chore: upgrading cross-spawn version to non-vulnerable version (7.0.5) - Githubissues

aws-amplify / amplify-js

A declarative JavaScript library for application development using cloud services.

https://docs.amplify.aws/lib/q/platform/js

Apache License 2.0

9.44k stars 2.13k forks source link

chore: upgrading cross-spawn version to non-vulnerable version (7.0.5) #14020

Closed yuhengshs closed 2 days ago

yuhengshs commented 4 days ago

Description of changes

Due to vulnerability issue we discovered from dependabot alert, we are upgrading this dependency to a non-vulnerable version -> 7.0.5

https://github.com/aws-amplify/amplify-js/security/dependabot/98

Issue #, if available

Description of how you validated changes

Checklist

[x] PR description included
[x] yarn test passes
[ ] Unit Tests are changed or added
[ ] Relevant documentation is changed or added (and PR referenced)

Checklist for repo maintainers

[ ] Verify E2E tests for existing workflows are working as expected or add E2E tests for newly added workflows
[ ] New source file paths included in this PR have been added to CODEOWNERS, if appropriate

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.