Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(security): patch cross-spawn dependency vulnerabilities #1212

Merged
merged 1 commit into from
Nov 22, 2024
Merged

fix(security): patch cross-spawn dependency vulnerabilities #1212

merged 1 commit into from
Nov 22, 2024

Conversation

arnaudbesnier
Copy link
Contributor

@arnaudbesnier arnaudbesnier commented Nov 22, 2024
edited
Loading

Definition of Done

General

  • Write an explicit title for the Pull Request, following Conventional Commits specification
  • Test manually the implemented changes
  • Validate the code quality (indentation, syntax, style, simplicity, readability)

Security

  • Consider the security impact of the changes made

@arnaudbesnier arnaudbesnier merged commit 79c5d35 into main Nov 22, 2024
22 checks passed
@arnaudbesnier arnaudbesnier deleted the security/patch-cross-spawn-vulnerability branch November 22, 2024 08:45
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): example@1.11.14 [skip ci]
0801e72 
## [1.11.14](https://github.com/ForestAdmin/agent-nodejs/compare/example@1.11.13...example@1.11.14) (2024-11-27)

### Bug Fixes

* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/agent@1.53.2 [skip ci]
40a8341 
## [1.53.2](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/agent@1.53.1...@forestadmin/agent@1.53.2) (2024-11-27)

### Bug Fixes

* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))

### Features

* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/datasource-customizer@1.55.5 [skip ci]
3192e5d 
## [1.55.5](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/datasource-customizer@1.55.4...@forestadmin/datasource-customizer@1.55.5) (2024-11-27)

### Bug Fixes

* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/datasource-dummy@1.1.40 [skip ci]
15f5cd1 
## [1.1.40](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/datasource-dummy@1.1.39...@forestadmin/datasource-dummy@1.1.40) (2024-11-27)

### Bug Fixes

* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/datasource-replica@1.5.4 [skip ci]
2cd6fee 
## [1.5.4](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/datasource-replica@1.5.3...@forestadmin/datasource-replica@1.5.4) (2024-11-27)

### Bug Fixes

* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
@forest-bot
Copy link
Member

🎉 This PR is included in version 1.12.6 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/plugin-aws-s3@1.4.8 [skip ci]
c704394 
## [1.4.8](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/plugin-aws-s3@1.4.7...@forestadmin/plugin-aws-s3@1.4.8) (2024-11-27)

### Bug Fixes

* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/plugin-export-advanced@1.1.13 [skip ci]
83b4b62 
## [1.1.13](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/plugin-export-advanced@1.1.12...@forestadmin/plugin-export-advanced@1.1.13) (2024-11-27)

### Bug Fixes

* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))
@forest-bot
Copy link
Member

🎉 This PR is included in version 1.11.14 🎉

The release is available on example@1.11.14

Your semantic-release bot 📦🚀

forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/plugin-flattener@1.3.8 [skip ci]
891d520 
## [1.3.8](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/plugin-flattener@1.3.7...@forestadmin/plugin-flattener@1.3.8) (2024-11-27)

### Bug Fixes

* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))
@forest-bot
Copy link
Member

🎉 This PR is included in version 1.53.2 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

@forest-bot
Copy link
Member

🎉 This PR is included in version 1.55.5 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

@forest-bot
Copy link
Member

🎉 This PR is included in version 1.1.40 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

@forest-bot
Copy link
Member

🎉 This PR is included in version 1.5.4 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

@forest-bot
Copy link
Member

🎉 This PR is included in version 1.4.8 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

@forest-bot
Copy link
Member

🎉 This PR is included in version 1.1.13 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

@forest-bot
Copy link
Member

🎉 This PR is included in version 1.3.8 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/datasource-mongo@1.3.26 [skip ci]
06a3015 
## [1.3.26](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/datasource-mongo@1.3.25...@forestadmin/datasource-mongo@1.3.26) (2024-11-27)

### Bug Fixes

* **advanced-export:** export now uses context.filter ([#1198](#1198)) ([68cef9b](68cef9b))
* change error message when mixing pages and other elements in an action form ([#1201](#1201)) ([c06e8f7](c06e8f7))
* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* ignore inconsistent foreign key types ([#1202](#1202)) ([b5e8c6a](b5e8c6a))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **capabilities:** define native query connection capabilities ([#1220](#1220)) ([bd0fc7c](bd0fc7c))
* **capabilities:** register capabilities route for field filter operators ([#1197](#1197)) ([31edc82](31edc82))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))

### Reverts

*  "chore(capabilities): define native query connection capabilities ([#1219](#1219))" ([290cde3](290cde3))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/datasource-mongoose@1.8.6 [skip ci]
3befab6 
## [1.8.6](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/datasource-mongoose@1.8.5...@forestadmin/datasource-mongoose@1.8.6) (2024-11-27)

### Bug Fixes

* **advanced-export:** export now uses context.filter ([#1198](#1198)) ([68cef9b](68cef9b))
* change error message when mixing pages and other elements in an action form ([#1201](#1201)) ([c06e8f7](c06e8f7))
* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* ignore inconsistent foreign key types ([#1202](#1202)) ([b5e8c6a](b5e8c6a))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **capabilities:** define native query connection capabilities ([#1220](#1220)) ([bd0fc7c](bd0fc7c))
* **capabilities:** register capabilities route for field filter operators ([#1197](#1197)) ([31edc82](31edc82))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))

### Reverts

*  "chore(capabilities): define native query connection capabilities ([#1219](#1219))" ([290cde3](290cde3))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/datasource-sequelize@1.11.0 [skip ci]
a7db8f2 
# [1.11.0](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/datasource-sequelize@1.10.5...@forestadmin/datasource-sequelize@1.11.0) (2024-11-27)

### Bug Fixes

* **advanced-export:** export now uses context.filter ([#1198](#1198)) ([68cef9b](68cef9b))
* change error message when mixing pages and other elements in an action form ([#1201](#1201)) ([c06e8f7](c06e8f7))
* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* ignore inconsistent foreign key types ([#1202](#1202)) ([b5e8c6a](b5e8c6a))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **capabilities:** define native query connection capabilities ([#1220](#1220)) ([bd0fc7c](bd0fc7c))
* **capabilities:** register capabilities route for field filter operators ([#1197](#1197)) ([31edc82](31edc82))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))

### Reverts

*  "chore(capabilities): define native query connection capabilities ([#1219](#1219))" ([290cde3](290cde3))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/datasource-sql@1.16.0 [skip ci]
bf6f525 
# [1.16.0](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/datasource-sql@1.15.0...@forestadmin/datasource-sql@1.16.0) (2024-11-27)

### Bug Fixes

* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))

### Features

* **capabilities:** define native query connection capabilities ([#1220](#1220)) ([bd0fc7c](bd0fc7c))

### Reverts

*  "chore(capabilities): define native query connection capabilities ([#1219](#1219))" ([290cde3](290cde3))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/datasource-toolkit@1.44.0 [skip ci]
e4ac62b 
# [1.44.0](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/datasource-toolkit@1.43.0...@forestadmin/datasource-toolkit@1.44.0) (2024-11-27)

### Bug Fixes

* **advanced-export:** export now uses context.filter ([#1198](#1198)) ([68cef9b](68cef9b))
* change error message when mixing pages and other elements in an action form ([#1201](#1201)) ([c06e8f7](c06e8f7))
* **forest-cloud:** generate datasource file on bootstrap ([#1203](#1203)) ([3a365f2](3a365f2))
* ignore inconsistent foreign key types ([#1202](#1202)) ([b5e8c6a](b5e8c6a))
* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))
* **typo:** bootstrap command ([#1206](#1206)) ([d60337b](d60337b))

### Features

* add support of projection on get route ([#1205](#1205)) ([5df3c58](5df3c58))
* better logs during timeout ([#1208](#1208)) ([e844184](e844184))
* **capabilities:** define native query connection capabilities ([#1220](#1220)) ([bd0fc7c](bd0fc7c))
* **capabilities:** register capabilities route for field filter operators ([#1197](#1197)) ([31edc82](31edc82))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))
* **forest-cloud:** introduce local development environment for cloud projects ([#1199](#1199)) ([e1cfa42](e1cfa42))

### Reverts

*  "chore(capabilities): define native query connection capabilities ([#1219](#1219))" ([290cde3](290cde3))
forest-bot added a commit that referenced this pull request Nov 27, 2024
@forest-bot
chore(release): @forestadmin/forestadmin-client@1.35.1 [skip ci]
98447e0 
## [1.35.1](https://github.com/ForestAdmin/agent-nodejs/compare/@forestadmin/forestadmin-client@1.35.0...@forestadmin/forestadmin-client@1.35.1) (2024-11-27)

### Bug Fixes

* **rename decorator:** properly map relation when renaming pk field ([#1217](#1217)) ([2de746f](2de746f))
* **security:** patch cross-spawn dependency vulnerabilities ([#1212](#1212)) ([79c5d35](79c5d35))
* **security:** patch express dependency vulnerabilities ([#1213](#1213)) ([a2c9399](a2c9399))
* **security:** patch tar dependency vulnerabilities ([#1214](#1214)) ([175b438](175b438))

### Features

* **capabilities:** define native query connection capabilities ([#1220](#1220)) ([bd0fc7c](bd0fc7c))
* **datasource sql:** add option to see paranoid ([#1210](#1210)) ([2d2639c](2d2639c))

### Reverts

*  "chore(capabilities): define native query connection capabilities ([#1219](#1219))" ([290cde3](290cde3))
@forest-bot
Copy link
Member

🎉 This PR is included in version 1.3.26 🎉

The release is available on npm package (@latest dist-tag)

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@arnaudbesnier @forest-bot