fix: upgrade qs version

[sahar-fehri]

Description

Upgrade QS version

Changelog

CHANGELOG entry: null

Related issues

Fixes:

Manual testing steps

Feature: my feature name

  Scenario: user [verb for user action]
    Given [describe expected initial app state]

    When user [verb for user action]
    Then [describe expected outcome]

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Performance checks (if applicable)

• I've tested on Android
  • Ideally on a mid-range device; emulator is acceptable
• I've tested with a power user scenario
  • Use these power-user SRPs to import wallets with many accounts and tokens
• I've instrumented key operations with Sentry traces for production performance metrics
  • See trace() for usage and addToken for an example

For performance guidelines and tooling, see the Performance Guide.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

^{Cursor Bugbot is generating a summary for commit 8782ffc. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​qs@​6.14.1 ⏵ 6.15.2	+1	+3

View full report

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: SmokeMultiChainAPI, SmokeNetworkExpansion, SmokeNetworkAbstractions, SmokeWalletPlatform
• Selected Performance tags: None (no tests recommended)
• Risk Level: low
• AI Confidence: 82%

click to see 🤖 AI reasoning details

E2E Test Selection:
The PR updates only the qs (query string parsing) library from version 6.14.1 to 6.15.2 via a package.json resolution override and corresponding yarn.lock update. No application code was changed.

The qs library is used in exactly two places:

1. app/core/DeeplinkManager/utils/extractURLParams.ts - Parses URL query parameters for deep links (SDK connections, WalletConnect URIs, deep link routing)
2. app/core/WalletConnect/wc-utils.ts - Parses WalletConnect URI query strings for protocol/version detection and session establishment

This is a minor version bump (6.14.x → 6.15.x) which is unlikely to introduce breaking changes in query string parsing behavior. However, since the affected code paths are critical for dApp connectivity (WalletConnect sessions, multi-chain API sessions, deep links), targeted validation of these flows is prudent.

Selected tags:

• SmokeMultiChainAPI: Tests CAIP-25 multi-chain session API which relies on WalletConnect URI parsing via qs
• SmokeNetworkExpansion: Tests Solana/multi-chain provider connections that use WalletConnect flows
• SmokeNetworkAbstractions: Tests chain permission system and dApp connections (required by SmokeMultiChainAPI per tag description)
• SmokeWalletPlatform: Tests deep link navigation integration and browser flows that use extractURLParams

No performance tests are needed as this is a pure dependency version bump with no UI rendering, state management, or data loading changes.

Performance Test Selection:
The change is a minor version bump of the qs query string parsing library. This has no impact on UI rendering performance, data loading, state management, or any other performance-sensitive areas. No performance tests are warranted.

View GitHub Actions results

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud