chore(deps): remove execa direct dependency

[dependabot]

Bumps execa from 4.1.0 to 8.0.1.

Release notes

Sourced from execa's releases.

v8.0.1

Fixes

• Fix and document support for the {encoding: 'buffer'} option. It is the same as {encoding: null}, but preferred over it. (#572)

sindresorhus/execa@v8.0.0...v8.0.1

v8.0.0

Breaking

• Require Node.js 16.7.0 and later (#569)

sindresorhus/execa@v7.2.0...v8.0.0

v7.2.0

• Add cwd error property (#565) f57fdec

sindresorhus/execa@v7.1.1...v7.2.0

v7.1.1

Features

• Improve error message when $.sync(options)`command` is used instead of $(options).sync`command` (#551)

Bug fixes

• Fix argument concatenation when using $`command argument${value}` (#553)
• Fix default value of the stdin option when using $`command`: it should be inherit (#550)

v7.1.0

Features

• Add $ method to write Node.js scripts like zx. For more information, please see this blog post, this section and this page. Thanks @​aaronccasanova for this great feature!

import {$} from 'execa';
const branch = await $git branch --show-current;
await $dep deploy --branch=${branch};

• Add .pipeStdout(), .pipeStderr() and .pipeAll() methods to redirect stdout/stderr to a file, a stream or another process.

// Similar to `echo unicorns > stdout.txt` in Bash
await execa('echo', ['unicorns']).pipeStdout('stdout.txt');
// Similar to echo unicorns 2> stdout.txt in Bash
await execa('echo', ['unicorns']).pipeStderr('stderr.txt');
</tr></table>

... (truncated)

Commits

• f4b8b3a 8.0.1
• 89c69fe Support {encoding: 'buffer'} (#572)
• e7dee28 8.0.0
• 88ee3bd Upgrade get-stream (#571)
• f31fbdb Fix documentation typo (#568)
• 468fbe1 Upgrade signal-exit to v4 (#570)
• 65992b4 Require Node.js 16 (#569)
• db58085 7.2.0
• f57fdec Add cwd error property (#565)
• a228eda Meta tweaks
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

A newer version of execa exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

[changeset-bot]

🦋 Changeset detected

Latest commit: 3c56f93

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
@talend/module-to-cdn	Minor

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[jmfrancois]

I dont' see any default in it 🤔

> import('execa').then(mod => console.log(mod))
Promise {
  <pending>,
  [Symbol(async_id_symbol)]: 2448,
  [Symbol(trigger_async_id_symbol)]: 2440
}
> [Module: null prototype] {
  '$': [Function: $] { sync: [Function (anonymous)] },
  execa: [Function: execa],
  execaCommand: [Function: execaCommand],
  execaCommandSync: [Function: execaCommandSync],
  execaNode: [Function: execaNode],
  execaSync: [Function: execaSync]
}
> import('execa').then(mod => console.log(mod.execa))
Promise {
  <pending>,
  [Symbol(async_id_symbol)]: 2527,
  [Symbol(trigger_async_id_symbol)]: 2519
}
> [Function: execa]

[github-actions]

Storybook for this PR deployed on this github page

[jmfrancois]

do not work, need to run module-to-cdn test:cron command

To fix this issue, we should avoid passing untrusted input directly to the shell. Instead of using child.execSync with a string command, we should use child.execFileSync, which takes the command and its arguments as separate parameters, bypassing the shell and preventing command injection. Specifically, we should replace child.execSync(`npm info --json ${moduleName}`, {encoding: 'utf8'}) with child.execFileSync('npm', ['info', '--json', moduleName], {encoding: 'utf8'}). This change should be made in the getModuleInfo function in fork/module-to-cdn/cache.js. No additional imports are needed, as child_process is already imported as child.

---

[github-actions]

Title	Lines	Statements	Branches	Functions
assets-api		28.4% (25/88)	30.76% (16/52)	21.42% (3/14)
cmf		89.36% (1243/1391)	80.93% (607/750)	89.51% (350/391)
cmf-cqrs		87.43% (160/183)	70.23% (59/84)	84.21% (48/57)
cmf-router		69.23% (135/195)	55.71% (78/140)	56.81% (25/44)
components		90.63% (5517/6087)	81.59% (3196/3917)	88.14% (1390/1577)
containers		83.59% (1391/1664)	74.3% (694/934)	75% (327/436)
dataviz		85.44% (323/378)	66.66% (160/240)	75.79% (119/157)
design-system		66.49% (1016/1528)	50.93% (544/1068)	53.94% (219/406)
faceted-search		85.08% (639/751)	78.63% (287/365)	81.88% (226/276)
flow-designer		70.07% (651/929)	66.72% (355/532)	70.92% (200/282)
forms		85.81% (1640/1911)	75.77% (929/1226)	84.24% (460/546)
http		100% (85/85)	98.07% (51/52)	100% (34/34)
sagas		92.3% (24/26)	66.66% (4/6)	50% (2/4)
stepper		81.52% (150/184)	59.34% (54/91)	80.85% (38/47)
utils		100% (73/73)	90.9% (10/11)	100% (24/24)