refactor: Update cross-spawn transitive dependency across the repo (#…

…23415) ## Description Updates the cross-spawn dependency across the repo (including a test pnpm workspace inside build-tools) to address https://nvd.nist.gov/vuln/detail/CVE-2024-21538. In a few packages, some other transitive dependencies got updated even when targeting just cross-spawn, but the changes seem ok.
microsoft · Jan 3, 2025 · 2c6181f · 2c6181f
1 parent e6d677b
commit 2c6181f
Show file tree

Hide file tree

Showing 14 changed files with 149 additions and 225 deletions.
diff --git a/build-tools/packages/build-infrastructure/src/test/data/testRepo/package.json b/build-tools/packages/build-infrastructure/src/test/data/testRepo/package.json
@@ -15,6 +15,6 @@
 		"@fluid-tools/build-infrastructure": "link:../../../../../build-infrastructure"
 	},
 	"devDependencies": {
-		"@changesets/cli": "^2.27.9"
+		"@changesets/cli": "^2.27.11"
 	}
 }
diff --git a/build-tools/packages/build-infrastructure/src/test/data/testRepo/pnpm-lock.yaml b/build-tools/packages/build-infrastructure/src/test/data/testRepo/pnpm-lock.yaml
diff --git a/build-tools/pnpm-lock.yaml b/build-tools/pnpm-lock.yaml
diff --git a/common/build/eslint-config-fluid/pnpm-lock.yaml b/common/build/eslint-config-fluid/pnpm-lock.yaml
diff --git a/common/build/eslint-plugin-fluid/pnpm-lock.yaml b/common/build/eslint-plugin-fluid/pnpm-lock.yaml