Skip to content

fix(deps): update npm/cross-spawn from 7.0.3 → 7.0.5 #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: e2e-demo
Choose a base branch
from
Open

fix(deps): update npm/cross-spawn from 7.0.3 → 7.0.5 #14

wants to merge 1 commit into from

Conversation

deepsource-dev[bot]
Copy link

This pull request addresses security vulnerabilities in this repository by updating dependencies to a safe version. We recommend manually auditing the package manifest files to verify the fixes.

Upgrade Summary

cross-spawn: 7.0.3 → 7.0.5

🤖 This pull request was automatically generated by DeepSource SCA. To view all vulnerabilities in this repository, please visit the dashboard.

@deepsourcebot
fix(deps): update npm/cross-spawn from 7.0.3 → 7.0.5
9c0c6b0 
fix(deps): update npm/cross-spawn from 7.0.3 → 7.0.5

This pull request addresses security vulnerabilities in this repository by updating dependencies to a safe version. We recommend manually auditing the package manifest files to verify the fixes.

### Upgrade Summary

**cross-spawn**: 7.0.3 → 7.0.5

- Fixes [CVE-2024-21538](https://nvd.nist.gov/vuln/detail/CVE-2024-21538) (High severity)

- References:

  - [https://nvd.nist.gov/vuln/detail/CVE-2024-21538](https://nvd.nist.gov/vuln/detail/CVE-2024-21538)

  - [https://github.com/moxystudio/node-cross-spawn/issues/165](https://github.com/moxystudio/node-cross-spawn/issues/165)

  - [https://github.com/moxystudio/node-cross-spawn/pull/160](https://github.com/moxystudio/node-cross-spawn/pull/160)

  - [https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff](https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff)

  - [https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f](https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f)

  - [https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd](https://github.com/moxystudio/node-cross-spawn/commit/d35c865b877d2f9ded7c1ed87521c2fdb689c8dd)

  - [https://github.com/moxystudio/node-cross-spawn](https://github.com/moxystudio/node-cross-spawn)

  - [https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349](https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-8366349)

  - [https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230](https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230)

---

🤖 This pull request was automatically generated by DeepSource SCA. To view all vulnerabilities in this repository, please visit the [dashboard](https://app.deepsource.one/gh/anto-deepsource/phaser/dependencies/).
@deepsource-dev DeepSource Dev
Copy link
Author

Here's the code health analysis summary for commits 4361c82..9c0c6b0. View details on DeepSource ↗.

Analysis Summary

AnalyzerStatusSummaryLink
DeepSource JavaScript LogoJavaScript✅ SuccessView Check ↗
💡 If you’re a repository administrator, you can configure the quality gates from the settings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@deepsourcebot