Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[SPARK-50501][BUILD] Update cross-spawn to surpress a warning in lint
### What changes were proposed in this pull request? This PR updates cross-spawn from 7.0.3 to 7.0.6. ### Why are the changes needed? Recently, `./dev/lint-js` shows a warning like as follows. ``` 1 high severity vulnerability To address all issues, run: npm audit fix Run `npm audit` for details. ``` We can see the same message in CI. https://github.com/apache/spark/actions/runs/12183892848/job/33986553884#step:24:20 To inspect more, I executed `npm audit` and the result is: ``` cross-spawn 7.0.0 - 7.0.4 Severity: high Regular Expression Denial of Service (ReDoS) in cross-spawn - GHSA-3xgq-45jj-v275 fix available via `npm audit fix` node_modules/cross-spawn 1 high severity vulnerability ``` `cross-spawn` is a dependency for the linter but the linter reports the issue as `high severity vulnerability` so let's fix it just in case. This change is done by `npm audit fix` as the warning indicates. ### Does this PR introduce _any_ user-facing change? No ### How was this patch tested? `./dev/lint-js` doesn't show the warning. ### Was this patch authored or co-authored using generative AI tooling? No Closes #49077 from sarutak/update-cross-spawn. Authored-by: Kousuke Saruta <[email protected]> Signed-off-by: Dongjoon Hyun <[email protected]>
- Loading branch information
1 parent
ee8db4e
commit 6add9c8