, 'baz'], 'wraps in array with strictMerge');
+            s2t.end();
+        });
+
         st.test('merges overflow object into primitive', function (s2t) {
             // Create an overflow object via combine: 2 elements (indices 0-1) with limit 0
             var overflow = utils.combine(['a'], 'b', 0, false);
@@ -105,6 +113,15 @@ test('merge()', function (t) {
             s2t.end();
         });
 
+        st.test('merges overflow object into primitive with plainObjects', function (s2t) {
+            var overflow = utils.combine(['a'], 'b', 0, false);
+            s2t.ok(utils.isOverflow(overflow), 'overflow object is marked');
+            var merged = utils.merge('c', overflow, { plainObjects: true });
+            s2t.ok(utils.isOverflow(merged), 'result is also marked as overflow');
+            s2t.deepEqual(merged, { __proto__: null, 0: 'c', 1: 'a', 2: 'b' }, 'creates null-proto object with primitive at 0');
+            s2t.end();
+        });
+
         st.test('merges overflow object with multiple values into primitive', function (s2t) {
             // Create an overflow object via combine: 3 elements (indices 0-2) with limit 0
             var overflow = utils.combine(['b', 'c'], 'd', 0, false);
@@ -121,6 +138,21 @@ test('merge()', function (t) {
             s2t.end();
         });
 
+        st.test('merges primitive into array that exceeds arrayLimit', function (s2t) {
+            var arr = ['a', 'b', 'c'];
+            var merged = utils.merge(arr, 'd', { arrayLimit: 1 });
+            s2t.ok(utils.isOverflow(merged), 'result is marked as overflow');
+            s2t.deepEqual(merged, { 0: 'a', 1: 'b', 2: 'c', 3: 'd' }, 'converts to overflow object with primitive appended');
+            s2t.end();
+        });
+
+        st.test('merges array into primitive that exceeds arrayLimit', function (s2t) {
+            var merged = utils.merge('a', ['b', 'c'], { arrayLimit: 1 });
+            s2t.ok(utils.isOverflow(merged), 'result is marked as overflow');
+            s2t.deepEqual(merged, { 0: 'a', 1: 'b', 2: 'c' }, 'converts to overflow object');
+            s2t.end();
+        });
+
         st.end();
     });
 
@@ -369,7 +401,9 @@ test('encode', function (t) {
 });
 
 test('isBuffer()', function (t) {
-    forEach([null, undefined, true, false, '', 'abc', 42, 0, NaN, {}, [], function () {}, /a/g], function (x) {
+    var fn = function () {};
+    fn();
+    forEach([null, undefined, true, false, '', 'abc', 42, 0, NaN, {}, [], fn, /a/g], function (x) {
         t.equal(utils.isBuffer(x), false, inspect(x) + ' is not a buffer');
     });
 
@@ -379,8 +413,9 @@ test('isBuffer()', function (t) {
     var saferBuffer = SaferBuffer.from('abc');
     t.equal(utils.isBuffer(saferBuffer), true, 'SaferBuffer instance is a buffer');
 
-    var buffer = Buffer.from && Buffer.alloc ? Buffer.from('abc') : new Buffer('abc');
-    t.equal(utils.isBuffer(buffer), true, 'real Buffer instance is a buffer');
+    var buffer = SaferBuffer.from('abc');
+    t.notEqual(saferBuffer, buffer, 'different buffer instances');
+    t.equal(utils.isBuffer(buffer), true, 'another Buffer instance is a buffer');
     t.end();
 });
 

package/package.json

@@ -1,12 +1,12 @@
 {
     "name": "node-red-contrib-web-worldmap",
-    "version": "5.7.1",
+    "version": "5.7.2",
     "description": "A Node-RED node to provide a web page of a world map for plotting things on.",
     "dependencies": {
         "@turf/bezier-spline": "7.3.5",
         "cgi": "0.3.1",
         "compression": "1.8.1",
-        "express": "4.22.1",
+        "express": "4.22.2",
         "sockjs": "0.3.24"
     },
     "overrides": {

package/node_modules/body-parser/node_modules/qs/.editorconfig

@@ -1,46 +0,0 @@
-root = true
-
-[*]
-indent_style = space
-indent_size = 4
-end_of_line = lf
-charset = utf-8
-trim_trailing_whitespace = true
-insert_final_newline = true
-max_line_length = 180
-quote_type = single
-
-[test/*]
-max_line_length = off
-
-[LICENSE.md]
-indent_size = off
-
-[*.md]
-max_line_length = off
-
-[*.json]
-max_line_length = off
-
-[Makefile]
-max_line_length = off
-
-[CHANGELOG.md]
-indent_style = space
-indent_size = 2
-
-[LICENSE]
-indent_size = 2
-max_line_length = off
-
-[coverage/**/*]
-indent_size = off
-indent_style = off
-indent = off
-max_line_length = off
-
-[.nycrc]
-indent_style = tab
-
-[tea.yaml]
-indent_size = 2

package/node_modules/body-parser/node_modules/qs/.github/FUNDING.yml

@@ -1,12 +0,0 @@
-# These are supported funding model platforms
-
-github: [ljharb]
-patreon: # Replace with a single Patreon username
-open_collective: # Replace with a single Open Collective username
-ko_fi: # Replace with a single Ko-fi username
-tidelift: npm/qs
-community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
-liberapay: # Replace with a single Liberapay username
-issuehunt: # Replace with a single IssueHunt username
-otechie: # Replace with a single Otechie username
-custom: # Replace with a single custom sponsorship URL

package/node_modules/body-parser/node_modules/qs/.github/SECURITY.md

@@ -1,11 +0,0 @@
-# Security
-
-Please file a private vulnerability report via GitHub, email [@ljharb](https://github.com/ljharb), or see https://tidelift.com/security if you have a potential security vulnerability to report.
-
-## Incident Response Plan
-
-Please see our [Incident Response Plan](https://github.com/ljharb/.github/blob/main/INCIDENT_RESPONSE_PLAN.md).
-
-## Threat Model
-
-Please see [THREAT_MODEL.md](./THREAT_MODEL.md).