From b752d589a3f70fc64ee612b005e85a1b1cf70782 Mon Sep 17 00:00:00 2001 From: Anan Zhuang Date: Thu, 26 Jan 2023 17:00:09 -0800 Subject: [PATCH] [Manual Backport 1.3]Bumps simple-git from 3.4.0 to 3.15.0 (#3341) Backport PR: https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036 Signed-off-by: Anan Zhuang Signed-off-by: Anan Zhuang --- CHANGELOG.md | 1 + package.json | 2 +- packages/osd-opensearch/package.json | 2 +- yarn.lock | 24 +++++++++++++++++++----- 4 files changed, 22 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 29aaa5f85cff..e31565ee1fae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - [CVE-2022-37601] Bump loader-utils to 2.0.3 ([#2707](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2707)) - [CVE-2022-37599] Bump loader-utils to 2.0.4 ([#2995](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2995)) - [CVE-2022-25901] Bump supertest ([#3222](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3322)) +- [CVE-2022-25912] Bumps simple-git from 3.4.0 to 3.15.0 ([#3036](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3036)) ### 📈 Features/Enhancements diff --git a/package.json b/package.json index 883ea5d3e623..6b41b3836a8f 100644 --- a/package.json +++ b/package.json @@ -468,7 +468,7 @@ "resize-observer-polyfill": "^1.5.0", "sass-lint": "^1.12.1", "selenium-webdriver": "^4.0.0-alpha.7", - "simple-git": "1.116.0", + "simple-git": "^3.15.0", "sinon": "^7.4.2", "strip-ansi": "^6.0.0", "supertest": "^6.3.3", diff --git a/packages/osd-opensearch/package.json b/packages/osd-opensearch/package.json index 52645fe79a84..d8082a68c729 100644 --- a/packages/osd-opensearch/package.json +++ b/packages/osd-opensearch/package.json @@ -22,7 +22,7 @@ "getopts": "^2.2.5", "glob": "^7.1.7", "node-fetch": "^2.6.7", - "simple-git": "1.116.0", + "simple-git": "^3.15.0", "tar-fs": "^2.1.0", "tree-kill": "^1.2.2", "yauzl": "^2.10.0" diff --git a/yarn.lock b/yarn.lock index 63d72c25514a..b2de36de5d3d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1904,6 +1904,18 @@ "@babel/runtime" "^7.7.2" regenerator-runtime "^0.13.3" +"@kwsites/file-exists@^1.1.1": + version "1.1.1" + resolved "https://registry.yarnpkg.com/@kwsites/file-exists/-/file-exists-1.1.1.tgz#ad1efcac13e1987d8dbaf235ef3be5b0d96faa99" + integrity sha512-m9/5YGR18lIwxSFDwfE3oA7bWuq9kdau6ugN4H2rJeyhFQZcG9AgSHkQtSD15a8WvTgfz9aikZMrKPHvbpqFiw== + dependencies: + debug "^4.1.1" + +"@kwsites/promise-deferred@^1.1.1": + version "1.1.1" + resolved "https://registry.yarnpkg.com/@kwsites/promise-deferred/-/promise-deferred-1.1.1.tgz#8ace5259254426ccef57f3175bc64ed7095ed919" + integrity sha512-GaHYm+c0O9MjZRu0ongGBRbinu8gVAMd2UZjji6jVmqKtZluZnptXGWhz1E8j8D2HJ3f/yMxKAUC0b+57wncIw== + "@mapbox/hast-util-table-cell-style@^0.1.3": version "0.1.3" resolved "https://registry.yarnpkg.com/@mapbox/hast-util-table-cell-style/-/hast-util-table-cell-style-0.1.3.tgz#5b7166ae01297d72216932b245e4b2f0b642dca6" @@ -19152,12 +19164,14 @@ signal-exit@^3.0.0, signal-exit@^3.0.2: resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.2.tgz#b5fdc08f1287ea1178628e415e25132b73646c6d" integrity sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0= -simple-git@1.116.0: - version "1.116.0" - resolved "https://registry.yarnpkg.com/simple-git/-/simple-git-1.116.0.tgz#ea6e533466f1e0152186e306e004d4eefa6e3e00" - integrity sha512-Pbo3tceqMYy0j3U7jzMKabOWcx5+67GdgQUjpK83XUxGhA+1BX93UPvlWNzbCRoFwd7EJTyDSCC2XCoT4NTLYQ== +simple-git@^3.15.0: + version "3.16.0" + resolved "https://registry.yarnpkg.com/simple-git/-/simple-git-3.16.0.tgz#421773e24680f5716999cc4a1d60127b4b6a9dec" + integrity sha512-zuWYsOLEhbJRWVxpjdiXl6eyAyGo/KzVW+KFhhw9MqEEJttcq+32jTWSGyxTdf9e/YCohxRE+9xpWFj9FdiJNw== dependencies: - debug "^4.0.1" + "@kwsites/file-exists" "^1.1.1" + "@kwsites/promise-deferred" "^1.1.1" + debug "^4.3.4" simple-swizzle@^0.2.2: version "0.2.2"