From ae4f25226bd637c78f66031d1d58189ea47cc5ec Mon Sep 17 00:00:00 2001 From: vinny Date: Mon, 18 Nov 2024 10:56:06 -0500 Subject: [PATCH] HARMONY-1892: Update problematic dependency https://github.com/advisories/GHSA-3xgq-45jj-v275 --- packages/util/package-lock.json | 21 +++++++-------- packages/util/package.json | 3 ++- services/harmony/package-lock.json | 41 +++++++++++++++--------------- services/harmony/package.json | 3 ++- 4 files changed, 36 insertions(+), 32 deletions(-) diff --git a/packages/util/package-lock.json b/packages/util/package-lock.json index 330c845a1..a7ae05c32 100644 --- a/packages/util/package-lock.json +++ b/packages/util/package-lock.json @@ -1956,10 +1956,11 @@ "dev": true }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, + "license": "MIT", "dependencies": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", @@ -7851,9 +7852,9 @@ "dev": true }, "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, "requires": { "path-key": "^3.1.0", @@ -8111,7 +8112,7 @@ "@ungap/structured-clone": "^1.2.0", "ajv": "^6.12.4", "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", + "cross-spawn": "^7.0.5", "debug": "^4.3.2", "doctrine": "^3.0.0", "escape-string-regexp": "^4.0.0", @@ -8553,7 +8554,7 @@ "integrity": "sha512-dCIq9FpEcyQyXKCkyzmlPTFNgrCzPudOe+mhvJU5zAtlBnGVy2yKxtfsxK2tQBThwq225jcvBjpw1Gr40uzZCA==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^3.0.2" } }, @@ -9126,7 +9127,7 @@ "dev": true, "requires": { "archy": "^1.0.0", - "cross-spawn": "^7.0.3", + "cross-spawn": "^7.0.5", "istanbul-lib-coverage": "^3.2.0", "p-map": "^3.0.0", "rimraf": "^3.0.0", @@ -10124,7 +10125,7 @@ "integrity": "sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, diff --git a/packages/util/package.json b/packages/util/package.json index 51afabe0f..4b46ec96a 100644 --- a/packages/util/package.json +++ b/packages/util/package.json @@ -77,6 +77,7 @@ "typescript": "^4.4.4" }, "overrides": { - "braces": "^3.0.3" + "braces": "^3.0.3", + "cross-spawn": "^7.0.5" } } \ No newline at end of file diff --git a/services/harmony/package-lock.json b/services/harmony/package-lock.json index 763faa8f3..f4285b984 100644 --- a/services/harmony/package-lock.json +++ b/services/harmony/package-lock.json @@ -8727,9 +8727,10 @@ "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==" }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", + "license": "MIT", "dependencies": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", @@ -25151,7 +25152,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, @@ -25339,7 +25340,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, @@ -25437,7 +25438,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, @@ -25572,7 +25573,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, @@ -25733,7 +25734,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, @@ -26389,7 +26390,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, @@ -29326,9 +29327,9 @@ "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==" }, "cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "requires": { "path-key": "^3.1.0", "shebang-command": "^2.0.0", @@ -30025,7 +30026,7 @@ "@ungap/structured-clone": "^1.2.0", "ajv": "^6.12.4", "chalk": "^4.0.0", - "cross-spawn": "^7.0.2", + "cross-spawn": "^7.0.5", "debug": "^4.3.2", "doctrine": "^3.0.0", "escape-string-regexp": "^4.0.0", @@ -30399,7 +30400,7 @@ "integrity": "sha512-ov6w/2LCiuyO4RLYGdpFGjkcs0wMTgGE8PrkTHikeUy5iJekXyPIKUjifk5CsE0pt7sMCrMZ3YNqoCj6idQOnQ==", "dev": true, "requires": { - "cross-spawn": "^7.0.3", + "cross-spawn": "^7.0.5", "get-stream": "^6.0.0", "human-signals": "^2.1.0", "is-stream": "^2.0.0", @@ -30858,7 +30859,7 @@ "integrity": "sha512-dCIq9FpEcyQyXKCkyzmlPTFNgrCzPudOe+mhvJU5zAtlBnGVy2yKxtfsxK2tQBThwq225jcvBjpw1Gr40uzZCA==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^3.0.2" } }, @@ -31220,7 +31221,7 @@ "resolved": "https://registry.npmjs.org/foreground-child/-/foreground-child-3.2.1.tgz", "integrity": "sha512-PXUUyLqrR2XCWICfv6ukppP96sdFwWbNEnfEMt7jNsISjMsvaLNinAHNDYyvkyU+SZG2BTSbT5NjG+vZslfGTA==", "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" }, "dependencies": { @@ -32842,7 +32843,7 @@ "dev": true, "requires": { "archy": "^1.0.0", - "cross-spawn": "^7.0.3", + "cross-spawn": "^7.0.5", "istanbul-lib-coverage": "^3.2.0", "p-map": "^3.0.0", "rimraf": "^3.0.0", @@ -35154,7 +35155,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, @@ -36138,7 +36139,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, @@ -38710,7 +38711,7 @@ "integrity": "sha512-Ld2g8rrAyMYFXBhEqMz8ZAHBi4J4uS1i/CxGMDnjyFWddMXLVcDp051DZfu+t7+ab7Wv6SMqpWmyFIj5UbfFvg==", "dev": true, "requires": { - "cross-spawn": "^7.0.0", + "cross-spawn": "^7.0.5", "signal-exit": "^4.0.1" } }, diff --git a/services/harmony/package.json b/services/harmony/package.json index 147c8b41e..70ac842d4 100644 --- a/services/harmony/package.json +++ b/services/harmony/package.json @@ -214,6 +214,7 @@ "semver": "^7.6.2", "braces": "^3.0.3", "fast-xml-parser": "4.4.1", - "jsonpath-plus": "^10.0.7" + "jsonpath-plus": "^10.0.7", + "cross-spawn": "^7.0.5" } }