chore(deps): bump simple-git from 3.25.0 to 3.36.0 in /examples/vue/nuxt-3-catchall

[dependabot]

Bumps simple-git from 3.25.0 to 3.36.0.

Release notes

Sourced from simple-git's releases.

simple-git@3.36.0

Minor Changes

• 89a2294: Extend known exploitable configuration keys and per-task environment variables.

  Note - ParsedVulnerabilities from argv-parser is removed in favour of a readonly array of Vulnerability to match usage in simple-git, rolled into the new vulnerabilityCheck for simpler access to the identified issues.

  Thanks to @​zebbern for identifying the need to block core.fsmonitor. Thanks to @​kodareef5 for identifying the need to block GIT_CONFIG_COUNT environment variables and --template / merge related config.

Patch Changes

• 1ad57e8: Remove conflicting node:buffer import
• Updated dependencies [89a2294]
• Updated dependencies [675570a]
  • @​simple-git/argv-parser@​1.1.0
  • @​simple-git/args-pathspec@​1.0.3

simple-git@3.35.2

Patch Changes

• 0cf9d8c: Improvements for mono-repo publishing pipeline
• Updated dependencies [0cf9d8c]
  • @​simple-git/args-pathspec@​1.0.2
  • @​simple-git/argv-parser@​1.0.3

simple-git@3.35.1

Patch Changes

• 0de400e: Update monorepo version handling during publish
• Updated dependencies [0de400e]
  • @​simple-git/argv-parser@​1.0.2

simple-git@3.33.0

Minor Changes

• a263635: Use pathspec wrappers for remote and local paths when running either git.clone or git.mirror to avoid leaving them less open for unexpected outcomes when passing unsanitised data into these tasks.

Patch Changes

• e253a0d: Enhanced git -c checks in unsafe plugin.

  Thanks to @​JohannesLks for identifying the issue

simple-git@3.32.3

Patch Changes

• f704208: Enhanced protocol.allow checks in allowUnsafeExtProtocol handling.

... (truncated)

Changelog

Sourced from simple-git's changelog.

3.36.0

Minor Changes

• 89a2294: Extend known exploitable configuration keys and per-task environment variables.

  Note - ParsedVulnerabilities from argv-parser is removed in favour of a readonly array of Vulnerability to match usage in simple-git, rolled into the new vulnerabilityCheck for simpler access to the identified issues.

  Thanks to @​zebbern for identifying the need to block core.fsmonitor. Thanks to @​kodareef5 for identifying the need to block GIT_CONFIG_COUNT environment variables and --template / merge related config.

Patch Changes

• 1ad57e8: Remove conflicting node:buffer import
• Updated dependencies [89a2294]
• Updated dependencies [675570a]
  • @​simple-git/argv-parser@​1.1.0
  • @​simple-git/args-pathspec@​1.0.3

3.35.2

Patch Changes

• 0cf9d8c: Improvements for mono-repo publishing pipeline
• Updated dependencies [0cf9d8c]
  • @​simple-git/args-pathspec@​1.0.2
  • @​simple-git/argv-parser@​1.0.3

3.35.1

Patch Changes

• 0de400e: Update monorepo version handling during publish
• Updated dependencies [0de400e]
  • @​simple-git/argv-parser@​1.0.2

3.35.0

Minor Changes

• 3d8708b: Updating publish config

Patch Changes

• Updated dependencies [3d8708b]
  • @​simple-git/args-pathspec@​1.0.1
  • @​simple-git/argv-parser@​1.0.1

3.34.0

... (truncated)

Commits

• 7dc1a53 Version Packages
• 76f5376 Merge pull request #1061 from Vinzent03/fix/buffer-import
• 89a2294 Environment Parsing (#1156)
• 1b91b76 fix: remove explicit node:buffer import
• e390685 Version Packages
• 3c9e4b8 Pin version of @​simple-git/args-pathspec
• 94ee21f Export pathspec types through simple-git for backward compatibility
• 6d7cb51 Version Packages
• 0de400e Switch to semver from workspace revisions
• 2264722 Version Packages
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for simple-git since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

Note

Low Risk
Lockfile-only dependency bump in an example app; main risk is potential tooling/CI behavior changes from updated simple-git and transitive packages.

Overview
Bumps simple-git from 3.25.0 to 3.36.0 in examples/vue/nuxt-3-catchall via package-lock.json.

This pulls in new transitive deps @simple-git/args-pathspec and @simple-git/argv-parser, and updates debug (and ms) versions accordingly, with minor lockfile deduping/cleanup.

^{Reviewed by Cursor Bugbot for commit ec62c4b. Bugbot is set up for automated code reviews on this repo. Configure here.}

[changeset-bot]

⚠️ No Changeset found

Latest commit: ec62c4b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[nx-cloud]

View your CI Pipeline Execution ↗ for commit ec62c4b

Command	Status	Duration	Result
nx test @e2e/gen1-remix	✅ Succeeded	7m 51s	View ↗
nx test @e2e/qwik-city	✅ Succeeded	7m 51s	View ↗
nx test @e2e/angular-17	✅ Succeeded	6m 49s	View ↗
nx test @e2e/nextjs-sdk-next-app	✅ Succeeded	6m 45s	View ↗
nx test @e2e/react-native-74	✅ Succeeded	6m 18s	View ↗
nx test @e2e/nuxt	✅ Succeeded	5m 38s	View ↗
nx test @e2e/react-sdk-next-15-app	✅ Succeeded	5m 16s	View ↗
nx test @e2e/svelte	✅ Succeeded	4m 54s	View ↗
Additional runs (37)	✅ Succeeded	...	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-04-13 17:36:57 UTC

[nx-cloud]

View your CI Pipeline Execution ↗ for commit ec62c4b

Command	Status	Duration	Result
nx test @e2e/react-native-74	✅ Succeeded	6m 18s	View ↗
nx test @e2e/nuxt	✅ Succeeded	5m 38s	View ↗
nx test @e2e/react-sdk-next-15-app	✅ Succeeded	5m 16s	View ↗
nx test @e2e/svelte	✅ Succeeded	4m 54s	View ↗
nx test @e2e/hydrogen	✅ Succeeded	5m 9s	View ↗
nx test @e2e/angular-19-ssr	✅ Succeeded	5m 7s	View ↗
nx test @e2e/angular-17-ssr	✅ Succeeded	5m 8s	View ↗
nx test @e2e/gen1-next15-app	✅ Succeeded	4m 44s	View ↗
Additional runs (33)	✅ Succeeded	...	View ↗

---

☁️ Nx Cloud last updated this comment at 2026-04-13 17:27:43 UTC