Skip to content

Commit 449229e

Browse files
thomasrockhu-codecovthomasrockhu-codecov
committed
security: pnpm override cross-spawn to ^7.0.6
npm-run-all@4.1.5 still resolves cross-spawn 6.0.5 under its semver range; execa via serve pulled 7.0.3. Force patched 7.0.6+ for all instances to address cross-spawn ReDoS advisories (GHSA-3xgq-45jj-v275). Made-with: Cursor
1 parent 5e53051 commit 449229e

File tree

2 files changed

+21
-344
lines changed

2 files changed

+21
-344
lines changed

package.json

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,11 @@
5353
"prettier --write"
5454
]
5555
},
56+
"pnpm": {
57+
"overrides": {
58+
"cross-spawn": "^7.0.6"
59+
}
60+
},
5661
"volta": {
5762
"node": "20.9.0"
5863
},

0 commit comments

Comments
 (0)