Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

simple-git

Ecosystem:
npm
Package URL:
pkg:npm/simple-git
Total PRs:
1,817 Dependabot PRs
Latest PR:
1 day ago
Unique Repositories:
1,074 repositories
Unique Repos (30 days):
47 repositories
Security Advisories
simple-git is vulnerable to Remote Code Execution
GHSA-hffm-xvc3-vprc CVE-2026-6951 HIGH published about 2 months ago • updated 9 days ago
Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https:...
Command injection in simple-git
GHSA-28xr-mwxg-3qc8 CVE-2022-24066 HIGH published about 4 years ago • updated 8 days ago
`simple-git` (maintained as [git-js](https://github.com/steveukx/git-js) named repository on GitHub) is a light weight interface for running git co...
Command injection in simple-git
GHSA-3f95-r44v-8mrg CVE-2022-24433 HIGH published over 4 years ago • updated 8 days ago
The package simple-git before 3.3.0 is vulnerable to Command Injection via argument injection. When calling the .fetch(remote, branch, handlerFn) f...
simple-git vulnerable to Remote Code Execution when enabling the ext transport protocol
GHSA-9p95-fxvg-qgq2 CVE-2022-25912 HIGH published over 3 years ago • updated 8 days ago
The package simple-git before 3.15.0 is vulnerable to Remote Code Execution (RCE) when enabling the `ext` transport protocol, which makes it exploi...
Remote code execution in simple-git
GHSA-9w5j-4mwv-2wj8 CVE-2022-25860 CRITICAL published over 3 years ago • updated 8 days ago
Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() met...
View all 7 advisories
Recent PRs (filtered by: Closed , Patch PRs )
RSS Feed Clear filter
chore(deps-dev): bump simple-git from 3.32.1 to 3.32.3

jordanleven/force-refresh #838

3.32.1 → 3.32.3 Patch PR
Closed 4 months ago 3 comments
jordanleven
chore(deps): bump the npm-minor-patch group across 1 directory with 25 updates

IsSmallPigPig/TXTech_Voice #3

3.32.2 → 3.32.3 Patch PR
Closed 4 months ago 3 comments
IsSmallPigPig
Bump simple-git from 3.32.2 to 3.32.3

LezWatch/lwtv-underscores #533

3.32.2 → 3.32.3 Patch PR
Closed 4 months ago 1 comment
LezWatch
Bump simple-git from 3.32.2 to 3.32.3

gadget-inc/ggt #2269

3.32.2 → 3.32.3 Patch PR
Closed 4 months ago 1 comment
gadget-inc
Bump simple-git from 2.41.1 to 2.41.2

nidotls/git-log-action #176

2.41.1 → 2.41.2 Patch PR
Closed almost 5 years ago 1 comment
nidotls
Package Details
Name: simple-git
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/simple-git
JSON API: View JSON
Security Advisories

7

Active advisories
CRITICAL 2
HIGH 5
View All npm Advisories
Package Information
Description:

Simple GIT interface for node.js

Repository: https://github.com/steveukx/git-js
Homepage: https://github.com/steveukx/git-js#readme
Latest Release: 3.27.0
over 1 year ago
Dependent Repos: 93,771
Dependent Packages: 4,498
Downloads: 25,432,252
Ranking: Top 0.1094% by dependent repos Top 0.0795% by downloads Top 0.0212% by dependent pkgs
PR Status
Open 990 (54.5%)
Merged 22 (1.2%)
Closed 748 (41.2%)
PR Types
Major 62 (3.4%)
Minor 1,654 (91.0%)
Patch 17 (0.9%)
Removal 22 (1.2%)