[Snyk] Security upgrade simple-git from 1.132.0 to 3.5.0

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	691/1000 Why? Recently disclosed, Has a fix available, CVSS 8.1	Command Injection SNYK-JS-SIMPLEGIT-2434306	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: simple-git

The new version differs by 250 commits.

• 66c903c Merge pull request Fixing syslog regex issue  Azure/Azure-Sentinel#776 from steveukx/changeset-release/main
• 4fc3747 Version Packages
• 9665dee Merge pull request Feature/logstash mergefix Azure/Azure-Sentinel#775 from steveukx/snyk/clone
• 2040de6 Prevent use of `--upload-pack` as a command in `git.clone` to avoid potential accidental command execution.
• 9bf9baa Merge pull request Adding a set of hunting queries for Azure DevOps Azure/Azure-Sentinel#772 from steveukx/changeset-release/main
• 64c41db Version Packages
• 357b4de Merge pull request Added white preview image and icon to sysmon threat hunting workbook Azure/Azure-Sentinel#771 from steveukx/feat/status-with-nulls
• ed412ef Status Summary should use null terminators to allow files with spaces in their names
• 94c2462 Merge pull request Change the blob name to allow easier sorting Azure/Azure-Sentinel#768 from steveukx/changeset-release/main
• 9113366 Version Packages
• 372efa0 Merge pull request ACNCD_DataConnectors_final Azure/Azure-Sentinel#767 from steveukx/feat/fix-fetch-snyk
• d119ec4 Prevent use of `--upload-pack` as a command in `git.fetch` to avoid potential accidental command execution.
• e4ff627 Merge pull request Oversight on the README format for the deploy to Azure process. Azure/Azure-Sentinel#761 from steveukx/changeset-release/main
• fcc7618 Version Packages
• 7c24bb0 Merge pull request fix read me of play Move-LogAnalytics-to-Storage Azure/Azure-Sentinel#760 from steveukx/fix/project-readme
• 80651d5 Remove pre-publish step of copying `readme.md`, no longer required
• 0d0c198 Merge pull request ActionFailed. An action failed. No dependent actions succeeded. For logic app Get-GitHubAuditEntry( Ingest GitHub AuditLog and API Data) Azure/Azure-Sentinel#759 from steveukx/changeset-release/main
• 6838e24 Version Packages
• d53875f Merge pull request ActionFailed. An action failed. No dependent actions succeeded. For logic app Get-GitHubAuditEntry( Ingest GitHub AuditLog and API Data) Azure/Azure-Sentinel#758 from steveukx/fix/project-readme
• ac4f38f Move workspace readme into the `simple-git` package, symlink to it from the workspace
• e9f0461 Move workspace readme into the `simple-git` package, symlink to it from the workspace
• bcfa6f8 Merge pull request [playbook] RiskIQ playbook to pair with certified data connector Azure/Azure-Sentinel#756 from steveukx/changeset-release/main
• 7a29566 Version Packages
• 50a8a6b Merge pull request Adding two files and moving them into a folder Azure/Azure-Sentinel#755 from steveukx/release-attempt

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.