From d1366ac847432666cfa591f50a8e220c736c661a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 23 Jan 2023 23:12:28 +0000 Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SIMPLEGIT-3177391 --- package.json | 2 +- yarn.lock | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/package.json b/package.json index f2ee151..f1dacd5 100644 --- a/package.json +++ b/package.json @@ -48,7 +48,7 @@ "pg": "~8.3.3", "pkg-install": "~1.0.0", "query-string": "^6.13.6", - "simple-git": "~3.5.0", + "simple-git": "~3.16.0", "tslib": "^1", "words-to-numbers": "~1.5.1", "ws": "~7.4.6" diff --git a/yarn.lock b/yarn.lock index 09de3f8..dd6e561 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1669,7 +1669,7 @@ debug@^4.0.1, debug@^4.1.0, debug@^4.1.1: dependencies: ms "2.1.2" -debug@^4.3.3: +debug@^4.3.4: version "4.3.4" resolved "https://registry.yarnpkg.com/debug/-/debug-4.3.4.tgz#1319f6579357f2338d3337d2cdd4914bb5dcc865" integrity sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ== @@ -5047,14 +5047,14 @@ simple-get@^2.7.0: once "^1.3.1" simple-concat "^1.0.0" -simple-git@~3.5.0: - version "3.5.0" - resolved "https://registry.yarnpkg.com/simple-git/-/simple-git-3.5.0.tgz#3c3538f4d7a1b3c8f3904412b12740bdcad9c8b1" - integrity sha512-fZsaq5nzdxQRhMNs6ESGLpMUHoL5GRP+boWPhq9pMYMKwOGZV2jHOxi8AbFFA2Y/6u4kR99HoULizSbpzaODkA== +simple-git@~3.16.0: + version "3.16.0" + resolved "https://registry.yarnpkg.com/simple-git/-/simple-git-3.16.0.tgz#421773e24680f5716999cc4a1d60127b4b6a9dec" + integrity sha512-zuWYsOLEhbJRWVxpjdiXl6eyAyGo/KzVW+KFhhw9MqEEJttcq+32jTWSGyxTdf9e/YCohxRE+9xpWFj9FdiJNw== dependencies: "@kwsites/file-exists" "^1.1.1" "@kwsites/promise-deferred" "^1.1.1" - debug "^4.3.3" + debug "^4.3.4" sisteransi@^1.0.4: version "1.0.5"