chore(monorepo): update pnpm.catalog.default zx to v8.8.5 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
zx (source)	8.5.0 → 8.8.5

---

zx Uses Incorrectly-Resolved Name or Reference

CVE-2025-13437 / GHSA-w87r-vg9q-crqm

More information

Details

When zx is invoked with --prefer-local=, the CLI creates a symlink named ./node_modules pointing to /node_modules. Due to a logic error in src/cli.ts (linkNodeModules / cleanup), the function returns the target path instead of the alias (symlink path). The later cleanup routine removes what it received, which deletes the target directory itself. Result: zx can delete an external /node_modules outside the current working directory.

Severity

• CVSS Score: 5.6 / 10 (Medium)
• Vector String: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H/E:U

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-13437
• https://github.com/google/zx/issues/1348
• https://github.com/google/zx/pull/1349
• https://github.com/google/zx/pull/1355
• https://github.com/google/zx/commit/9ef6d3c9962c4ba01e3fb8075855570c192b4681
• https://github.com/google/zx/commit/a4d1bc2467f305f1c91d62506e215f307dc1fbeb
• https://github.com/advisories/GHSA-w87r-vg9q-crqm

This data is provided by the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

google/zx (zx)

v8.8.5: — Temporary Reservoir

Compare Source

This release fixes the issue, when zx flushes external node_modules on linking #​1348 #​1349 #​1355

Also globby@15.0.0 arrives here.

v8.8.4: — Flange Coupling

Compare Source

It's time. This release updates zx internals to make the ps API and related methods ProcessPromise.kill(), kill() work on Windows systems without wmic.
#​1344 webpod/ps#15

1. WMIC will be missing in Windows 11 25H2 (kernel >= 26000)
2. The windows-latest label in GitHub Actions will migrate from Windows Server 2022 to Windows Server 2025 beginning September 2, 2025 and finishing by September 30, 2025.

https://github.blog/changelog/2025-07-31-github-actions-new-apis-and-windows-latest-migration-notice/#windows-latest-image-label-migration

v8.8.3: — Sealing Gasket

Compare Source

Continues #​1339 to prevent injections via Proxy input or custom toString() manipulations.

v8.8.2: — Leaking Valve

Compare Source

Fixes potential cmd injection via kill() method for Windows platform. #​1337 #​1339. Affects the versions range 8.7.1...8.8.1.

v8.8.1: — Turbo Flush

Compare Source

We keep improving the projects internal infra to bring more stability, safety and performance for artifacts.

Featfixes

• Applied flags filtration for CLI-driven deps install #​1308
• Added kill() event logging #​1312
• Set SIGTERM as kill() fallback signal #​1313
• Allowed stdio() arg be an array #​1311

const p = $({halt: true})`cmd`
p.stdio([stream, 'ignore', 'pipe'])

Enhancements

• Added check for zx@​lite pkg contents #​1317 #​1316
• Simplified ProcessPromise[asyncIterator] inners #​1307
• Updated deps: chalk 5.6.0, fs-extra 11.3.1, yaml 2.8.1 #​1309 #​1323 #​1326
• Added TS@​next to the test matrix #​1310
• Optimized internal shell setters #​1314
• Refactored build-publish pipelines and scripts #​1319 #​1320 #​1321 #​1322 #​1324 #​1325 #​1327

v8.8.0: — Pressure Tested

Compare Source

This release enhances the coherence between the ProcessPromise and the Streams API, eliminating the need for certain script-level workarounds.

✨ New Features

unpipe() — Selectively stop piping

You can now call .unpipe() to stop data transfer from a source to a destination without closing any of the pair. #​1302

const p1 = $`echo foo && sleep 0.1 && echo bar && sleep 0.1 && echo baz && sleep 0.1 && echo qux`
const p2 = $`echo 1 && sleep 0.15 && echo 2 && sleep 0.1 && echo 3`
const p3 = $`cat`

p1.pipe(p3)
p2.pipe(p3)

setTimeout(() => p1.unpipe(p3), 150)

const { stdout } = await p3
// 'foo\n1\nbar\n2\n3\n'

Many-to-one piping

Multiple sources can now stream into a single destination. All sources complete before the destination closes. #​1300

const $h = $({ halt: true })
const p1 = $`echo foo`
const p2 = $h`echo a && sleep 0.1 && echo c && sleep 0.2 && echo e`
const p3 = $h`sleep 0.05 && echo b && sleep 0.1 && echo d`
const p4 = $`sleep 0.4 && echo bar`
const p5 = $h`cat`

await p1
p1.pipe(p5)
p2.pipe(p5)
p3.pipe(p5)
p4.pipe(p5)

const { stdout } = await p5.run()
// 'foo\na\nb\nc\nd\ne\nbar\n'

Piping from rejected processes

Processes that exit with errors can now still pipe their output. The internal recorder retains their stream, status, and exit code. #​1296

const p1 = $({ nothrow: true })`echo foo && exit 1`
await p1

const p2 = p1.pipe($({ nothrow: true })`cat`)
await p2

p1.output.toString() // 'foo\n'
p1.output.ok         // false
p1.output.exitCode   // 1

p2.output.toString() // 'foo\n'
p2.output.ok         // false
p2.output.exitCode   // 1

Components versions

Since zx bundles third-party libraries without their package.jsons, their versions weren’t previously visible. You can now access them via the versions static map — including zx itself. #​1298 #​1295

import { versions } from 'zx'

versions.zx     // 8.7.2
versions.chalk  // 5.4.1

v8.7.2: — Copper Crafter

Compare Source

Stability and customizability improvements

• Handle nothrow option on ProcessPromise init stage #​1288

const o = await $({ nothrow: true })`\033`
o.ok      // false
o.cause   // Error

• Handle _snapshot.killSignal value on kill() #​1287

const p = $({killSignal: 'SIGKILL'})`sleep 10`
await p.kill()
p.signal  // 'SIGKILL'

• Introduced Fail class #​1285

import { Fail } from 'zx'

Fail.EXIT_CODES['2'] = 'Custom error message'
Fail.formatErrorMessage = (err: Error, from: string): string =>
  `${err.message} (${from})`

• Expose $ as type #​1283

import type { $, Options } from 'zx'

const custom$: $ = (pieces: TemplateStringsArray | Partial<Options>, ...args: any[]) => {
  // ... custom implementation
}

• Internal tweak ups #​1276 #​1277 #​1278 #​1279 #​1280 #​1281 #​1282 #​1286 #​1289

• Described the zx architecture basics. This section helps to better understand the zx concepts and internal logic, and will be useful for those who want to become a project contributor, make tools based on it, or create something similar from scratch. #​1290 #​1291 #​1292

v8.7.1: — Pipe Whisperer

Compare Source

Continues v8.7.0: handles new ps() corner case and improves $.kill mechanics on Windows #​1266 #​1267 #​1269 webpod/ps#14

v8.7.0: — Solder Savior

Compare Source

Important fixes for annoying flaky bugs

kill() 🐞

We've found an interesting case #​1262

const p = $`sleep 1000`
const {pid} = p // 12345
await p.kill()

If we kill the process again, the result might be unexpected:

await ps({pid}) // {pid: 12345, ppid: 67890, command: 'another command', ...}
p.kill()

This happens because the pid may be reused by the system for another process, so we've added extra assertions to prevent indeterminacy:

p.kill()  // Error: Too late to kill the process.
p.abort() // Error: Too late to abort the process.

ps() 🐛

• ps() uses wmic internally on Windows, it relies on fragile heuristics to parse the output. We have improved this logic to handle more format variants, but over time (in v9 maybe) we're planning to change the approach.

#​1256 #​1263 webpod/ps#12 webpod/ingrid#6

const [root] = await ps.lookup({ pid: process.pid })
assert.equal(root.pid, process.pid)

v8.6.2: — Flow Unstoppable

Compare Source

Fixes $.prefix & $.postfix values settings via env variables #​1261 #​1260

v8.6.1: — Drain Hero

Compare Source

• Use process.env.SHELL as default shell if defined #​1252

SHELL=/bin/zsh zx script.js

• Accept numeric strings as parseDuration() arg #​1249

await sleep(1000)   // 1 second
await sleep('1000') // 1 second

• Update docker base image to node:24-alpine #​1239
• Docs improvements #​1242 #​1243 #​1246 #​1248 #​1251

v8.6.0: — Valve Vanguard

Compare Source

• Enabled thenable params processing for $ literals #​1237

const a1 = $`echo foo`
const a2 = new Promise((resolve) => setTimeout(resolve, 20, ['bar', 'baz']))

await $`echo ${a1} ${a2}` // foo bar baz

• A dozen of internal refactorings #​1225 #​1226 #​1228 #​1229 #​1230 #​1231 #​1232 #​1233 #​1234 #​1235 #​1236 #​1238 #​1239
  • Deps bumping
  • Bytes shrinking
  • Docs improvements

v8.5.5: — PVC Wizard

Compare Source

Minor feature polish.

• ProcessPromise and ProcessOutput lines() getters now accept a custom delimiter #​1220 #​1218

const cwd = tempdir()
const delimiter = '\0'

const p1 = $({
  cwd
})`touch foo bar baz; find ./ -type f -print0 -maxdepth 1`
(await p1.lines(delimiter)).sort() // ['./bar', './baz', './foo']
  
// or via options
const lines = []
const p2 = $({
  delimiter,
  cwd,
})`find ./ -type f -print0 -maxdepth 1`

for await (const line of p2) {
  lines.push(line)
}

lines.sort() // ['./bar', './baz', './foo']

• Handle .nothrow() option in ProcessProcess[AsyncIterator] #​1216 #​1217
• Updates yaml to v2.8.0 #​1221

v8.5.4: — Pipe Dreamer

Compare Source

• Fixed the pipe(file: string) signature type declaration #​1208 #​1209

v8.5.3: — Trap Master

Compare Source

• Another portion of JSR related improvements #​1193 #​1192
• Goods refactoring #​1195
  • Fixes expBackoff implementation
  • Sets $.log.output as default spinner() output
  • Makes configurable question() I/O
• Added Graaljs compatability test #​1194
• Docs improvements, usage examples updates #​1198

v8.5.2: — Threaded Perfection

Compare Source

• Various JSR fixes #​1189 #​1186 #​1179 #​1187
• Docs improvements #​1185 #​1181

---

Configuration

📅 Schedule: (in timezone America/New_York)

• Branch creation
  • ""
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

---

• Branch has one or more failed status checks

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm entities is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: pnpm-lock.yaml → npm/entities@4.5.0 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/entities@4.5.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		Obfuscated code: npm entities is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: pnpm-lock.yaml → npm/entities@6.0.1 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/entities@6.0.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	server-only@​0.0.1
	tslib@​2.8.1
	date-fns@​4.1.0
	dotenv@​16.4.7

View full report