From aaa03bdd8dd5d46ca304605d01f24ef34f5f8f8b Mon Sep 17 00:00:00 2001
From: luisfuentech <luisfuentes.au@gmail.com>
Date: Fri, 11 Aug 2023 08:35:35 -0500
Subject: [PATCH 1/4] feat: upgrade semver dependency

---
 package-lock.json | 84 +++++++++++++++++++++++++++++++++++++++++++++++
 package.json      |  2 +-
 2 files changed, 85 insertions(+), 1 deletion(-)
 create mode 100644 package-lock.json

diff --git a/package-lock.json b/package-lock.json
new file mode 100644
index 0000000..88590dc
--- /dev/null
+++ b/package-lock.json
@@ -0,0 +1,84 @@
+{
+  "name": "git-tag",
+  "version": "0.2.0",
+  "lockfileVersion": 2,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "git-tag",
+      "version": "0.2.0",
+      "license": "MIT",
+      "dependencies": {
+        "semver": "^7.5.4"
+      },
+      "devDependencies": {
+        "async": "^0.9.0"
+      }
+    },
+    "node_modules/async": {
+      "version": "0.9.2",
+      "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz",
+      "integrity": "sha512-l6ToIJIotphWahxxHyzK9bnLR6kM4jJIIgLShZeqLY7iboHoGkdgFl7W2/Ivi4SkMJYGKqW8vSuk0uKUj6qsSw==",
+      "dev": true
+    },
+    "node_modules/lru-cache": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
+      "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
+      "dependencies": {
+        "yallist": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/semver": {
+      "version": "7.5.4",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz",
+      "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==",
+      "dependencies": {
+        "lru-cache": "^6.0.0"
+      },
+      "bin": {
+        "semver": "bin/semver.js"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/yallist": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
+      "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A=="
+    }
+  },
+  "dependencies": {
+    "async": {
+      "version": "0.9.2",
+      "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz",
+      "integrity": "sha512-l6ToIJIotphWahxxHyzK9bnLR6kM4jJIIgLShZeqLY7iboHoGkdgFl7W2/Ivi4SkMJYGKqW8vSuk0uKUj6qsSw==",
+      "dev": true
+    },
+    "lru-cache": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
+      "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
+      "requires": {
+        "yallist": "^4.0.0"
+      }
+    },
+    "semver": {
+      "version": "7.5.4",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.5.4.tgz",
+      "integrity": "sha512-1bCSESV6Pv+i21Hvpxp3Dx+pSD8lIPt8uVjRrxAUt/nbswYc+tK6Y2btiULjd4+fnq15PX+nqQDC7Oft7WkwcA==",
+      "requires": {
+        "lru-cache": "^6.0.0"
+      }
+    },
+    "yallist": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
+      "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A=="
+    }
+  }
+}
diff --git a/package.json b/package.json
index 6753b72..e193f19 100644
--- a/package.json
+++ b/package.json
@@ -21,6 +21,6 @@
     "async": "^0.9.0"
   },
   "dependencies": {
-    "semver": "~5.3.0"
+    "semver": "^7.5.4"
   }
 }

From 01b919aad9aa920161f5c03bd8f19d80f055d705 Mon Sep 17 00:00:00 2001
From: luisfuentech <luisfuentes.au@gmail.com>
Date: Fri, 11 Aug 2023 08:36:02 -0500
Subject: [PATCH 2/4] chore: remove unused nodejs module

---
 index.js | 107 +++++++++++++++++++++++++++----------------------------
 1 file changed, 53 insertions(+), 54 deletions(-)

diff --git a/index.js b/index.js
index d703031..17b6f31 100644
--- a/index.js
+++ b/index.js
@@ -1,16 +1,15 @@
 // git-tag
 
-var fs = require('fs')
-var exec = require('child_process').exec
-var semver = require('semver')
+var exec = require("child_process").exec;
+var semver = require("semver");
 
-var callback = function(cb, err, res) {
-  if (typeof cb !== 'function') return
-  cb.length === 2 ? cb(err, res) : cb(res)
-}
+var callback = function (cb, err, res) {
+  if (typeof cb !== "function") return;
+  cb.length === 2 ? cb(err, res) : cb(res);
+};
 
-module.exports = function(options) {
-  options = options || {}
+module.exports = function (options) {
+  options = options || {};
 
   var get = function () {
     var cb;
@@ -22,76 +21,76 @@ module.exports = function(options) {
       args = arguments[0];
     }
     if (options.dir) {
-      var cmd = 'git -C ' + options.dir + ' tag -l ' + args
+      var cmd = "git -C " + options.dir + " tag -l " + args;
     } else {
-      var cmd = 'git tag -l ' + args
+      var cmd = "git tag -l " + args;
     }
     if (!options.localOnly) {
       if (options.dir) {
-        cmd = 'git -C ' + options.dir + ' pull origin --tags ' + args + ";" + cmd
+        cmd =
+          "git -C " + options.dir + " pull origin --tags " + args + ";" + cmd;
       } else {
-        cmd = 'git pull origin --tags ' + args + ";" + cmd
+        cmd = "git pull origin --tags " + args + ";" + cmd;
       }
     }
     exec(cmd, function (err, res) {
-      if (err) return callback(cb, err, [])
-      res = res.replace(/^\s+|\s+$/g, '').split(/\n/)
+      if (err) return callback(cb, err, []);
+      res = res.replace(/^\s+|\s+$/g, "").split(/\n/);
       try {
-        res = res.sort(semver.compare)
-      } catch (e) { }
-      callback(cb, err, res)
-    })
-  }
+        res = res.sort(semver.compare);
+      } catch (e) {}
+      callback(cb, err, res);
+    });
+  };
+
+  var create = function (name, msg, cb) {
+    msg = typeof msg === "string" ? msg : "";
 
-  var create = function(name, msg, cb) {
-    msg = typeof msg === 'string' ? msg : ''
-    
     if (options.dir) {
-      var cmd = 'git -C '+options.dir+' tag -a ' + name + ' -m "' + msg + '"'
-    }else{
-      var cmd = 'git tag -a ' + name + ' -m "' + msg + '"'
+      var cmd =
+        "git -C " + options.dir + " tag -a " + name + ' -m "' + msg + '"';
+    } else {
+      var cmd = "git tag -a " + name + ' -m "' + msg + '"';
     }
     if (!options.localOnly) {
-      
       if (options.dir) {
-        cmd += '; git -C '+options.dir+' push origin --tags'
-      }else{
-        cmd += '; git push origin --tags'
-      }  
+        cmd += "; git -C " + options.dir + " push origin --tags";
+      } else {
+        cmd += "; git push origin --tags";
+      }
     }
-    exec(cmd, function(err){
-      callback(cb, err, name)
-    })
-  }
+    exec(cmd, function (err) {
+      callback(cb, err, name);
+    });
+  };
 
-  var remove = function(name, cb) {
-    
+  var remove = function (name, cb) {
     if (options.dir) {
-      var cmd = 'git -C '+options.dir+' tag -d ' + name
-    }else{
-      var cmd = 'git tag -d ' + name
+      var cmd = "git -C " + options.dir + " tag -d " + name;
+    } else {
+      var cmd = "git tag -d " + name;
     }
     if (!options.localOnly) {
       if (options.dir) {
-        cmd += '; git -C '+options.dir+' push origin :refs/tags/' + name
-      }else{
-        cmd += '; git push origin :refs/tags/' + name
+        cmd += "; git -C " + options.dir + " push origin :refs/tags/" + name;
+      } else {
+        cmd += "; git push origin :refs/tags/" + name;
       }
     }
-    exec(cmd, function(err){
-      callback(cb, err, name)
-    })
-  }
+    exec(cmd, function (err) {
+      callback(cb, err, name);
+    });
+  };
 
   var Tag = {
     create: create,
     remove: remove,
     all: get,
-    latest: function(cb) {
-      exec('git describe --abbrev=0 --tags', function(err, res){
-        callback(cb, err, res.trim())
-      })
+    latest: function (cb) {
+      exec("git describe --abbrev=0 --tags", function (err, res) {
+        callback(cb, err, res.trim());
+      });
     }
-  }
-  return Tag
-}
+  };
+  return Tag;
+};

From 0e56b9ace3cc459544e66b09793b1d550a0a0f3c Mon Sep 17 00:00:00 2001
From: luisfuentech <luisfuentes.au@gmail.com>
Date: Fri, 11 Aug 2023 08:36:14 -0500
Subject: [PATCH 3/4] chore: add changelog file

---
 CHANGELOG.md | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 CHANGELOG.md

diff --git a/CHANGELOG.md b/CHANGELOG.md
new file mode 100644
index 0000000..2359e43
--- /dev/null
+++ b/CHANGELOG.md
@@ -0,0 +1,16 @@
+# 0.3.0 - 2023-08-11
+
+Notes:
+
+- An update of the dependencies is performed to eliminate security alerts.
+
+### Issue
+
+- [semver vulnerable to Regular Expression Denial of Service #7
+  ](https://github.com/cutsin/git-tag/issues/7)
+
+### Changes
+
+- The `semver` dependency has been upgraded
+- The `CHANGELOG` file has been added
+- The `fs` module has been removed

From 5f1dde1f6709efeb9095f3d4e26b0a159280c1ca Mon Sep 17 00:00:00 2001
From: luisfuentech <luisfuentes.au@gmail.com>
Date: Fri, 11 Aug 2023 08:45:10 -0500
Subject: [PATCH 4/4] chore: add pull request in changelog. Update package.json
 version

---
 CHANGELOG.md | 2 +-
 package.json | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2359e43..4487ae0 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,7 +2,7 @@
 
 Notes:
 
-- An update of the dependencies is performed to eliminate security alerts.
+- An update of the dependencies is performed to eliminate security alerts [Pull request #8](https://github.com/cutsin/git-tag/pull/8).
 
 ### Issue
 
diff --git a/package.json b/package.json
index e193f19..17976a0 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "git-tag",
-  "version": "0.2.0",
+  "version": "0.3.0",
   "description": "simply command 'git tag' wrapper",
   "main": "index.js",
   "scripts": {