From 495953242872ee7ff75cdfbb065bb684cc547efe Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 30 Mar 2022 02:01:08 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306 --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 3aea329..f092b3a 100644 --- a/package-lock.json +++ b/package-lock.json @@ -162,9 +162,9 @@ } }, "debug": { - "version": "4.3.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.1.tgz", - "integrity": "sha512-doEwdvm4PCeK4K3RQN2ZC2BYUBaxwLARCqZmMjtF8a51J2Rb0xpVloFRnCODwqjpwnAoao4pelN8l3RJdv3gRQ==", + "version": "4.3.4", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz", + "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==", "requires": { "ms": "2.1.2" } @@ -252,13 +252,13 @@ "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==" }, "simple-git": { - "version": "2.40.0", - "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-2.40.0.tgz", - "integrity": "sha512-7IO/eQwrN5kvS38TTu9ljhG9tx2nn0BTqZOmqpPpp51TvE44YIvLA6fETqEVA8w/SeEfPaVv6mk7Tsk9Jns+ag==", + "version": "3.5.0", + "resolved": "https://registry.npmjs.org/simple-git/-/simple-git-3.5.0.tgz", + "integrity": "sha512-fZsaq5nzdxQRhMNs6ESGLpMUHoL5GRP+boWPhq9pMYMKwOGZV2jHOxi8AbFFA2Y/6u4kR99HoULizSbpzaODkA==", "requires": { "@kwsites/file-exists": "^1.1.1", "@kwsites/promise-deferred": "^1.1.1", - "debug": "^4.3.1" + "debug": "^4.3.3" } }, "topo": { diff --git a/package.json b/package.json index 539e476..62ab06a 100644 --- a/package.json +++ b/package.json @@ -13,7 +13,7 @@ "dependencies": { "@actions/core": "^1.4.0", "@actions/github": "^5.0.0", - "simple-git": "^2.40.0", + "simple-git": "^3.5.0", "xml2json": "^0.12.0" }, "devDependencies": {