Skip to content

chore(deps): bump simple-git from 3.32.3 to 3.33.0#13467

Merged
czubocha merged 1 commit into
mainfrom
dependabot/npm_and_yarn/simple-git-3.33.0
Apr 2, 2026
Merged

chore(deps): bump simple-git from 3.32.3 to 3.33.0#13467
czubocha merged 1 commit into
mainfrom
dependabot/npm_and_yarn/simple-git-3.33.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 1, 2026
edited
Loading

Bumps simple-git from 3.32.3 to 3.33.0.

Release notes

Sourced from simple-git's releases.

simple-git@3.33.0

Minor Changes

  • a263635: Use pathspec wrappers for remote and local paths when running either git.clone or git.mirror to avoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.

Patch Changes

  • e253a0d: Enhanced git -c checks in unsafe plugin.

    Thanks to @​JohannesLks for identifying the issue

Changelog

Sourced from simple-git's changelog.

3.33.0

Minor Changes

  • a263635: Use pathspec wrappers for remote and local paths when running either git.clone or git.mirror to avoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.

Patch Changes

  • e253a0d: Enhanced git -c checks in unsafe plugin.

    Thanks to @​JohannesLks for identifying the issue

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 1, 2026
@Mmarzex
Copy link
Copy Markdown
Contributor

Mmarzex commented Apr 1, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@dependabot
chore(deps): bump simple-git from 3.32.3 to 3.33.0
3ef115c 
Bumps [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git) from 3.32.3 to 3.33.0.
- [Release notes](https://github.com/steveukx/git-js/releases)
- [Changelog](https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md)
- [Commits](https://github.com/steveukx/git-js/commits/simple-git@3.33.0/simple-git)

---
updated-dependencies:
- dependency-name: simple-git
  dependency-version: 3.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/simple-git-3.33.0 branch from 7cd0704 to 3ef115c Compare April 2, 2026 13:03
@czubocha czubocha merged commit 59450e5 into main Apr 2, 2026
8 checks passed
@czubocha czubocha deleted the dependabot/npm_and_yarn/simple-git-3.33.0 branch April 2, 2026 13:16
@github-actions github-actions Bot locked and limited conversation to collaborators Apr 2, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@czubocha czubocha czubocha approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Mmarzex @czubocha