test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript icon indicating copy to clipboard operation
test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript copied to clipboard

Published 20 hours ago verified publisher icon forwardemail

chore: update display-notification to v3

Open mikejancar opened this issue 10 months ago • 4 comments

Checklist

  • [x] I have ensured my pull request is not behind the main or master branch of the original repository.
  • [x] I have rebased all commits where necessary so that reviewing this pull request can be done without having to merge it first.
  • [x] I have written a commit message that passes commitlint linting.
  • [x] I have ensured that my code changes pass linting tests.
  • [x] I have ensured that my code changes pass unit tests.
  • [x] I have described my pull request and the reasons for code changes along with context if necessary.

Changes made

  • Updates the version of display-notification from 2.0.0 to 3.0.0
  • Updates the module's require statement to be dynamic to align with the new version of display-notification

Reason for the change

Some security scanners list the 0.10.0 version of the execa package as being vulnerable to a command injection attack. The execa package is a direct dependency of the run-applescript package which is a direct dependency of display-notification. This update upgrades run-applescript to a ^5.0.0 version which takes execa up to a ^5.0.0 version.

mikejancar avatar Jan 13 '25 20:01 mikejancar