[Manual Backport 2.5][CVE-2022-25860] Bumps simple-git from 3.15.1 to…

… 3.16.0 Backport PR opensearch-project#3345 Issue Resolved opensearch-project#3329 Signed-off-by: Anan Zhuang <ananzh@amazon.com>
ananzh · Feb 10, 2023 · 28b535e · 28b535e
1 parent ff9c5c8
commit 28b535e
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 8 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 ### Deprecations
 
 ### 🛡 Security
+- [CVE-2022-25860] Bump simple-git from `^3.15.0` to `^3.16.0` ([#3345](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3345))
 
 ### 📈 Features/Enhancements
 
@@ -100,7 +101,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 - Update `leaflet-vega` and fixed its usage ([#3005](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3005))
 
 ### 🔩 Tests
- 
+
 - Correct the linting logic for `no-restricted-path` to ignore trailing slashes ([#3020](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/3020))
 
 ## [2.4.0]
@@ -217,4 +218,4 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 
 - Add @zengyan-amazon as a maintainer ([#2419](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2419))
 - Increment from 2.3 to 2.4. ([#2295](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2295))
-- Add CHANGELOG.md for 2.4.0 ([#2809](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2809))
+- Add CHANGELOG.md for 2.4.0 ([#2809](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2809))
diff --git a/package.json b/package.json
@@ -438,7 +438,7 @@
  "reselect": "^4.0.0",
  "resize-observer-polyfill": "^1.5.1",
  "selenium-webdriver": "^4.0.0-alpha.7",
- "simple-git": "^3.15.0",
+ "simple-git": "^3.16.0",
  "sinon": "^7.4.2",
  "strip-ansi": "^6.0.0",
  "stylelint": "^14.5.2",

diff --git a/packages/osd-opensearch/package.json b/packages/osd-opensearch/package.json
@@ -22,7 +22,7 @@
  "getopts": "^2.2.5",
  "glob": "^7.1.7",
  "node-fetch": "^2.6.7",
- "simple-git": "^3.15.0",
+ "simple-git": "^3.16.0",
  "tar-fs": "^2.1.0",
  "tree-kill": "^1.2.2",
  "yauzl": "^2.10.0"

diff --git a/yarn.lock b/yarn.lock
@@ -15654,10 +15654,10 @@ signal-exit@^3.0.0, signal-exit@^3.0.2, signal-exit@^3.0.3, signal-exit@^3.0.7:
  resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9"
  integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==
 
-simple-git@^3.15.0:
- version "3.15.1"
- resolved "https://registry.yarnpkg.com/simple-git/-/simple-git-3.15.1.tgz#57f595682cb0c2475d5056da078a05c8715a25ef"
- integrity sha512-73MVa5984t/JP4JcQt0oZlKGr42ROYWC3BcUZfuHtT3IHKPspIvL0cZBnvPXF7LL3S/qVeVHVdYYmJ3LOTw4Rg==
+simple-git@^3.16.0:
+ version "3.16.0"
+ resolved "https://registry.yarnpkg.com/simple-git/-/simple-git-3.16.0.tgz#421773e24680f5716999cc4a1d60127b4b6a9dec"
+ integrity sha512-zuWYsOLEhbJRWVxpjdiXl6eyAyGo/KzVW+KFhhw9MqEEJttcq+32jTWSGyxTdf9e/YCohxRE+9xpWFj9FdiJNw==
  dependencies:
  "@kwsites/file-exists" "^1.1.1"
  "@kwsites/promise-deferred" "^1.1.1"