From e99710116d015ca47b5cbe114710fdf93fabfe61 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 28 Mar 2022 11:16:07 +0000
Subject: [PATCH] fix(deps): update dependency simple-git to v3 [security]
 (#6305)

---
 cypress/plugins/common.js                     |  2 +-
 package.json                                  |  2 +-
 .../netlify-cms-proxy-server/package.json     |  2 +-
 .../src/middlewares/localGit/index.spec.ts    |  4 ++--
 .../src/middlewares/localGit/index.ts         | 19 ++++++++++---------
 yarn.lock                                     | 10 +++++-----
 6 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/cypress/plugins/common.js b/cypress/plugins/common.js
index 3432611d..f7add144 100644
--- a/cypress/plugins/common.js
+++ b/cypress/plugins/common.js
@@ -1,5 +1,5 @@
 const path = require('path');
-const simpleGit = require('simple-git/promise');
+const { default: simpleGit } = require('simple-git');
 
 const GIT_SSH_COMMAND = 'ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no';
 const GIT_SSL_NO_VERIFY = true;
diff --git a/package.json b/package.json
index ab729fc0..e22f2ad1 100644
--- a/package.json
+++ b/package.json
@@ -157,7 +157,7 @@
     "react-test-renderer": "^16.8.4",
     "rehype": "^7.0.0",
     "rimraf": "^3.0.0",
-    "simple-git": "^2.0.0",
+    "simple-git": "^3.0.0",
     "start-server-and-test": "^1.7.11",
     "stylelint": "^14.5.3",
     "stylelint-config-standard-scss": "^3.0.0",
diff --git a/packages/netlify-cms-proxy-server/package.json b/packages/netlify-cms-proxy-server/package.json
index 3b42e08c..9d3f9065 100644
--- a/packages/netlify-cms-proxy-server/package.json
+++ b/packages/netlify-cms-proxy-server/package.json
@@ -28,7 +28,7 @@
     "dotenv": "^10.0.0",
     "express": "^4.17.1",
     "morgan": "^1.9.1",
-    "simple-git": "^2.0.0",
+    "simple-git": "^3.0.0",
     "what-the-diff": "^0.6.0",
     "winston": "^3.3.3"
   },
diff --git a/packages/netlify-cms-proxy-server/src/middlewares/localGit/index.spec.ts b/packages/netlify-cms-proxy-server/src/middlewares/localGit/index.spec.ts
index 01bea1b1..c1345761 100644
--- a/packages/netlify-cms-proxy-server/src/middlewares/localGit/index.spec.ts
+++ b/packages/netlify-cms-proxy-server/src/middlewares/localGit/index.spec.ts
@@ -7,7 +7,7 @@ import type Joi from '@hapi/joi';
 import type express from 'express';
 
 jest.mock('netlify-cms-lib-util', () => jest.fn());
-jest.mock('simple-git/promise');
+jest.mock('simple-git');
 
 function assetFailure(result: Joi.ValidationResult, expectedMessage: string) {
   const { error } = result;
@@ -22,7 +22,7 @@ const defaultParams = {
 };
 
 describe('localGitMiddleware', () => {
-  const simpleGit = require('simple-git/promise');
+  const simpleGit = require('simple-git');
 
   const git = {
     checkIsRepo: jest.fn(),
diff --git a/packages/netlify-cms-proxy-server/src/middlewares/localGit/index.ts b/packages/netlify-cms-proxy-server/src/middlewares/localGit/index.ts
index 9a642aba..a6c7a1b3 100644
--- a/packages/netlify-cms-proxy-server/src/middlewares/localGit/index.ts
+++ b/packages/netlify-cms-proxy-server/src/middlewares/localGit/index.ts
@@ -10,7 +10,7 @@ import {
   parseContentKey,
 } from 'netlify-cms-lib-util/src/APIUtils';
 import { parse } from 'what-the-diff';
-import simpleGit from 'simple-git/promise';
+import simpleGit from 'simple-git';
 import { Mutex, withTimeout } from 'async-mutex';
 
 import { defaultSchema, joi } from '../joi';
@@ -40,8 +40,9 @@ import type {
 } from '../types';
 import type express from 'express';
 import type winston from 'winston';
+import type { SimpleGit } from 'simple-git';
 
-async function commit(git: simpleGit.SimpleGit, commitMessage: string) {
+async function commit(git: SimpleGit, commitMessage: string) {
   await git.add('.');
   await git.commit(commitMessage, undefined, {
     // setting the value to a string passes name=value
@@ -51,12 +52,12 @@ async function commit(git: simpleGit.SimpleGit, commitMessage: string) {
   });
 }
 
-async function getCurrentBranch(git: simpleGit.SimpleGit) {
+async function getCurrentBranch(git: SimpleGit) {
   const currentBranch = await git.branchLocal().then(summary => summary.current);
   return currentBranch;
 }
 
-async function runOnBranch<T>(git: simpleGit.SimpleGit, branch: string, func: () => Promise<T>) {
+async function runOnBranch<T>(git: SimpleGit, branch: string, func: () => Promise<T>) {
   const currentBranch = await getCurrentBranch(git);
   try {
     if (currentBranch !== branch) {
@@ -79,7 +80,7 @@ type GitOptions = {
 };
 
 async function commitEntry(
-  git: simpleGit.SimpleGit,
+  git: SimpleGit,
   repoPath: string,
   dataFiles: DataFile[],
   assets: Asset[],
@@ -103,7 +104,7 @@ async function commitEntry(
   await commit(git, commitMessage);
 }
 
-async function rebase(git: simpleGit.SimpleGit, branch: string) {
+async function rebase(git: SimpleGit, branch: string) {
   const gpgSign = await git.raw(['config', 'commit.gpgsign']);
   try {
     if (gpgSign === 'true') {
@@ -117,7 +118,7 @@ async function rebase(git: simpleGit.SimpleGit, branch: string) {
   }
 }
 
-async function merge(git: simpleGit.SimpleGit, from: string, to: string) {
+async function merge(git: SimpleGit, from: string, to: string) {
   const gpgSign = await git.raw(['config', 'commit.gpgsign']);
   try {
     if (gpgSign === 'true') {
@@ -131,12 +132,12 @@ async function merge(git: simpleGit.SimpleGit, from: string, to: string) {
   }
 }
 
-async function isBranchExists(git: simpleGit.SimpleGit, branch: string) {
+async function isBranchExists(git: SimpleGit, branch: string) {
   const branchExists = await git.branchLocal().then(({ all }) => all.includes(branch));
   return branchExists;
 }
 
-async function getDiffs(git: simpleGit.SimpleGit, source: string, dest: string) {
+async function getDiffs(git: SimpleGit, source: string, dest: string) {
   const rawDiff = await git.diff([source, dest]);
   const diffs = parse(rawDiff).map(d => {
     const oldPath = d.oldPath?.replace(/b\//, '') || '';
diff --git a/yarn.lock b/yarn.lock
index a577d3ae..c90e589e 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -16439,14 +16439,14 @@ signal-exit@^3.0.0, signal-exit@^3.0.2, signal-exit@^3.0.3, signal-exit@^3.0.7:
   resolved "https://registry.yarnpkg.com/signal-exit/-/signal-exit-3.0.7.tgz#a9a1767f8af84155114eaabd73f99273c8f59ad9"
   integrity sha512-wnD2ZE+l+SPC/uoS0vXeE9L1+0wuaMqKlfz9AMUo38JsyLSBWSFcHR1Rri62LZc12vLr1gb3jl7iwQhgwpAbGQ==
 
-simple-git@^2.0.0:
-  version "2.48.0"
-  resolved "https://registry.yarnpkg.com/simple-git/-/simple-git-2.48.0.tgz#87c262dba8f84d7b96bb3a713e9e34701c1f6e3b"
-  integrity sha512-z4qtrRuaAFJS4PUd0g+xy7aN4y+RvEt/QTJpR184lhJguBA1S/LsVlvE/CM95RsYMOFJG3NGGDjqFCzKU19S/A==
+simple-git@^3.0.0:
+  version "3.4.0"
+  resolved "https://registry.yarnpkg.com/simple-git/-/simple-git-3.4.0.tgz#dea49dfafbc16a67b26221917fca1caaeb976e4a"
+  integrity sha512-sBRdudUc1yvi0xQQPuHXc1L9gTWkRn4hP2bbc7q4BTxR502d3JJAGsDOhrmsBY+wAZAw5JLl82tx55fSWYE65w==
   dependencies:
     "@kwsites/file-exists" "^1.1.1"
     "@kwsites/promise-deferred" "^1.1.1"
-    debug "^4.3.2"
+    debug "^4.3.3"
 
 simple-html-tokenizer@^0.1.1:
   version "0.1.1"