Skip to content

chore(deps-dev): bump simple-git from 3.33.0 to 3.36.0#1465

Merged
devpow112 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/simple-git-3.36.0
May 23, 2026
Merged

chore(deps-dev): bump simple-git from 3.33.0 to 3.36.0#1465
devpow112 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/simple-git-3.36.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 8, 2026
edited
Loading

Bumps simple-git from 3.33.0 to 3.36.0.

Release notes

Sourced from simple-git's releases.

simple-git@3.36.0

Minor Changes

  • 89a2294: Extend known exploitable configuration keys and per-task environment variables.

    Note - ParsedVulnerabilities from argv-parser is removed in favour of a readonly array of Vulnerability to match usage in simple-git, rolled into the new vulnerabilityCheck for simpler access to the identified issues.

    Thanks to @​zebbern for identifying the need to block core.fsmonitor. Thanks to @​kodareef5 for identifying the need to block GIT_CONFIG_COUNT environment variables and --template / merge related config.

Patch Changes

  • 1ad57e8: Remove conflicting node:buffer import
  • Updated dependencies [89a2294]
  • Updated dependencies [675570a]
    • @​simple-git/argv-parser@​1.1.0
    • @​simple-git/args-pathspec@​1.0.3

simple-git@3.35.2

Patch Changes

  • 0cf9d8c: Improvements for mono-repo publishing pipeline
  • Updated dependencies [0cf9d8c]
    • @​simple-git/args-pathspec@​1.0.2
    • @​simple-git/argv-parser@​1.0.3

simple-git@3.35.1

Patch Changes

  • 0de400e: Update monorepo version handling during publish
  • Updated dependencies [0de400e]
    • @​simple-git/argv-parser@​1.0.2
Changelog

Sourced from simple-git's changelog.

3.36.0

Minor Changes

  • 89a2294: Extend known exploitable configuration keys and per-task environment variables.

    Note - ParsedVulnerabilities from argv-parser is removed in favour of a readonly array of Vulnerability to match usage in simple-git, rolled into the new vulnerabilityCheck for simpler access to the identified issues.

    Thanks to @​zebbern for identifying the need to block core.fsmonitor. Thanks to @​kodareef5 for identifying the need to block GIT_CONFIG_COUNT environment variables and --template / merge related config.

Patch Changes

  • 1ad57e8: Remove conflicting node:buffer import
  • Updated dependencies [89a2294]
  • Updated dependencies [675570a]
    • @​simple-git/argv-parser@​1.1.0
    • @​simple-git/args-pathspec@​1.0.3

3.35.2

Patch Changes

  • 0cf9d8c: Improvements for mono-repo publishing pipeline
  • Updated dependencies [0cf9d8c]
    • @​simple-git/args-pathspec@​1.0.2
    • @​simple-git/argv-parser@​1.0.3

3.35.1

Patch Changes

  • 0de400e: Update monorepo version handling during publish
  • Updated dependencies [0de400e]
    • @​simple-git/argv-parser@​1.0.2

3.35.0

Minor Changes

  • 3d8708b: Updating publish config

Patch Changes

  • Updated dependencies [3d8708b]
    • @​simple-git/args-pathspec@​1.0.1
    • @​simple-git/argv-parser@​1.0.1

3.34.0

... (truncated)

Commits
  • 7dc1a53 Version Packages
  • 76f5376 Merge pull request #1061 from Vinzent03/fix/buffer-import
  • 89a2294 Environment Parsing (#1156)
  • 1b91b76 fix: remove explicit node:buffer import
  • e390685 Version Packages
  • 3c9e4b8 Pin version of @​simple-git/args-pathspec
  • 94ee21f Export pathspec types through simple-git for backward compatibility
  • 6d7cb51 Version Packages
  • 0de400e Switch to semver from workspace revisions
  • 2264722 Version Packages
  • Additional commits viewable in compare view

@dependabot dependabot Bot added auto Opened by an automated process dependencies Pull request that updates a dependency file javascript Pull requests that update JavaScript code labels May 8, 2026
@dependabot dependabot Bot requested a review from devpow112 as a code owner May 8, 2026 00:52
@dependabot dependabot Bot added dependencies Pull request that updates a dependency file auto Opened by an automated process javascript Pull requests that update JavaScript code labels May 8, 2026
@coveralls
Copy link
Copy Markdown

coveralls commented May 8, 2026
edited
Loading

Coverage Report for CI Build 26335710103

Coverage remained the same at 100.0%

Details

  • Coverage remained the same as the base build.
  • Patch coverage: No coverable lines changed in this PR.
  • No coverage regressions found.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

No coverage regressions found.

Coverage Stats

Coverage Status
Relevant Lines: 20
Covered Lines: 20
Line Coverage: 100.0%
Relevant Branches: 1
Covered Branches: 1
Branch Coverage: 100.0%
Branches in Coverage %: Yes
Coverage Strength: 3.05 hits per line
💛 - Coveralls

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/simple-git-3.36.0 branch 5 times, most recently from 9f59b7f to c7b113b Compare May 23, 2026 14:44
@dependabot
chore(deps-dev): bump simple-git from 3.33.0 to 3.36.0
c992c58 
Bumps [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) from 3.33.0 to 3.36.0.
- [Release notes](https://github.com/steveukx/git-js/releases)
- [Changelog](https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md)
- [Commits](https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git)

---
updated-dependencies:
- dependency-name: simple-git
  dependency-version: 3.36.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/simple-git-3.36.0 branch from c7b113b to c992c58 Compare May 23, 2026 14:48
@devpow112 devpow112 enabled auto-merge (rebase) May 23, 2026 14:51
@devpow112 devpow112 merged commit e97b656 into main May 23, 2026
6 checks passed
@devpow112 devpow112 deleted the dependabot/npm_and_yarn/simple-git-3.36.0 branch May 23, 2026 14:51
@devpow112
Copy link
Copy Markdown
Contributor

devpow112 Bot commented May 23, 2026

🎉 This PR is included in version 2.0.22 🎉

The release is available on:

Your semantic-release bot 📦🚀

@devpow112 devpow112 Bot added the released Included in a release label May 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@devpow112 devpow112 devpow112 approved these changes

Assignees

No one assigned

Labels

auto Opened by an automated process dependencies Pull request that updates a dependency file javascript Pull requests that update JavaScript code released Included in a release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@coveralls @devpow112