From 9f05e71631468d074d22eec986c56c2a068ea4b1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 11 Nov 2024 03:46:49 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230 --- package-lock.json | 13 +++++++------ package.json | 2 +- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/package-lock.json b/package-lock.json index 2a835fe0..b8536d8f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "oc", - "version": "0.49.62", + "version": "0.49.63", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "oc", - "version": "0.49.62", + "version": "0.49.63", "license": "MIT", "dependencies": { "@types/lodash.isequal": "^4.5.8", @@ -16,7 +16,7 @@ "builtin-modules": "^3.3.0", "chokidar": "^3.6.0", "colors": "^1.4.0", - "cross-spawn": "^7.0.3", + "cross-spawn": "^7.0.5", "dependency-graph": "^1.0.0", "dotenv": "^16.4.5", "errorhandler": "^1.5.1", @@ -4584,9 +4584,10 @@ "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==" }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.5.tgz", + "integrity": "sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==", + "license": "MIT", "dependencies": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", diff --git a/package.json b/package.json index b4eb5691..c470a3ae 100644 --- a/package.json +++ b/package.json @@ -81,7 +81,7 @@ "builtin-modules": "^3.3.0", "chokidar": "^3.6.0", "colors": "^1.4.0", - "cross-spawn": "^7.0.3", + "cross-spawn": "^7.0.5", "dependency-graph": "^1.0.0", "dotenv": "^16.4.5", "errorhandler": "^1.5.1",