From 00785c38eb8a5dc953c3ea21e37aa5bde32bca8e Mon Sep 17 00:00:00 2001 From: Matthew Bain Date: Sun, 10 Nov 2024 08:25:29 +0000 Subject: [PATCH 1/2] Resolve CVE-2024-21538 --- cli/package-lock.json | 6 +++--- cli/package.json | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/cli/package-lock.json b/cli/package-lock.json index 763c6b02..c8c00ff2 100644 --- a/cli/package-lock.json +++ b/cli/package-lock.json @@ -4166,9 +4166,9 @@ "license": "MIT" }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.5.tgz", + "integrity": "sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==", "license": "MIT", "dependencies": { "path-key": "^3.1.0", diff --git a/cli/package.json b/cli/package.json index d3761256..6619f104 100644 --- a/cli/package.json +++ b/cli/package.json @@ -68,6 +68,7 @@ "jsonpath-plus": "^10.0.0", "path-to-regexp": "3.3.0", "rollup": "4.24.4", - "glob": "^11.0.0" + "glob": "^11.0.0", + "cross-spawn": "^7.0.5" } } From 28f9da3b7da4f8f53b37a4cc4a4e40674a587d43 Mon Sep 17 00:00:00 2001 From: Matthew Bain Date: Sun, 10 Nov 2024 08:30:12 +0000 Subject: [PATCH 2/2] Resolve CVE-2024-21538 --- docs/package-lock.json | 6 +++--- docs/package.json | 3 ++- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/docs/package-lock.json b/docs/package-lock.json index fbcebef5..6406d262 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -5571,9 +5571,9 @@ } }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.5.tgz", + "integrity": "sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==", "license": "MIT", "dependencies": { "path-key": "^3.1.0", diff --git a/docs/package.json b/docs/package.json index 49f0f3f7..fa31366e 100644 --- a/docs/package.json +++ b/docs/package.json @@ -29,7 +29,8 @@ "overrides": { "serve-handler": { "path-to-regexp": "3.3.0" - } + }, + "cross-spawn": "^7.0.5" }, "devDependencies": { "@docusaurus/module-type-aliases": "3.6.0",