From 0a31f1cb97d6ed08987de6b2749d4e5661baf4ea Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 24 Jan 2023 10:22:52 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SIMPLEGIT-3177391 --- package-lock.json | 18 ++++++++++++++---- package.json | 2 +- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8ae7486d6..120efa2c5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -7022,13 +7022,23 @@ "dev": true }, "simple-git": { - "version": "2.44.0", - "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-2.44.0.tgz", - "integrity": "sha512-wIjcAmymhzgdaM0Y/a+XxmNGlivvHQTPZDYXVmyHMShVDwdeVqu3+OOyDbYu0DnfVzqLs2EOxRTgMNbC3YquwQ==", + "version": "3.16.0", + "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-3.16.0.tgz", + "integrity": "sha512-zuWYsOLEhbJRWVxpjdiXl6eyAyGo/KzVW+KFhhw9MqEEJttcq+32jTWSGyxTdf9e/YCohxRE+9xpWFj9FdiJNw==", "requires": { "@kwsites/file-exists": "^1.1.1", "@kwsites/promise-deferred": "^1.1.1", - "debug": "^4.3.1" + "debug": "^4.3.4" + }, + "dependencies": { + "debug": { + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", + "requires": { + "ms": "2.1.2" + } + } } }, "sisteransi": { diff --git a/package.json b/package.json index 9d7b105aa..f38e5c32b 100644 --- a/package.json +++ b/package.json @@ -74,7 +74,7 @@ "node-forge": "^0.10.0", "node-ssh": "^11.1.1", "semver": "^7.3.5", - "simple-git": "^2.44.0", + "simple-git": "^3.16.0", "strip-url-auth": "^1.0.1", "tar": "^6.1.8", "tempy": "^0.6.0",