[Snyk] Upgrade simple-git from 2.7.2 to 3.26.0 #26

WontonSam · 2024-09-23T22:13:23Z

Snyk has created this PR to upgrade simple-git from 2.7.2 to 3.26.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

The recommended version is 90 versions ahead of your current version.
The recommended version was released on 22 days ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Prototype Pollution SNYK-JS-Y18N-1021887	57	Proof of Concept
Code Injection SNYK-JS-LODASH-1040724	57	Proof of Concept
Prototype Pollution SNYK-JS-LODASH-567746	57	Proof of Concept
Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	57	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	57	Proof of Concept
Command Injection SNYK-JS-SIMPLEGIT-2421199	57	Proof of Concept
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') SNYK-JS-SIMPLEGIT-2434306	57	Proof of Concept
Remote Code Execution (RCE) SNYK-JS-SIMPLEGIT-3112221	57	Proof of Concept
Remote Code Execution (RCE) SNYK-JS-SIMPLEGIT-3177391	57	Proof of Concept
Prototype Pollution SNYK-JS-AJV-584908	57	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	57	Proof of Concept
Uncontrolled resource consumption SNYK-JS-BRACES-6838727	57	Proof of Concept
Command Injection SNYK-JS-GITPARSE-1290380	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1085627	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ISSVG-1243891	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	57	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-COLORSTRING-1082939	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	57	Proof of Concept
Regular Expression Denial of Service (ReDoS) npm:debug:20170905	57	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	57	Proof of Concept

Release notes

Package name: simple-git

3.26.0 - 2024-09-01
Minor Changes
- 28d545b: Upgrade build tools and typescript
3.25.0 - 2024-06-10
Minor Changes
- 0a5378d: Add support for parsing count-objects
Patch Changes
- 4aceb15: Upgrade dependencies and build tools
3.24.0 - 2024-03-28
Minor Changes
- c355317: Enable the use of a two part custom binary
3.23.0 - 2024-03-17
Minor Changes
- 9bfdf08: Bump package manager from yarn v1 to v4
Patch Changes
- 8a3118d: Fixed a performance issue when parsing stat diff summaries
- 9f1a174: Update build tools and workflows for Yarn 4 compatibility
3.22.0 - 2023-12-29
Minor Changes
- df14065: add status to DiffResult when using --name-status
3.21.0 - 2023-11-20
Minor Changes
- 709d80e: Add firstCommit utility interface
Patch Changes
- b4ab430: Add trailing callback support to git.firstCommit
- d3f9320: chore(deps): bump @ babel/traverse from 7.9.5 to 7.23.2
- b76857f: chore(deps): bump axios from 1.1.3 to 1.6.1
3.20.0 - 2023-09-23
Minor Changes
- 2eda817: Use pathspec in git.log to allow use of previously deleted files in file argument
3.19.1 - 2023-06-26
Patch Changes
- 2ab1936: keep path splitter without path specs
3.19.0 - 2023-05-24
Minor Changes
- f702b61: Create a utility to append pathspec / file lists to tasks through the TaskOptions array/object
3.18.0 - 2023-04-25
3.17.0 - 2023-03-04
3.16.1 - 2023-02-15
3.16.0 - 2023-01-16
3.15.1 - 2022-11-30
3.15.0 - 2022-11-12
3.14.1 - 2022-09-17
3.14.0 - 2022-09-04
3.13.0 - 2022-08-22
3.12.0 - 2022-08-08
3.11.0 - 2022-07-30
3.10.0 - 2022-06-25
3.9.0 - 2022-06-22
3.8.0 - 2022-06-18
3.7.1 - 2022-04-23
3.7.0 - 2022-04-19
3.6.0 - 2022-04-10
3.5.0 - 2022-03-29
3.4.0 - 2022-03-18
3.3.0 - 2022-03-11
3.2.6 - 2022-02-17
3.2.4 - 2022-02-13
3.1.1 - 2022-01-26
3.1.0 - 2022-01-23
3.0.4 - 2022-01-23
3.0.3 - 2022-01-20
3.0.2 - 2022-01-18
3.0.1 - 2022-01-18
2.48.0 - 2021-12-01
2.47.1 - 2021-11-29
2.47.0 - 2021-10-19
2.46.0 - 2021-09-29
2.45.1 - 2021-09-04
2.45.0 - 2021-08-27
2.44.0 - 2021-08-14
2.43.0 - 2021-08-13
2.42.0 - 2021-07-31
2.41.2 - 2021-07-29
2.41.1 - 2021-07-11
2.41.0 - 2021-07-11
2.40.0 - 2021-06-14
2.39.1 - 2021-06-09
2.39.0 - 2021-05-13
2.38.1 - 2021-05-10
2.38.0 - 2021-04-14
2.37.0 - 2021-03-15
2.36.2 - 2021-03-11
2.36.1 - 2021-03-07
2.36.0 - 2021-03-03
2.35.2 - 2021-02-23
2.35.1 - 2021-02-19
2.35.0 - 2021-02-16
2.34.2 - 2021-02-07
2.32.0 - 2021-02-04
2.31.0 - 2020-12-17
2.30.0 - 2020-12-16
2.29.0 - 2020-12-15
2.28.0 - 2020-12-15
2.27.0 - 2020-12-11
2.26.0 - 2020-12-09
2.25.0 - 2020-12-08
2.24.0 - 2020-11-27
2.23.0 - 2020-11-20
2.22.0 - 2020-11-13
2.21.0 - 2020-10-07
2.20.1 - 2020-08-24
2.20.0 - 2020-08-24
2.19.0 - 2020-08-21
2.18.0 - 2020-08-19
2.17.0 - 2020-08-03
2.16.0 - 2020-08-02
2.15.0 - 2020-07-23
2.14.0 - 2020-07-20
2.13.2 - 2020-07-17
2.13.1 - 2020-07-16
2.13.0 - 2020-07-16
2.12.0 - 2020-07-08
2.11.0 - 2020-06-25
2.10.0 - 2020-06-23
2.9.0 - 2020-06-20
2.8.0 - 2020-06-19
2.7.2 - 2020-06-18

from simple-git GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"simple-git","from":"2.7.2","to":"3.26.0"}],"env":"prod","hasFixes":true,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-Y18N-1021887","issue_id":"SNYK-JS-Y18N-1021887","priority_score":187,"priority_score_factors":[{"name":"confidentiality","value":"low"},{"name":"integrity","value":"low"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.26941},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Nov 10 2020 15:27:28 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.62},{"name":"likelihood","value":3.31},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-1040724","issue_id":"SNYK-JS-LODASH-1040724","priority_score":239,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"high"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00858},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Feb 15 2021 11:50:50 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":2.44},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Code Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-567746","issue_id":"SNYK-JS-LODASH-567746","priority_score":189,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"low"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01667},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Apr 28 2020 14:59:14 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":7.03},{"name":"likelihood","value":2.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MICROMATCH-6838728","issue_id":"SNYK-JS-MICROMATCH-6838728","priority_score":124,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon May 13 2024 14:42:05 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.06},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Inefficient Regular Expression Complexity"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SEMVER-3247795","issue_id":"SNYK-JS-SEMVER-3247795","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00152},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jun 20 2023 15:39:58 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.64},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SIMPLEGIT-2421199","issue_id":"SNYK-JS-SIMPLEGIT-2421199","priority_score":318,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00558},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 11 2022 14:29:26 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":false},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":98},{"name":"impact","value":9.79},{"name":"likelihood","value":3.24},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SIMPLEGIT-2434306","issue_id":"SNYK-JS-SIMPLEGIT-2434306","priority_score":318,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00559},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Mar 29 2022 14:24:08 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":false},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":98},{"name":"impact","value":9.79},{"name":"likelihood","value":3.24},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SIMPLEGIT-3112221","issue_id":"SNYK-JS-SIMPLEGIT-3112221","priority_score":323,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.02109},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Dec 05 2022 15:30:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":false},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":98},{"name":"impact","value":9.79},{"name":"likelihood","value":3.29},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Remote Code Execution (RCE)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-SIMPLEGIT-3177391","issue_id":"SNYK-JS-SIMPLEGIT-3177391","priority_score":325,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.02564},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Jan 23 2023 14:04:31 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":false},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":98},{"name":"impact","value":9.79},{"name":"likelihood","value":3.31},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Remote Code Execution (RCE)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-AJV-584908","issue_id":"SNYK-JS-AJV-584908","priority_score":165,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0037},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Thu Jul 16 2020 13:58:04 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":9.79},{"name":"likelihood","value":1.68},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Prototype Pollution"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIREGEX-1583908","issue_id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIREGEX-1583908","issue_id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ANSIREGEX-1583908","issue_id":"SNYK-JS-ANSIREGEX-1583908","priority_score":159,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00396},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Sep 12 2021 12:52:37 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BRACES-6838727","issue_id":"SNYK-JS-BRACES-6838727","priority_score":169,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00045},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon May 13 2024 14:36:53 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":5.99},{"name":"likelihood","value":2.81},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Uncontrolled resource consumption"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-GITPARSE-1290380","issue_id":"SNYK-JS-GITPARSE-1290380","priority_score":239,"priority_score_factors":[{"name":"confidentiality","value":"high"},{"name":"integrity","value":"high"},{"name":"availability","value":"high"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"low"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"local"},{"name":"epss","value":0.00677},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri May 07 2021 15:47:38 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":false},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"high"},{"name":"relativePopularityRank","value":96},{"name":"impact","value":9.79},{"name":"likelihood","value":2.44},{"name":"scoreVersion","value":"V5"}],"severity":"high","title":"Command Injection"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ISSVG-1085627","issue_id":"SNYK-JS-ISSVG-1085627","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0021},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Sun Mar 14 2021 15:42:51 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-ISSVG-1243891","issue_id":"SNYK-JS-ISSVG-1243891","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00356},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed May 05 2021 15:35:35 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-LODASH-1018905","issue_id":"SNYK-JS-LODASH-1018905","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00231},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Feb 15 2021 11:50:49 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JS-MINIMATCH-3050818","issue_id":"SNYK-JS-MINIMATCH-3050818","priority_score":45,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00179},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Oct 18 2022 06:29:18 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":1.89},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-PATHPARSE-1077067","issue_id":"SNYK-JS-PATHPARSE-1077067","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00281},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue May 04 2021 08:38:49 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-BROWSERSLIST-1090194","issue_id":"SNYK-JS-BROWSERSLIST-1090194","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00198},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Apr 28 2021 15:14:31 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-COLORSTRING-1082939","issue_id":"SNYK-JS-COLORSTRING-1082939","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.0022},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Fri Mar 12 2021 15:08:05 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.65},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-GLOBPARENT-1016905","issue_id":"SNYK-JS-GLOBPARENT-1016905","priority_score":63,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"low"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.01244},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Jan 12 2021 15:00:42 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"medium"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.67},{"name":"scoreVersion","value":"V5"}],"severity":"medium","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-WORDWRAP-3149973","issue_id":"SNYK-JS-WORDWRAP-3149973","priority_score":57,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00095},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Wed Mar 22 2023 15:02:56 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.42},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"npm:debug:20170905","issue_id":"npm:debug:20170905","priority_score":58,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.00296},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Tue Sep 26 2017 03:55:05 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.43},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Regular Expression Denial of Service (ReDoS)"},{"exploit_maturity":"proof-of-concept","id":"SNYK-JS-MINIMIST-2429795","issue_id":"SNYK-JS-MINIMIST-2429795","priority_score":59,"priority_score_factors":[{"name":"confidentiality","value":"none"},{"name":"integrity","value":"none"},{"name":"availability","value":"low"},{"name":"scope","value":"unchanged"},{"name":"exploitCodeMaturity","value":"proofOfConcept"},{"name":"userInteraction","value":"none"},{"name":"privilegesRequired","value":"none"},{"name":"attackComplexity","value":"high"},{"name":"attackVector","value":"network"},{"name":"epss","value":0.03488},{"name":"isTrending","value":false},{"name":"publicationDate","value":"Mon Mar 21 2022 12:09:35 GMT+0000 (Coordinated Universal Time)"},{"name":"isReachable","value":false},{"name":"isTransitive","value":true},{"name":"isMalicious","value":false},{"name":"businessCriticality","value":"high"},{"name":"relativeImportance","value":"low"},{"name":"relativePopularityRank","value":99},{"name":"impact","value":2.35},{"name":"likelihood","value":2.51},{"name":"scoreVersion","value":"V5"}],"severity":"low","title":"Prototype Pollution"}],"prId":"5280b2ca-5c04-4522-aaef-5a209b02793d","prPublicId":"5280b2ca-5c04-4522-aaef-5a209b02793d","packageManager":"npm","priorityScoreList":[187,239,189,124,159,318,318,323,325,165,159,169,239,63,63,63,45,63,63,63,63,57,58,59],"projectPublicId":"1747a2fb-43af-4fcf-b6a7-ec57cebd4d8a","projectUrl":"https://app.snyk.io/org/cachiman/project/1747a2fb-43af-4fcf-b6a7-ec57cebd4d8a?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JS-Y18N-1021887","SNYK-JS-LODASH-1040724","SNYK-JS-LODASH-567746","SNYK-JS-MICROMATCH-6838728","SNYK-JS-SEMVER-3247795","SNYK-JS-SIMPLEGIT-2421199","SNYK-JS-SIMPLEGIT-2434306","SNYK-JS-SIMPLEGIT-3112221","SNYK-JS-SIMPLEGIT-3177391","SNYK-JS-AJV-584908","SNYK-JS-ANSIREGEX-1583908","SNYK-JS-ANSIREGEX-1583908","SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BRACES-6838727","SNYK-JS-GITPARSE-1290380","SNYK-JS-ISSVG-1085627","SNYK-JS-ISSVG-1243891","SNYK-JS-LODASH-1018905","SNYK-JS-MINIMATCH-3050818","SNYK-JS-PATHPARSE-1077067","SNYK-JS-BROWSERSLIST-1090194","SNYK-JS-COLORSTRING-1082939","SNYK-JS-GLOBPARENT-1016905","SNYK-JS-WORDWRAP-3149973","npm:debug:20170905","SNYK-JS-MINIMIST-2429795"],"upgradeInfo":{"versionsDiff":90,"publishedDate":"2024-09-01T12:35:26.984Z"},"vulns":["SNYK-JS-Y18N-1021887","SNYK-JS-LODASH-1040724","SNYK-JS-LODASH-567746","SNYK-JS-MICROMATCH-6838728","SNYK-JS-SEMVER-3247795","SNYK-JS-SIMPLEGIT-2421199","SNYK-JS-SIMPLEGIT-2434306","SNYK-JS-SIMPLEGIT-3112221","SNYK-JS-SIMPLEGIT-3177391","SNYK-JS-AJV-584908","SNYK-JS-ANSIREGEX-1583908","SNYK-JS-ANSIREGEX-1583908","SNYK-JS-ANSIREGEX-1583908","SNYK-JS-BRACES-6838727","SNYK-JS-GITPARSE-1290380","SNYK-JS-ISSVG-1085627","SNYK-JS-ISSVG-1243891","SNYK-JS-LODASH-1018905","SNYK-JS-MINIMATCH-3050818","SNYK-JS-PATHPARSE-1077067","SNYK-JS-BROWSERSLIST-1090194","SNYK-JS-COLORSTRING-1082939","SNYK-JS-GLOBPARENT-1016905","SNYK-JS-WORDWRAP-3149973","npm:debug:20170905","SNYK-JS-MINIMIST-2429795"]}'

Snyk has created this PR to upgrade simple-git from 2.7.2 to 3.26.0. See this package in npm: simple-git See this project in Snyk: https://app.snyk.io/org/cachiman/project/1747a2fb-43af-4fcf-b6a7-ec57cebd4d8a?utm_source=github&utm_medium=referral&page=upgrade-pr

google-cla · 2024-09-23T22:13:27Z

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade simple-git from 2.7.2 to 3.26.0 #26

[Snyk] Upgrade simple-git from 2.7.2 to 3.26.0 #26

WontonSam commented Sep 23, 2024

Minor Changes

Minor Changes

Patch Changes

Minor Changes

Minor Changes

Patch Changes

Minor Changes

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Minor Changes

google-cla bot commented Sep 23, 2024

[Snyk] Upgrade simple-git from 2.7.2 to 3.26.0 #26

Are you sure you want to change the base?

[Snyk] Upgrade simple-git from 2.7.2 to 3.26.0 #26

Conversation

WontonSam commented Sep 23, 2024

Snyk has created this PR to upgrade simple-git from 2.7.2 to 3.26.0.

Issues fixed by the recommended upgrade:

Minor Changes

Minor Changes

Patch Changes

Minor Changes

Minor Changes

Patch Changes

Minor Changes

Minor Changes

Patch Changes

Minor Changes

Patch Changes

Minor Changes

google-cla bot commented Sep 23, 2024