1. Shopify CLI-Kit Patches Command Injection Vulnerability in tree-kill Utility on Windows
A security patch for Shopify's CLI kit addresses a command injection vulnerability in the `tree-kill` utility targeting Windows environments. The flaw originated from the use of `exec` for process termination, which allowed unsanitized PID input to potentially reach the system shell. The fix replaces `exec` with `spawn...