From 52ff48b54892d140608458c222eab975d832c67b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 9 Nov 2024 05:41:54 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230
---
 package.json | 2 +-
 yarn.lock    | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 087970b2..307e0c7a 100644
--- a/package.json
+++ b/package.json
@@ -55,7 +55,7 @@
   },
   "dependencies": {
     "@percy/cli-command": "^1.28.5",
-    "cross-spawn": "^7.0.3",
+    "cross-spawn": "^7.0.5",
     "qs": "^6.11.0"
   },
   "devDependencies": {
diff --git a/yarn.lock b/yarn.lock
index bcfa9b06..af4a492f 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3152,6 +3152,15 @@ cross-spawn@^7.0.0, cross-spawn@^7.0.1, cross-spawn@^7.0.2, cross-spawn@^7.0.3:
     shebang-command "^2.0.0"
     which "^2.0.1"
 
+cross-spawn@^7.0.5:
+  version "7.0.5"
+  resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.5.tgz#910aac880ff5243da96b728bc6521a5f6c2f2f82"
+  integrity sha512-ZVJrKKYunU38/76t0RMOulHOnUcbU9GbpWKAOZ0mhjr7CX6FVrH+4FrAapSOekrgFQ3f/8gwMEuIft0aKq6Hug==
+  dependencies:
+    path-key "^3.1.0"
+    shebang-command "^2.0.0"
+    which "^2.0.1"
+
 crypto-random-string@^2.0.0:
   version "2.0.0"
   resolved "https://registry.yarnpkg.com/crypto-random-string/-/crypto-random-string-2.0.0.tgz#ef2a7a966ec11083388369baa02ebead229b30d5"