Bump cross-spawn, @shopify/cli and @shopify/cli-hydrogen

[dependabot]

Bumps cross-spawn to 7.0.6 and updates ancestor dependencies cross-spawn, @shopify/cli and @shopify/cli-hydrogen. These dependencies need to be updated together.

Updates cross-spawn from 7.0.3 to 7.0.6

Changelog

Sourced from cross-spawn's changelog.

7.0.6 (2024-11-18)

Bug Fixes

• update cross-spawn version to 7.0.5 in package-lock.json (f700743)

7.0.5 (2024-11-07)

Bug Fixes

• fix escaping bug introduced by backtracking (640d391)

7.0.4 (2024-11-07)

Bug Fixes

• disable regexp backtracking (#160) (5ff3a07)

Commits

• 77cd97f chore(release): 7.0.6
• 6717de4 chore: upgrade standard-version
• f700743 fix: update cross-spawn version to 7.0.5 in package-lock.json
• 9a7e3b2 chore: fix build status badge
• 0852683 chore(release): 7.0.5
• 640d391 fix: fix escaping bug introduced by backtracking
• bff0c87 chore: remove codecov
• a7c6abc chore: replace travis with github workflows
• 9b9246e chore(release): 7.0.4
• 5ff3a07 fix: disable regexp backtracking (#160)
• Additional commits viewable in compare view

Updates @shopify/cli from 3.50.0 to 3.70.0

Release notes

Sourced from @​shopify/cli's releases.

3.70.0

Themes

• Remove Ruby implementation of the theme push and theme info commands
• Added a warning to help users troubleshoot when a development theme is missing required files
• Prevent the shopify theme dev command from terminating by refreshing the session
• Fix the theme ID mismatch error, where the live theme ID is returned instead of the development theme ID
• Fix an issue in the theme push command where a confirmation prompt is rendered to users who provide the --allow-live flag
• Fix an issue in app dev where host themes would have empty files
• Show an error when the config/settings_schema.json file cannot be parsed
• Fix an issue where you could not use multipass passwords with theme dev
• Fix theme dev command deleting remote files even if using --nodelete flag
• Improve language around --nodelete flags for push and pull commands
• Fix files ignored when using negate patterns

Apps

• Always ask to enable include_config_on_deploy and warn about deprecation
• Enable local file system sourcemap generation for UI extensions
• Add optional preloads to ui extension targets

CLI

• Notification system
• Show a warning when there are multiple CLI installations

3.69.4

What's Changed

• Bump cli hydrogen on 3.69 by @​wizardlyhel in Shopify/cli#4772

Full Changelog: Shopify/cli@3.69.3...3.69.4

3.69.3

What's Changed

• Fix redirect_urls being appended instead of replaced during app dev Shopify/cli#4749

Full Changelog: Shopify/cli@3.69.2...3.69.3

3.69.2

What's Changed

• Fix a bug with running shopify app dev and certain extension types. Apologies for those affected.

3.69.1

Misc

• Additional bug-tracking.

3.69.0

Themes

... (truncated)

Changelog

Sourced from @​shopify/cli's changelog.

3.70.0

Minor Changes

• 33477dd9d7: Notification system

Patch Changes

• 2720923007: Fix files ignored when using negate patterns
• 55307bb536: Remove ruby version from theme info command
• 7da2c4dbde: Bump cli-hydrogen to 9.0.2
• 1623765ac9: Fix issue where you could not use multipass passwords with theme dev
• 57bb933980: Fix theme dev command deleting remote files even if using --nodelete flag
• 58768c3b64: Improve language around --nodelete flags for push and pull commands

3.69.0

Minor Changes

• 0b587dff5: Improve user logging for render requests

Patch Changes

• 581abd8d4: Improve user logging by adding status codes and event methods
• 8df131c3e: Fix syntax for theme command documentation

3.68.0

Minor Changes

• 2200be0ae: force a minor CLI 3.68.0 release from patch changes

3.67.0

Minor Changes

• 4b4146186: Default to Typescript implementation for theme commands. Legacy implementation is stil available via the --legacy flag.

3.66.0

Minor Changes

• 05cbe63566: Display daily upgrade reminder when a new version is available

Patch Changes

• 40a7b1229a: CLI now better handles 429 rate limiting for large projects

3.65.0

... (truncated)

Commits

• 4dd6d9e Version Packages
• 32f4009 Refresh manifests
• 7d1d18a Fetch notifications from the Shopify CDN
• 33477dd Notification system
• 3c98760 Revert "Notification system"
• f0942ec Merge branch 'main' into notifications
• 628b80b If an uncaughtException is actually a FatalError, render it as such
• 53f17bf Merge branch 'main' into notifications
• 837f068 Bump @​shopify/cli-hydrogen to 9.0.2 to pull in cli-kit restore
• 5fffff7 update cli-hydrogen version
• Additional commits viewable in compare view

Updates @shopify/cli-hydrogen from 6.1.1 to 9.0.2

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.