Bump cross-spawn from 7.0.3 to 7.0.6 in /fixtures/legacy-jsx-runtimes #119

dependabot · 2024-11-25T18:07:35Z

Bumps cross-spawn from 7.0.3 to 7.0.6.

Changelog

7.0.6 (2024-11-18)

Bug Fixes

update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

disable regexp backtracking (#160) (5ff3a07)

Commits

77cd97f chore(release): 7.0.6
6717de4 chore: upgrade standard-version
f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
9a7e3b2 chore: fix build status badge
0852683 chore(release): 7.0.5
640d391 fix: fix escaping bug introduced by backtracking
bff0c87 chore: remove codecov
a7c6abc chore: replace travis with github workflows
9b9246e chore(release): 7.0.4
5ff3a07 fix: disable regexp backtracking (#160)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn) from 7.0.3 to 7.0.6. - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](moxystudio/node-cross-spawn@v7.0.3...v7.0.6) --- updated-dependencies: - dependency-name: cross-spawn dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

socket-security · 2024-11-25T18:09:17Z

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/punycode@1.4.1	None	`0`	23.1 kB	mathias
npm/qs@6.5.1	None	`0`	113 kB	ljharb
npm/query-string@4.3.4	None	`0`	11.2 kB	sindresorhus
npm/querystring-es3@0.2.1	None	`0`	16.1 kB	spaintrain
npm/querystring@0.2.0	None	`0`	33.3 kB	gozala
npm/querystringify@1.0.0	None	`0`	6.17 kB	3rdeden
npm/raf@3.4.0	None	`0`	7.04 kB	chrisdickinson
npm/randomfill@1.0.3	None	`0`	6.99 kB	cwmma
npm/raw-body@2.3.2	network	`0`	22.1 kB	dougwilson
npm/rc@1.2.2	environment, filesystem	`+1`	23.9 kB	dominictarr
npm/react-dev-utils@4.2.1	None	`+1`	79.7 kB	gaearon
npm/react-dom@16.2.0	environment	`0`	1.86 MB	clemmy
npm/react-error-overlay@3.0.0	network	`0`	434 kB	gaearon
npm/react-scripts@1.0.17	None	`0`	201 kB	gaearon
npm/react@16.2.0	environment	`0`	115 kB	clemmy
npm/read-pkg-up@2.0.0	None	`+1`	9.12 kB	sindresorhus
npm/read-pkg@2.0.0	None	`0`	4.37 kB	sindresorhus
npm/readdirp@2.1.0	None	`0`	45.3 kB	thlorenz
npm/recursive-readdir@2.2.1	filesystem	`0`	17.1 kB	jergason
npm/redent@1.0.0	None	`0`	2.84 kB	sindresorhus
npm/reduce-css-calc@1.3.0	None	`0`	10 kB	moox
npm/reduce-function-call@1.0.2	None	`0`	5.93 kB	moox
npm/regenerate@1.3.3	None	`0`	48.8 kB	mathias
npm/regenerator-runtime@0.11.0	eval	`0`	26.5 kB	benjamn
npm/regenerator-transform@0.10.1	None	`0`	120 kB	benjamn
npm/regex-cache@0.4.4	None	`0`	9.88 kB	doowb
npm/regexpu-core@1.0.0	None	`0`	17.9 kB	mathias
npm/regjsgen@0.2.0	None	`0`	13.6 kB	d10
npm/regjsparser@0.1.5	None	`0`	34.7 kB	jviereck
npm/relateurl@0.2.7	None	`0`	31.4 kB	stevenvachon
npm/renderkid@2.0.1	None	`0`	108 kB	ariaminaei
npm/repeating@2.0.1	None	`0`	3.41 kB	sindresorhus
npm/request@2.81.0	environment, filesystem, network	`0`	201 kB	simov
npm/require-directory@2.1.1	filesystem	`0`	12.1 kB	troygoode
npm/require-from-string@1.2.1	unsafe	`0`	3.29 kB	floatdrop
npm/require-main-filename@1.0.1	None	`0`	4.14 kB	bcoe
npm/require-uncached@1.0.3	None	`0`	3.53 kB	sindresorhus
npm/resolve-cwd@2.0.0	None	`0`	3.54 kB	sindresorhus
npm/resolve-dir@1.0.1	None	`+1`	12.9 kB	phated
npm/resolve-from@1.0.1	unsafe	`0`	3.21 kB	sindresorhus
npm/resolve@1.5.0	filesystem	`0`	66.3 kB	ljharb
npm/run-async@2.3.0	None	`0`	5.32 kB	sboudrias
npm/rx-lite-aggregates@4.0.8	eval	`0`	92.6 kB	mattpodwysocki
npm/rx-lite@4.0.8	None	`0`	459 kB	mattpodwysocki
npm/sane@1.6.0	filesystem	`0`	28.8 kB	amasad
npm/schema-utils@0.3.0	filesystem	`0`	10.9 kB	d3viant0ne
npm/select-hose@2.0.0	None	`0`	15.4 kB	indutny
npm/selfsigned@1.10.1	None	`0`	20.7 kB	jfromaniello
npm/semver-diff@2.1.0	None	`0`	3.23 kB	sindresorhus
npm/send@0.16.1	filesystem, network Transitive: environment	`+1`	85.5 kB	dougwilson
npm/serve-index@1.9.1	filesystem, network	`0`	93.4 kB	dougwilson
npm/serve-static@1.13.1	Transitive: filesystem, network	`+2`	76.8 kB	dougwilson
npm/serviceworker-cache-polyfill@4.0.0	network	`0`	16.6 kB	jaffathecake
npm/set-blocking@2.0.0	None	`0`	4.22 kB	bcoe
npm/set-immediate-shim@1.0.1	None	`0`	1.4 kB	sindresorhus
npm/setimmediate@1.0.5	None	`0`	8.56 kB	domenic
npm/shebang-command@1.2.0	None	`0`	2.69 kB	kevva
npm/shebang-regex@1.0.0	None	`0`	2.3 kB	sindresorhus
npm/shell-quote@1.6.1	None	`0`	21.9 kB	substack
npm/shellwords@0.1.1	None	`0`	3.69 kB	jimmycuadra
npm/slash@1.0.0	None	`0`	1.7 kB	sindresorhus
npm/slice-ansi@1.0.0	None	`0`	5.04 kB	sindresorhus
npm/sntp@1.0.9	network	`0`	28.2 kB	hueniverse
npm/sockjs-client@1.1.4	environment, network	`0`	810 kB	brycekahle
npm/sockjs@0.3.18	filesystem, network	`0`	108 kB	brycekahle
npm/sort-keys@1.1.2	None	`0`	3.58 kB	sindresorhus
npm/source-list-map@2.0.0	None	`0`	26.2 kB	sokra
npm/source-map-support@0.4.18	filesystem, unsafe	`0`	78.3 kB	linusu
npm/spdy-transport@2.0.20	None	`0`	1.08 MB	daviddias
npm/spdy@3.4.7	network	`0`	57 kB	daviddias
npm/sprintf-js@1.0.3	None	`0`	34.8 kB	alexei
npm/stream-browserify@2.0.1	None	`0`	7.18 kB	stevemao
npm/stream-http@2.7.2	None	`+1`	94.1 kB	jhiesey
npm/string_decoder@0.10.31	None	`0`	9.9 kB	rvagg
npm/string-length@1.0.1	None	`0`	2.75 kB	sindresorhus
npm/stringstream@0.0.5	None	`0`	6.31 kB	hichaelmart
npm/strip-json-comments@2.0.1	None	`0`	5.06 kB	sindresorhus
npm/style-loader@0.19.0	None	`0`	37.7 kB	d3viant0ne
npm/supports-color@2.0.0	None	`0`	3.75 kB	sindresorhus
npm/svgo@0.7.2	filesystem	`0`	336 kB	greli
npm/sw-precache-webpack-plugin@0.11.4	None	`0`	183 kB	goldhand
npm/sw-precache@5.2.0	environment, filesystem	`0`	74.3 kB	jeffposnick
npm/sw-toolbox@3.6.0	network	`0`	134 kB	jeffposnick
npm/table@4.0.2	None	`+1`	173 kB	gajus
npm/tapable@0.2.8	None	`0`	17.1 kB	sokra
npm/tar-pack@3.4.1	environment, filesystem	`+1`	85.4 kB	forbeslindesay
npm/tar@2.2.1	filesystem	`0`	165 kB	zkat
npm/test-exclude@4.1.1	None	`0`	13.1 kB	bcoe
npm/throat@3.2.0	None	`0`	7.98 kB	forbeslindesay
npm/through@2.3.8	None	`0`	12.5 kB	dominictarr
npm/thunky@0.1.0	None	`0`	3.04 kB	mafintosh
npm/time-stamp@2.0.0	None	`0`	8.75 kB	jonschlinkert
npm/timers-browserify@2.0.4	None	`0`	8.82 kB	jryans
npm/tmp@0.0.33	filesystem	`0`	26 kB	raszi
npm/to-arraybuffer@1.0.1	None	`0`	5.54 kB	jhiesey
npm/to-fast-properties@1.0.3	None	`0`	2.79 kB	sindresorhus
npm/toposort@1.0.6	None	`0`	15.3 kB	marcelklehr
npm/trim-newlines@1.0.0	None	`0`	2.99 kB	sindresorhus
npm/trim-right@1.0.1	None	`0`	2.61 kB	sindresorhus
npm/tryit@1.0.3	None	`0`	2.41 kB	henrikjoreteg
npm/tty-browserify@0.0.0	None	`0`	1.99 kB	substack
npm/tunnel-agent@0.6.0	environment, network	`0`	16.7 kB	mikeal
npm/type-check@0.3.2	None	`0`	20.9 kB	gkz
npm/type-is@1.6.15	None	`+1`	29.8 kB	dougwilson
npm/ua-parser-js@0.7.17	None	`0`	198 kB	faisalman
npm/uglify-to-browserify@1.0.2	filesystem	`0`	4.78 kB	forbeslindesay
npm/uglifyjs-webpack-plugin@0.4.6	environment, filesystem, shell	`0`	24.7 kB	thelarkinn
npm/uid-number@0.0.6	shell	`0`	3.93 kB	isaacs
npm/uniq@1.0.1	None	`0`	4.32 kB	mikolalysenko
npm/uniqid@4.1.1	None	`0`	6.49 kB	adamhalasz
npm/uniqs@2.0.0	None	`0`	2.42 kB	fgnass
npm/update-notifier@1.0.3	environment, shell	`0`	11 kB	sboudrias
npm/upper-case@1.1.3	None	`0`	4.64 kB	blakeembrey
npm/urijs@1.19.0	None	`0`	221 kB	rodneyrehm
npm/url-loader@0.6.2	None	`0`	11.3 kB	d3viant0ne
npm/url-parse@1.2.0	None	`0`	35.8 kB	3rdeden
npm/url@0.11.0	None	`0`	76.8 kB	defunctzombie
npm/utila@0.4.0	None	`0`	24.2 kB	ariaminaei
npm/utils-merge@1.0.1	None	`0`	3.72 kB	jaredhanson
npm/uuid@2.0.3	None	`0`	33.2 kB	defunctzombie
npm/vendors@1.0.1	None	`0`	3.89 kB	wooorm
npm/vm-browserify@0.0.4	eval	`0`	21.5 kB	substack
npm/watchpack@1.4.0	Transitive: environment, filesystem	`+1`	99.1 kB	sokra
npm/webpack-dev-middleware@1.12.0	None	`0`	22.1 kB	shellscape
npm/webpack-dev-server@2.9.4	filesystem, network	`0`	714 kB	shellscape
npm/webpack-manifest-plugin@1.3.2	filesystem	`0`	10.4 kB	mastilver
npm/webpack-sources@1.0.2	None	`0`	26.2 kB	thelarkinn
npm/webpack@3.8.1	environment, filesystem, unsafe Transitive: eval	`+1`	2.97 MB	sokra
npm/websocket-driver@0.7.0	network	`0`	65.6 kB	jcoglan
npm/whatwg-fetch@2.0.3	None	`0`	22.8 kB	mislav
npm/which-module@2.0.0	None	`0`	4.58 kB	nexdrew
npm/wordwrap@1.0.0	None	`0`	36.8 kB	substack
npm/worker-farm@1.5.1	environment, shell	`+1`	43.8 kB	rvagg
npm/wrap-ansi@2.1.0	None	`0`	7.79 kB	sindresorhus
npm/write@0.2.1	filesystem	`0`	6.94 kB	jonschlinkert
npm/xdg-basedir@2.0.0	environment	`0`	4.13 kB	sindresorhus
npm/xml-char-classes@1.0.0	None	`0`	7.62 kB	sindresorhus
npm/y18n@3.2.1	filesystem	`0`	8.75 kB	bcoe
npm/yargs-parser@7.0.0	environment	`0`	40.7 kB	bcoe
npm/yargs@8.0.2	environment, filesystem	`+1`	198 kB	bcoe

🚮 Removed packages: npm/acorn-globals@3.1.0, npm/ansi-align@1.1.0, npm/append-transform@0.4.0, npm/aproba@1.2.0, npm/arr-flatten@1.1.0, npm/array-equal@1.0.0, npm/array-find-index@1.0.2, npm/array-uniq@1.0.3, npm/asn1.js@5.4.1, npm/asn1@0.2.3, npm/assert-plus@0.2.0, npm/asynckit@0.4.0, npm/bcrypt-pbkdf@1.0.1, npm/bn.js@5.2.1, npm/boolbase@1.0.0, npm/browser-resolve@1.11.2, npm/browserify-aes@1.1.1, npm/browserify-des@1.0.0, npm/browserify-rsa@4.1.0, npm/bser@2.0.0, npm/buffer-xor@1.0.3, npm/capture-stack-trace@1.0.0, npm/center-align@0.1.3, npm/clap@1.2.3, npm/cli-boxes@1.0.0, npm/clone@1.0.3, npm/color-string@0.3.0, npm/colors@1.1.2, npm/content-type-parser@1.0.2, npm/create-error-class@3.0.2, npm/css-what@2.1.3, npm/csso@2.3.2, npm/cssom@0.3.2, npm/cssstyle@0.2.37, npm/currently-unhandled@0.4.1, npm/dashdash@1.14.1, npm/default-require-extensions@1.0.0, npm/delayed-stream@1.0.0, npm/delegates@1.0.0, npm/des.js@1.0.0, npm/diff@3.4.0, npm/dom-serializer@0.1.0, npm/domelementtype@1.3.0, npm/domhandler@2.1.0, npm/domutils@1.5.1, npm/dot-prop@3.0.0, npm/duplexer2@0.1.4, npm/ecc-jsbn@0.1.1, npm/elliptic@6.5.4, npm/entities@1.1.1, npm/error-ex@1.3.1, npm/escodegen@1.9.0, npm/exec-sh@0.2.1, npm/expand-range@1.8.2, npm/extsprintf@1.3.0, npm/fill-range@2.2.3, npm/filled-array@1.1.0, npm/for-in@1.0.2, npm/for-own@0.1.5, npm/get-stdin@4.0.1, npm/get-stream@3.0.0, npm/getpass@0.1.7, npm/glob-base@0.3.0, npm/got@5.7.1, npm/handlebars@4.5.3, npm/har-schema@1.0.5, npm/has-unicode@2.0.1, npm/hash-base@2.0.2, npm/hash.js@1.1.3, npm/hosted-git-info@2.5.0, npm/html-encoding-sniffer@1.0.2, npm/http-parser-js@0.4.9, npm/indent-string@2.1.0, npm/invert-kv@1.0.0, npm/is-arrayish@0.2.1, npm/is-buffer@1.1.6, npm/is-builtin-module@1.0.0, npm/is-date-object@1.0.1, npm/is-dotfile@1.0.3, npm/is-equal-shallow@0.1.3, npm/is-extendable@0.1.1, npm/is-number@2.1.0, npm/is-obj@1.0.1, npm/is-plain-obj@1.1.0, npm/is-posix-bracket@0.1.1, npm/is-primitive@2.0.0, npm/is-redirect@1.0.0, npm/is-retry-allowed@1.1.0, npm/is-symbol@1.0.1, npm/is-utf8@0.2.1, npm/isobject@2.1.0, npm/jsbn@0.1.1, npm/json-schema@0.2.3, npm/jsprim@1.4.1, npm/lazy-cache@1.0.4, npm/longest@1.0.1, npm/lower-case@1.1.4, npm/lowercase-keys@1.0.0, npm/makeerror@1.0.11, npm/md5.js@1.3.4, npm/merge@1.2.0, npm/miller-rabin@4.0.1, npm/minimalistic-assert@1.0.0, npm/neo-async@2.6.1, npm/node-int64@0.4.0, npm/node-status-codes@1.0.0, npm/npm-run-path@2.0.2, npm/nth-check@1.0.1, npm/number-is-nan@1.0.1, npm/nwmatcher@1.4.3, npm/optimist@0.6.1, npm/p-finally@1.0.0, npm/p-limit@1.1.0, npm/package-json@2.4.0, npm/parse-asn1@5.1.6, npm/parse-passwd@1.0.0, npm/parse5@1.5.1, npm/path-key@2.0.1, npm/preserve@0.2.0

View full report↗︎

socket-security · 2024-11-25T18:09:18Z

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Critical CVE	npm/shell-quote@1.6.1	CVE: GHSA-g4rg-993r-mgx7 Improper Neutralization of Special Elements used in a Command in Shell-quote (CRITICAL) Affected versions: <= 1.7.2 Patched version: 1.7.3	`fixtures/attribute-behavior/yarn.lock`	⚠︎

View full report↗︎

Next steps

What is a critical CVE?

Contains a Critical Common Vulnerability and Exposure (CVE).

Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

@SocketSecurity ignore npm/shell-quote@1.6.1

rafikmojr · 2024-11-25T18:32:20Z

Checkmarx One – Scan Summary & Details – 3d62cbd5-b15f-46e8-9a0f-66f38ae12030

New Issues

Issue	Source File / Package	Checkmarx Insight
CVE-2023-4860	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-40643	Npm-htmlparser2-3.10.1	Vulnerable Package
CVE-2024-40643	Npm-htmlparser2-3.3.0	Vulnerable Package
CVE-2024-42461	Npm-elliptic-6.5.4	Vulnerable Package
CVE-2024-42461	Npm-elliptic-6.5.3	Vulnerable Package
CVE-2024-42461	Npm-elliptic-6.4.0	Vulnerable Package
CVE-2024-4559	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4671	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-48949	Npm-elliptic-6.5.3	Vulnerable Package
CVE-2024-48949	Npm-elliptic-6.5.4	Vulnerable Package
CVE-2024-48949	Npm-elliptic-6.4.0	Vulnerable Package
CVE-2024-7024	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7025	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-9369	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-9370	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-9963	Npm-electron-23.1.2	Vulnerable Package
CVE-2022-21213	Npm-mout-1.1.0	Vulnerable Package
CVE-2022-37620	Npm-html-minifier-3.2.3	Vulnerable Package
CVE-2022-37620	Npm-html-minifier-3.5.6	Vulnerable Package
CVE-2022-37620	Npm-html-minifier-3.5.3	Vulnerable Package
CVE-2022-37620	Npm-html-minifier-3.5.21	Vulnerable Package
CVE-2023-7010	Npm-electron-23.1.2	Vulnerable Package
CVE-2023-7012	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-10229	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-10230	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-10231	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-10487	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-10488	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-10826	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-10827	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-11112	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-11113	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-11114	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-11115	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-11395	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-21536	Npm-http-proxy-middleware-0.17.3	Vulnerable Package
CVE-2024-21536	Npm-http-proxy-middleware-2.0.6	Vulnerable Package
CVE-2024-21536	Npm-http-proxy-middleware-0.17.4	Vulnerable Package
CVE-2024-21538	Npm-cross-spawn-6.0.5	Vulnerable Package
CVE-2024-21538	Npm-cross-spawn-7.0.1	Vulnerable Package
CVE-2024-21538	Npm-cross-spawn-5.1.0	Vulnerable Package
CVE-2024-21538	Npm-cross-spawn-4.0.2	Vulnerable Package
CVE-2024-21538	Npm-cross-spawn-7.0.3	Vulnerable Package
CVE-2024-2176	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-29415	Npm-ip-1.1.5	Vulnerable Package
CVE-2024-3156	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3158	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3159	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3168	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3169	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3170	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3171	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3172	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3173	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3174	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3176	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-37890	Npm-ws-7.2.3	Vulnerable Package
CVE-2024-37890	Npm-ws-3.3.2	Vulnerable Package
CVE-2024-37890	Npm-ws-7.5.9	Vulnerable Package
CVE-2024-37890	Npm-ws-7.2.1	Vulnerable Package
CVE-2024-37890	Npm-ws-8.13.0	Vulnerable Package
CVE-2024-37890	Npm-ws-8.12.0	Vulnerable Package
CVE-2024-37890	Npm-ws-7.5.5	Vulnerable Package
CVE-2024-37890	Npm-ws-6.2.2	Vulnerable Package
CVE-2024-3832	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3834	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3837	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-3914	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4058	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4059	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4060	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4068	Npm-braces-2.3.2	Vulnerable Package
CVE-2024-4068	Npm-braces-3.0.2	Vulnerable Package
CVE-2024-4068	Npm-braces-1.8.5	Vulnerable Package
CVE-2024-4331	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4368	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-45296	Npm-path-to-regexp-0.1.7	Vulnerable Package
CVE-2024-45296	Npm-path-to-regexp-1.8.0	Vulnerable Package
CVE-2024-45296	Npm-path-to-regexp-1.7.0	Vulnerable Package
CVE-2024-4558	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-45590	Npm-body-parser-1.19.0	Vulnerable Package
CVE-2024-45590	Npm-body-parser-1.20.2	Vulnerable Package
CVE-2024-45590	Npm-body-parser-1.18.2	Vulnerable Package
CVE-2024-45590	Npm-body-parser-1.20.1	Vulnerable Package
CVE-2024-4761	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4947	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4948	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-4950	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5157	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5158	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5159	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5160	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5274	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5493	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5494	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5495	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5496	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5497	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5498	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5499	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5830	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5831	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5832	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5833	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5834	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5835	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5836	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5837	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5838	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5841	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5842	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5844	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5845	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5846	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-5847	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6100	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6101	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6102	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6103	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6290	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6291	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6292	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6293	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6772	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6773	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6774	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6775	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6776	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6777	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6778	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6779	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6988	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6989	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6990	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6991	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6994	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6997	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-6998	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7000	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7018	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7022	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7023	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7255	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7256	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7532	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7533	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7534	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7535	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7536	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7550	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7964	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7965	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7966	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7967	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7968	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7969	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7970	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7971	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7972	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7973	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7974	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7977	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7979	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-7980	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8193	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8194	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8198	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8362	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8636	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8637	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8638	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8639	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8904	Npm-electron-23.1.2	Vulnerable Package
CVE-2024-8905	Npm-electron-23.1.2

More results are available on AST platform

github-actions · 2025-02-23T19:16:16Z

This pull request has been automatically marked as stale. If this pull request is still relevant, please leave any comment (for example, "bump"), and we'll keep it open. We are sorry that we haven't been able to prioritize reviewing it yet. Your contribution is very much appreciated.

dependabot bot added the dependencies Pull requests that update a dependency file label Nov 25, 2024

github-actions bot added the Resolution: Stale label Feb 23, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump cross-spawn from 7.0.3 to 7.0.6 in /fixtures/legacy-jsx-runtimes #119

Bump cross-spawn from 7.0.3 to 7.0.6 in /fixtures/legacy-jsx-runtimes #119

dependabot bot commented on behalf of github Nov 25, 2024

socket-security bot commented Nov 25, 2024

socket-security bot commented Nov 25, 2024

rafikmojr commented Nov 25, 2024

github-actions bot commented Feb 23, 2025

Bump cross-spawn from 7.0.3 to 7.0.6 in /fixtures/legacy-jsx-runtimes #119

Are you sure you want to change the base?

Bump cross-spawn from 7.0.3 to 7.0.6 in /fixtures/legacy-jsx-runtimes #119

Conversation

dependabot bot commented on behalf of github Nov 25, 2024

7.0.6 (2024-11-18)

Bug Fixes

7.0.5 (2024-11-07)

Bug Fixes

7.0.4 (2024-11-07)

Bug Fixes

socket-security bot commented Nov 25, 2024

socket-security bot commented Nov 25, 2024

Next steps

rafikmojr commented Nov 25, 2024

New Issues

github-actions bot commented Feb 23, 2025