Skip to content

fix(deps): update npm/cross-spawn from 7.0.3 → 7.0.5 #14

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Open
wants to merge 1 commit into
base: e2e-demo
Choose a base branch
from
Open

fix(deps): update npm/cross-spawn from 7.0.3 → 7.0.5 #14

wants to merge 1 commit into from

Conversation

deepsource-dev[bot]
Copy link

This pull request addresses security vulnerabilities in this repository by updating dependencies to a safe version. We recommend manually auditing the package manifest files to verify the fixes.

Upgrade Summary

cross-spawn: 7.0.3 → 7.0.5

🤖 This pull request was automatically generated by DeepSource SCA. To view all vulnerabilities in this repository, please visit the dashboard.

@deepsourcebot
fix(deps): update npm/cross-spawn from 7.0.3 → 7.0.5
9c0c6b0 
fix(deps): update npm/cross-spawn from 7.0.3 → 7.0.5

This pull request addresses security vulnerabilities in this repository by updating dependencies to a safe version. We recommend manually auditing the package manifest files to verify the fixes.

### Upgrade Summary

**cross-spawn**: 7.0.3 → 7.0.5

- Fixes [CVE-2024-21538](https://nvd.nist.gov/vuln/detail/CVE-2024-21538) (High severity)

- References:

  - [https://nvd.nist.gov/vuln/detail/CVE-2024-21538](https://nvd.nist.gov/vuln/detail/CVE-2024-21538)

  - [https://github.com/moxystudio/node-cross-spawn/issues/165](https://github.com/moxystudio/node-cross-spawn/issues/165)

  - [https://github.com/moxystudio/node-cross-spawn/pull/160](https://github.com/moxystudio/node-cross-spawn/pull/160)

  - [https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff](https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff)

  - [https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f](https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f)

  - [https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd](https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd)

  - [https://github.com/moxystudio/node-cross-spawn](https://github.com/moxystudio/node-cross-spawn)

  - [https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349](https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349)

  - [https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230](https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230)

---

🤖 This pull request was automatically generated by DeepSource SCA. To view all vulnerabilities in this repository, please visit the [dashboard](https://app.deepsource.one/gh/anto-deepsource/phaser/dependencies/).
@deepsource-dev DeepSource Dev
Copy link
Author

Here's the code health analysis summary for commits 4361c82..9c0c6b0. View details on DeepSource ↗.

Analysis Summary

AnalyzerStatusSummaryLink
DeepSource JavaScript LogoJavaScript✅ SuccessView Check ↗
💡 If you’re a repository administrator, you can configure the quality gates from the settings.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@deepsourcebot