dependency: update dependency simple-git to v3.16.0 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
simple-git	3.15.0 -> 3.16.0

GitHub Vulnerability Alerts

CVE-2022-25860

Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sanitization. This vulnerability exists due to an incomplete fix of CVE-2022-25912.

---

Release Notes

steveukx/git-js

v3.16.0

Compare Source

Minor Changes

• 97fde2c: Support the use of -B in place of the default -b in checkout methods
• 0a623e5: Adds vulnerability detection to prevent use of --upload-pack and --receive-pack without explicitly opting in.

Patch Changes

• ec97a39: Include restricting the use of git push --exec with other allowUnsafePack exclusions, thanks to @​stsewd for the suggestion.

v3.15.1

Compare Source

Patch Changes

• de570ac: Resolves an issue whereby non-strings can be passed into the config switch detector.

---

Configuration

📅 Schedule: Branch creation - "" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[cypress]

43 flaky tests on run #43651 ↗︎

0

26717

1276

0

43

Details:

Apply suggestions from code review
Project: cypress	Commit: 1b7d6d8996
Status: Passed	Duration: 20:14 💡
Started: Jan 31, 2023 6:04 PM	Ended: Jan 31, 2023 6:25 PM

  e2e/origin/cookie_behavior.cy.ts • 4 flaky tests • 5x-driver-electron

View Output Video

Test
... > same site / cross origin > XMLHttpRequest > sets cookie on same-site request if withCredentials is true, and attaches to same-site request if withCredentials is true
... > same site / cross origin > fetch > sets same-site cookies if "include" credentials option is specified from request, but does not attach same-site cookies to request by default (same-origin)
... > same site / cross origin > XMLHttpRequest > sets cookie on same-site request if withCredentials is true, and attaches to same-site request if withCredentials is true
... > same site / cross origin > fetch > sets same-site cookies if "include" credentials option is specified from request, but does not attach same-site cookies to request by default (same-origin)

  cypress/cypress.cy.js • 3 flaky tests • 5x-driver-electron

View Output Video

Test
... > correctly returns currentRetry
... > correctly returns currentRetry
... > correctly returns currentRetry

  create-from-component.cy.ts • 2 flaky tests • app-e2e

View Output Video

Test
... > runs generated spec		Screenshot
... > runs generated spec		Screenshot

  specs_list_latest_runs.cy.ts • 1 flaky test • app-e2e

View Output Video

Test
App/Cloud Integration - Latest runs and Average duration > when no runs are recorded > shows placeholders for all visible specs		Screenshot

  cypress-in-cypress.cy.ts • 1 flaky test • app-e2e

View Output Video

Test
Cypress in Cypress > scales the AUT correctly in component		Screenshot

The first 5 flaky specs are shown, see all 21 specs in Cypress Cloud.

_{This comment has been generated by cypress-bot as a result of this project's GitHub integration settings.}

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.
You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.

[cypress-bot]

Released in 12.5.1.

This comment thread has been locked. If you are still experiencing this issue after upgrading to
Cypress v12.5.1, please open a new issue.