Bump simple-git from 2.48.0 to 3.17.0

[dependabot[bot]]

Bumps simple-git from 2.48.0 to 3.17.0.

Release notes

Sourced from simple-git's releases.

[email protected]

Minor Changes

• a63cfc2: Timeout plugin can now be configured to ignore data on either stdOut or stdErr in the git process when determining whether to kill the spawned process.

[email protected]

Patch Changes

• 066b228: Fix overly permissive regex in push parser

[email protected]

Minor Changes

• 97fde2c: Support the use of -B in place of the default -b in checkout methods
• 0a623e5: Adds vulnerability detection to prevent use of --upload-pack and --receive-pack without explicitly opting in.

Patch Changes

• ec97a39: Include restricting the use of git push --exec with other allowUnsafePack exclusions, thanks to @​stsewd for the suggestion.

[email protected]

Patch Changes

• de570ac: Resolves an issue whereby non-strings can be passed into the config switch detector.

[email protected]

Minor Changes

• 7746480: Disables the use of inline configuration arguments to prevent unitentionally allowing non-standard remote protocols without explicitly opting in to this practice with the new allowUnsafeProtocolOverride property having been enabled.

Patch Changes

• 7746480: - Upgrade repo dependencies - lerna and jest
  • Include node@19 in the test matrix

[email protected]

Patch Changes

• 5a2e7e4: Add version parsing support for non-numeric patches (including "built from source" style 1.11.GIT)

[email protected]

Minor Changes

• 19029fc: Create the abort plugin to allow cancelling all pending and future tasks.
• 4259b26: Add .version to return git version information, including whether the git binary is installed.

[email protected]

Minor Changes

• 87b0d75: Increase the level of deprecation notices for use of simple-git/promise, which will be fully removed in the next major

... (truncated)

Changelog

Sourced from simple-git's changelog.

3.17.0

Minor Changes

• a63cfc2: Timeout plugin can now be configured to ignore data on either stdOut or stdErr in the git process when determining whether to kill the spawned process.

3.16.1

Patch Changes

• 066b228: Fix overly permissive regex in push parser

3.16.0

Minor Changes

• 97fde2c: Support the use of -B in place of the default -b in checkout methods
• 0a623e5: Adds vulnerability detection to prevent use of --upload-pack and --receive-pack without explicitly opting in.

Patch Changes

• ec97a39: Include restricting the use of git push --exec with other allowUnsafePack exclusions, thanks to @​stsewd for the suggestion.

3.15.1

Patch Changes

• de570ac: Resolves an issue whereby non-strings can be passed into the config switch detector.

3.15.0

Minor Changes

• 7746480: Disables the use of inline configuration arguments to prevent unitentionally allowing non-standard remote protocols without explicitly opting in to this practice with the new allowUnsafeProtocolOverride property having been enabled.

Patch Changes

• 7746480: - Upgrade repo dependencies - lerna and jest
  • Include node@19 in the test matrix

3.14.1

Patch Changes

• 5a2e7e4: Add version parsing support for non-numeric patches (including "built from source" style 1.11.GIT)

3.14.0

Minor Changes

... (truncated)

Commits

• 6752835 Version Packages (#903)
• a63cfc2 Fix/timeout progress combo (#900)
• 3a0ac21 Version Packages
• 9971b23 Update push.spec.ts
• d5c11b5 Fix regex in parse-push.ts
• cca9ca7 Add test to show support for using -- * in a git stash push
• e554510 Fix git().pull typo in readme
• 1a12952 Version Packages
• ec97a39 Block unsafe pack (push --exec) (#882)
• 0a623e5 Feat/unsafe pack (#881)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)