Uploaded image for project: 'Spark'
  1. Spark
  2. SPARK-44111 Prepare Apache Spark 4.0.0
  3. SPARK-50501

Update cross-spawn JS module to surpress a warning in lint

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 4.0.0
    • 4.0.0
    • Build

    Description

      Recently, ./dev/lint-js shows a warning like as follows.

      1 high severity vulnerability

To address all issues, run:
  npm audit fix

Run `npm audit` for details.

      To inspect more, I executed npm audit and the result is:

      cross-spawn  7.0.0 - 7.0.4
Severity: high
Regular Expression Denial of Service (ReDoS) in cross-spawn - https://github.com/advisories/GHSA-3xgq-45jj-v275
fix available via `npm audit fix`
node_modules/cross-spawn

1 high severity vulnerability

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #49077

          Activity

            People

              sarutak Kousuke Saruta
              sarutak Kousuke Saruta
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: