search

Tim-sandbox / barista

Apache License 2.0
0 stars 0 forks source link

Update dependency simple-git to v3 #148

Open mend-for-github-com[bot] opened 2 years ago

mend-for-github-com[bot] commented 2 years ago

This PR contains the following updates:

Package Type Update Change
simple-git dependencies major ^2.38.1 -> ^3.0.0

By merging this PR, the below issues will be automatically resolved and closed:

Severity CVSS Score CVE GitHub Issue
High 9.8 CVE-2022-24066 #150
High 9.8 CVE-2022-24433 #141

Release Notes

steveukx/git-js ### [`v3.5.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​350) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git@3.4.0...simple-git@3.5.0) ##### Minor Changes - [`2040de6`](https://togithub.com/steveukx/git-js/commit/2040de6): Resolves potential command injection vulnerability by preventing use of `--upload-pack` in `git.clone` ### [`v3.4.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​340) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git@3.3.0...simple-git@3.4.0) ##### Minor Changes - [`ed412ef`](https://togithub.com/steveukx/git-js/commit/ed412ef): Use null separators in git.status to allow for non-ascii file names ### [`v3.3.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​330) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git@3.2.6...simple-git@3.3.0) ##### Minor Changes - [`d119ec4`](https://togithub.com/steveukx/git-js/commit/d119ec4): Resolves potential command injection vulnerability by preventing use of `--upload-pack` in `git.fetch` ### [`v3.2.6`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​326) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git@3.2.4...simple-git@3.2.6) ##### Patch Changes - [`80651d5`](https://togithub.com/steveukx/git-js/commit/80651d5): Resolve issue in prePublish script ### [`v3.2.4`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​324) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git-v3.1.1...simple-git@3.2.4) ##### Patch Changes - [`d35987b`](https://togithub.com/steveukx/git-js/commit/d35987b): Release with changesets ### [`v3.1.1`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​311-httpswwwgithubcomsteveukxgit-jscomparesimple-git-v310simple-git-v311-2022-01-26) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git-v3.1.0...simple-git-v3.1.1) ### [`v3.1.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​310-httpswwwgithubcomsteveukxgit-jscomparesimple-git-v304simple-git-v310-2022-01-23) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git-v3.0.4...simple-git-v3.1.0) ##### Features - optionally include ignored files in `StatusResult` ([70e6767](https://www.github.com/steveukx/git-js/commit/70e676759012d26ab644644e10f7957fba51ae2f)), closes [#​718](https://www.togithub.com/steveukx/git-js/issues/718) ##### [3.0.4](https://www.github.com/steveukx/git-js/compare/simple-git-v3.0.3...simple-git-v3.0.4) (2022-01-23) ##### Bug Fixes - support parsing empty responses ([91eb7fb](https://www.github.com/steveukx/git-js/commit/91eb7fb01fe466468537621cb94b9f932026506e)), closes [#​713](https://www.togithub.com/steveukx/git-js/issues/713) ##### [3.0.3](https://www.github.com/steveukx/git-js/compare/simple-git-v3.0.2...simple-git-v3.0.3) (2022-01-20) ##### Bug Fixes - allow branches without labels ([07a1388](https://www.github.com/steveukx/git-js/commit/07a138808fb0b78068da83030698a957e567541c)) - implement v3 deprecations ([ed6d18e](https://www.github.com/steveukx/git-js/commit/ed6d18e88a6a4f9fd18d4733a94b491e0e9e3ba1)) - publish v3 as `latest` ([5db4434](https://www.github.com/steveukx/git-js/commit/5db4434d00acba560fe2569c04f9813cde026468)) ##### [3.0.2](https://www.github.com/steveukx/git-js/compare/simple-git-v3.0.1...simple-git-v3.0.2) (2022-01-18) ##### Bug Fixes - Backward compatibility - permit loading `simple-git/promise` with deprecation notice until mid-2022. ([4413c47](https://www.github.com/steveukx/git-js/commit/4413c47fa3d9893734a5bb06075b962645f73cb9)) ##### [3.0.1](https://www.github.com/steveukx/git-js/compare/simple-git-v3.0.0...simple-git-v3.0.1) (2022-01-18) ##### Bug Fixes - Documentation update ([4e000f6](https://www.github.com/steveukx/git-js/commit/4e000f69aa876b3999ec98fe42e94186facd5790)) ### [`v3.0.4`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​304-httpswwwgithubcomsteveukxgit-jscomparesimple-git-v303simple-git-v304-2022-01-23) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git-v3.0.3...simple-git-v3.0.4) ### [`v3.0.3`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​303-httpswwwgithubcomsteveukxgit-jscomparesimple-git-v302simple-git-v303-2022-01-20) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git-v3.0.2...simple-git-v3.0.3) ### [`v3.0.2`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​302-httpswwwgithubcomsteveukxgit-jscomparesimple-git-v301simple-git-v302-2022-01-18) [Compare Source](https://togithub.com/steveukx/git-js/compare/simple-git-v3.0.1...simple-git-v3.0.2) ### [`v3.0.1`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​301-httpswwwgithubcomsteveukxgit-jscomparesimple-git-v300simple-git-v301-2022-01-18) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.48.0...simple-git-v3.0.1) ### [`v2.48.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2480-httpswwwgithubcomsteveukxgit-jscomparev2471v2480-2021-12-01) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.47.1...v2.48.0) ##### Features - `StatusResult` returned by `git.status()` should include `detached` state of the working copy. ([#​695](https://www.togithub.com/steveukx/git-js/issues/695)) ([f464ebe](https://www.github.com/steveukx/git-js/commit/f464ebe567c6c5cd4e99fd7e6300d9efdd4cbb1b)) ##### Bug Fixes - Add example for empty commit message in `git.commit()` ([61089cb](https://www.github.com/steveukx/git-js/commit/61089cbcb791acf9dc596dcc903e7b9c6c76c0e1)) ##### [2.47.1](https://www.github.com/steveukx/git-js/compare/v2.47.0...v2.47.1) (2021-11-29) ##### Bug Fixes - Add support for node@17 in unit tests ([0d3bf47](https://www.github.com/steveukx/git-js/commit/0d3bf479dd52e68e3af502685568c8e376ba2af3)) - Add support for node@17 in unit tests ([0d3bf47](https://www.github.com/steveukx/git-js/commit/0d3bf479dd52e68e3af502685568c8e376ba2af3)) ### [`v2.47.1`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2471-httpswwwgithubcomsteveukxgit-jscomparev2470v2471-2021-11-29) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.47.0...v2.47.1) ### [`v2.47.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2470-httpswwwgithubcomsteveukxgit-jscomparev2460v2470-2021-10-19) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.46.0...v2.47.0) ##### Features - git-grep ([653065e](https://www.github.com/steveukx/git-js/commit/653065ebb19bb6718466fc00d9c77047b83aca5d)) ### [`v2.46.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2460-httpswwwgithubcomsteveukxgit-jscomparev2451v2460-2021-09-29) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.45.1...v2.46.0) ##### Features - `completion` plugin ([#​684](https://www.togithub.com/steveukx/git-js/issues/684)) ([ecb7bd6](https://www.github.com/steveukx/git-js/commit/ecb7bd6688b5e6d970cf64ac36ebb4c2bf7f081a)) - `completion` plugin to allow configuring when `simple-git` determines the `git` tasks to be complete. ([ecb7bd6](https://www.github.com/steveukx/git-js/commit/ecb7bd6688b5e6d970cf64ac36ebb4c2bf7f081a)) ##### [2.45.1](https://www.github.com/steveukx/git-js/compare/v2.45.0...v2.45.1) (2021-09-04) ##### Bug Fixes - support progress events in locales other than western european character sets. ([8cc42f8](https://www.github.com/steveukx/git-js/commit/8cc42f83b5cb99de5b2960bf0cada2a259d09d57)) ### [`v2.45.1`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2451-httpswwwgithubcomsteveukxgit-jscomparev2450v2451-2021-09-04) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.45.0...v2.45.1) ### [`v2.45.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2450-httpswwwgithubcomsteveukxgit-jscomparev2440v2450-2021-08-27) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.44.0...v2.45.0) ##### Features - Use author email field that respects mailmap ([589d624](https://www.github.com/steveukx/git-js/commit/589d62419139ce5ace5081c9c9ae77f83d3f85ab)) ##### Bug Fixes - getConfig always returns `null` despite values being present in configuration ([9fd483a](https://www.github.com/steveukx/git-js/commit/9fd483aa88ee3f6f8674978b36f08811cfb8812a)) ### [`v2.44.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2440-httpswwwgithubcomsteveukxgit-jscomparev2430v2440-2021-08-14) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.43.0...v2.44.0) ##### Features - add support for getting the current value of a git configuration setting based on its name. ([1d09204](https://www.github.com/steveukx/git-js/commit/1d09204526556a76c5b82979842e6ba5018b083e)) ### [`v2.43.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2430-httpswwwgithubcomsteveukxgit-jscomparev2420v2430-2021-08-13) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.42.0...v2.43.0) ##### Features - task callback types defined as single function type ([b0a832c](https://www.github.com/steveukx/git-js/commit/b0a832ce22093ff7c9d24aa2b010dd005760acf6)) ### [`v2.42.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2420-httpswwwgithubcomsteveukxgit-jscomparev2412v2420-2021-07-31) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.41.2...v2.42.0) ##### Features - move `log` task to separate task builder ([0712f86](https://www.github.com/steveukx/git-js/commit/0712f86cf03be04c844cfda0e00fc8cbdb634bb7)) - support `scope` argument in `listConfig` to return a specific scope's configuration ([0685a8b](https://www.github.com/steveukx/git-js/commit/0685a8b5d8558252bb50451d9c6c8b2bd474d0c8)) ##### [2.41.2](https://www.github.com/steveukx/git-js/compare/v2.41.1...v2.41.2) (2021-07-29) ##### Bug Fixes - use literal `true` and `false` in `DiffResultTextFile | DiffResultBinaryFile` to aid type assertions. ([8059099](https://www.github.com/steveukx/git-js/commit/80590997b62573b5cf6483054676efaf7d379d52)) ##### [2.41.1](https://www.github.com/steveukx/git-js/compare/v2.41.0...v2.41.1) (2021-07-11) ##### Bug Fixes - Commit parsing should cater for file names with square brackets ([ae81134](https://www.github.com/steveukx/git-js/commit/ae811348fd7c78bf970887fe76a76014b7f64bc1)) ### [`v2.41.2`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2412-httpswwwgithubcomsteveukxgit-jscomparev2411v2412-2021-07-29) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.41.1...v2.41.2) ### [`v2.41.1`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2411-httpswwwgithubcomsteveukxgit-jscomparev2410v2411-2021-07-11) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.41.0...v2.41.1) ### [`v2.41.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2410-httpswwwgithubcomsteveukxgit-jscomparev2400v2410-2021-07-11) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.40.0...v2.41.0) ##### Features - allow setting the scope of `git config add` to work on the `local`, `global` or `system` configuration. ([c7164e7](https://www.github.com/steveukx/git-js/commit/c7164e77b98553a5e837da301bc63430741ec092)) - allow setting the scope of git config add to work on the `local`, `global` or `system` configuration. ([00ada06](https://www.github.com/steveukx/git-js/commit/00ada06057c21193bfbdba917b78a6d3de4ff6c9)) ### [`v2.40.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2400-httpswwwgithubcomsteveukxgit-jscomparev2391v2400-2021-06-12) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.39.1...v2.40.0) ##### Features - create the `spawnOptions` plugin to allow setting `uid` / `gid` owner for the spawned `git` child processes. ([cc70220](https://www.github.com/steveukx/git-js/commit/cc70220f7636372a4aacd0fb5a74ee98dee54e0d)) ##### [2.39.1](https://www.github.com/steveukx/git-js/compare/v2.39.0...v2.39.1) (2021-06-09) ##### Bug Fixes - add types and tests for the documented .exec api ([#​631](https://www.togithub.com/steveukx/git-js/issues/631)) ([c9207da](https://www.github.com/steveukx/git-js/commit/c9207da1d8196193b580c5d4fed6101e5c4d4ff8)) - add types and tests for the documented `.exec` api ([c9207da](https://www.github.com/steveukx/git-js/commit/c9207da1d8196193b580c5d4fed6101e5c4d4ff8)) - updates the documentation for `mergeFromTo` to more closely represent its functionality (see [#​50](https://www.togithub.com/steveukx/git-js/issues/50) for the original requirement). ([dd2244e](https://www.github.com/steveukx/git-js/commit/dd2244e1bd84911668b0d23184afb736dc5386b8)) ### [`v2.39.1`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2391-httpswwwgithubcomsteveukxgit-jscomparev2390v2391-2021-06-09) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.39.0...v2.39.1) ### [`v2.39.0`](https://togithub.com/steveukx/git-js/blob/HEAD/simple-git/CHANGELOG.md#​2390-httpswwwgithubcomsteveukxgit-jscomparev2381v2390-2021-05-13) [Compare Source](https://togithub.com/steveukx/git-js/compare/v2.38.1...v2.39.0) ##### Features - `git.cwd` can now be configured to affect just the chain rather than root instance. ([4110662](https://www.github.com/steveukx/git-js/commit/411066241c014c609d18a37e128c38f2c947c6e7)) ##### [2.38.1](https://www.github.com/steveukx/git-js/compare/v2.38.0...v2.38.1) (2021-05-09) ##### Bug Fixes - Export `GitPluginError` from the main package. ([2aa7e55](https://www.github.com/steveukx/git-js/commit/2aa7e55216cdf57ca905cd6c23ff6b71002450c6)), closes [#​616](https://www.togithub.com/steveukx/git-js/issues/616)