Bump gitpython from 3.1.30 to 3.1.32 and wake Dependabot (#5481)

[dependabot]

Bumps gitpython from 3.1.30 to 3.1.32.

Release notes

Sourced from gitpython's releases.

v3.1.32 - with another security update

What's Changed

• Bump cygwin/cygwin-install-action from 3 to 4 by @​dependabot in gitpython-developers/GitPython#1572
• Fix up the commit trailers functionality by @​itsluketwist in gitpython-developers/GitPython#1576
• Name top-level exceptions as private variables by @​Hawk777 in gitpython-developers/GitPython#1590
• fix pypi long description by @​eUgEntOptIc44 in gitpython-developers/GitPython#1603
• Don't rely on del by @​r-darwish in gitpython-developers/GitPython#1606
• Block insecure non-multi options in clone/clone_from by @​Beuc in gitpython-developers/GitPython#1609

New Contributors

• @​Hawk777 made their first contribution in gitpython-developers/GitPython#1590
• @​eUgEntOptIc44 made their first contribution in gitpython-developers/GitPython#1603
• @​r-darwish made their first contribution in gitpython-developers/GitPython#1606
• @​Beuc made their first contribution in gitpython-developers/GitPython#1609

Full Changelog: gitpython-developers/GitPython@3.1.31...3.1.32

3.1.31

What's Changed

• Fix Sphinx rendering errors by @​stephan-cr in gitpython-developers/GitPython#1524
• tests: Use command -v instead of third-party which program by @​mgorny in gitpython-developers/GitPython#1525
• fix/add allow_unsafe_* params in docstrings + fix typo by @​obfusk in gitpython-developers/GitPython#1530
• use tempfile.TemporaryDirectory & fix clone_from_unsafe_protocol tests by @​obfusk in gitpython-developers/GitPython#1531
• Fix some resource leaks by open file handles by @​marlamb in gitpython-developers/GitPython#1532
• fix files list on file rename by @​teknoraver in gitpython-developers/GitPython#1537
• Declare support for Python 3.11 by @​hugovk in gitpython-developers/GitPython#1541
• Fix ignored by @​Lightborne in gitpython-developers/GitPython#1545
• Fix timezone parsing functions for non-hour timezones by @​jcowgill in gitpython-developers/GitPython#1547
• Enable user to override default diff -M arg by @​mellowed100 in gitpython-developers/GitPython#1551
• Remove optional from two member variables by @​Sineaggi in gitpython-developers/GitPython#1550
• Fix RecursionError when iterating streams by @​eric-wieser in gitpython-developers/GitPython#1554
• Fix get_values() so it correctly loads section names by @​Codym48 in gitpython-developers/GitPython#1555

New Contributors

• @​stephan-cr made their first contribution in gitpython-developers/GitPython#1524
• @​obfusk made their first contribution in gitpython-developers/GitPython#1530
• @​marlamb made their first contribution in gitpython-developers/GitPython#1532
• @​teknoraver made their first contribution in gitpython-developers/GitPython#1537
• @​Lightborne made their first contribution in gitpython-developers/GitPython#1545
• @​jcowgill made their first contribution in gitpython-developers/GitPython#1547
• @​mellowed100 made their first contribution in gitpython-developers/GitPython#1551
• @​Sineaggi made their first contribution in gitpython-developers/GitPython#1550
• @​Codym48 made their first contribution in gitpython-developers/GitPython#1555

Full Changelog: gitpython-developers/GitPython@3.1.30...3.1.31

Commits

• 5d45ce2 prepare 3.1.32 release
• ca965ec Merge pull request #1609 from Beuc/block-insecure-options-clone-non-multi
• 5c59e0d Block insecure non-multi options in clone/clone_from
• c09a71e Merge pull request #1606 from r-darwish/no-del
• a3859ee fixes
• 8186159 Don't rely on del
• 741edb5 Merge pull request #1603 from eUgEntOptIc44/eugenoptic44-fix-pypi-long-descri...
• 0c543cd Improve readability of README.md
• 9cd7ddb Improve the 'long_description' displayed on pypi
• 6fc11e6 update README to reflect the status quo on git command usage
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Connected issues: #5481

Checklist

Author

• PR is a draft
• Target branch is develop
• Name of PR branch matches issues/<GitHub handle of author>/<issue#>-<slug>
• PR title references all connected issues
• PR title matches¹ that of a connected issue _{or comment in PR explains why they're different}
• For each connected issue, there is at least one commit whose title references that issue
• PR is connected to all connected issues via ZenHub
• PR description links to connected issues
• Added partial label to PR _{or this PR completely resolves all connected issues}

¹ when the issue title describes a problem, the corresponding PR
title is Fix: followed by the issue title

Author (reindex, API changes)

• Added r tag to commit title _{or this PR does not require reindexing}
• Added reindex label to PR _{or this PR does not require reindexing}
• PR and connected issue are labeled API _{or this PR does not modify a REST API}
• Added a (A) tag to commit title for backwards (in)compatible changes _{or this PR does not modify a REST API}
• Updated REST API version number in app.py _{or this PR does not modify a REST API}

Author (chains)

• This PR is blocked by previous PR in the chain _{or this PR is not chained to another PR}
• Added base label to the blocking PR _{or this PR is not chained to another PR}
• Added chained label to this PR _{or this PR is not chained to another PR}

Author (upgrading)

• Documented upgrading of deployments in UPGRADING.rst _{or this PR does not require upgrading}
• Added u tag to commit title _{or this PR does not require upgrading}
• Added upgrade label to PR _{or this PR does not require upgrading}

Author (operator tasks)

• Added checklist items for additional operator tasks _{or this PR does not require additional tasks}

Author (hotfixes)

• Added F tag to main commit title _{or this PR does not include permanent fix for a temporary hotfix}
• Reverted the temporary hotfixes for any connected issues _{or the prod branch has no temporary hotfixes for any connected issues}

Author (before every review)

• Rebased PR branch on develop, squashed old fixups
• Ran make requirements_update _{or this PR does not touch requirements*.txt, common.mk, Makefile and Dockerfile}
• Added R tag to commit title _{or this PR does not touch requirements*.txt}
• Added reqs label to PR _{or this PR does not touch requirements*.txt}
• make integration_test passes in personal deployment _{or this PR does not touch functionality that could break the IT}

Peer reviewer (after requesting changes)

Uncheck the Author (before every review) checklists.

Peer reviewer (after approval)

• PR is not a draft
• Ticket is in Review requested column
• Requested review from primary reviewer
• Assigned PR to primary reviewer

Primary reviewer (after requesting changes)

Uncheck the before every review checklists. Update the N reviews label.

Primary reviewer (after approval)

• Actually approved the PR
• Labeled connected issues as demo or no demo
• Commented on connected issues about demo expectations _{or all connected issues are labeled no demo}
• Decided if PR can be labeled no sandbox
• PR title is appropriate as title of merge commit
• N reviews label is accurate
• Moved ticket to Approved column
• Assigned PR to current operator

Operator (before pushing merge the commit)

• Checked reindex label and r commit title tag
• Checked that demo expectations are clear _{or all connected issues are labeled no demo}
• PR has checklist items for upgrading instructions _{or PR is not labeled upgrade}
• Squashed PR branch and rebased onto develop
• Sanity-checked history
• Pushed PR branch to GitHub
• Pushed PR branch to GitLab dev and added sandbox label _{or PR is labeled no sandbox}
• Pushed PR branch to GitLab anvildev _{or PR is labeled no sandbox}
• Pushed PR branch to GitLab anvilprod _{or PR is labeled no sandbox}
• Build passes in sandbox deployment _{or PR is labeled no sandbox}
• Build passes in anvilbox deployment _{or PR is labeled no sandbox}
• Build passes in hammerbox deployment _{or PR is labeled no sandbox}
• Reviewed build logs for anomalies in sandbox deployment _{or PR is labeled no sandbox}
• Reviewed build logs for anomalies in anvilbox deployment _{or PR is labeled no sandbox}
• Reviewed build logs for anomalies in hammerbox deployment _{or PR is labeled no sandbox}
• Deleted unreferenced indices in sandbox _{or this PR does not remove catalogs or otherwise causes unreferenced indices}
• Deleted unreferenced indices in anvilbox _{or this PR does not remove catalogs or otherwise causes unreferenced indices}
• Deleted unreferenced indices in hammerbox _{or this PR does not remove catalogs or otherwise causes unreferenced indices}
• Started reindex in sandbox _{or this PR does not require reindexing sandbox}
• Started reindex in anvilbox _{or this PR does not require reindexing sandbox}
• Started reindex in hammerbox _{or this PR does not require reindexing sandbox}
• Checked for failures in sandbox _{or this PR does not require reindexing sandbox}
• Checked for failures in anvilbox _{or this PR does not require reindexing sandbox}
• Checked for failures in hammerbox _{or this PR does not require reindexing sandbox}
• Title of merge commit starts with title from this PR
• Added PR reference to merge commit title
• Added commit title tags to merge commit title
• Moved connected issues to Merged column in ZenHub
• Pushed merge commit to GitHub

Operator (chain shortening)

• Changed the target branch of the blocked PR to develop _{or this PR is not labeled base}
• Removed the chained label from the blocked PR _{or this PR is not labeled base}
• Removed the blocking relationship from the blocked PR _{or this PR is not labeled base}
• Removed the base label from this PR _{or this PR is not labeled base}

Operator (after pushing the merge commit)

• Pushed merge commit to GitLab dev _{or PR is labeled no sandbox}
• Pushed merge commit to GitLab anvildev _{or PR is labeled no sandbox}
• Pushed merge commit to GitLab anvilprod _{or PR is labeled no sandbox}
• Build passes on GitLab dev¹
• Reviewed build logs for anomalies on GitLab dev¹
• Build passes on GitLab anvildev¹
• Reviewed build logs for anomalies on GitLab anvildev¹
• Build passes on GitLab anvilprod¹
• Reviewed build logs for anomalies on GitLab anvilprod¹
• Deleted PR branch from GitHub
• Deleted PR branch from GitLab dev
• Deleted PR branch from GitLab anvildev
• Deleted PR branch from GitLab anvilprod

¹ When pushing the merge commit is skipped due to the PR being
labelled no sandbox, the next build triggered by a PR whose merge commit is
pushed determines this checklist item.

Operator (reindex)

• Deleted unreferenced indices in dev _{or this PR does not remove catalogs or otherwise causes unreferenced indices}
• Deleted unreferenced indices in anvildev _{or this PR does not remove catalogs or otherwise causes unreferenced indices}
• Deleted unreferenced indices in anvilprod _{or this PR does not remove catalogs or otherwise causes unreferenced indices}
• Started reindex in dev _{or this PR does not require reindexing}
• Started reindex in anvildev _{or this PR does not require reindexing}
• Started reindex in anvilprod _{or this PR does not require reindexing}
• Checked for and triaged indexing failures in dev _{or this PR does not require reindexing}
• Checked for and triaged indexing failures in anvildev _{or this PR does not require reindexing}
• Checked for and triaged indexing failures in anvilprod _{or this PR does not require reindexing}
• Emptied fail queues in dev deployment _{or this PR does not require reindexing}
• Emptied fail queues in anvildev deployment _{or this PR does not require reindexing}
• Emptied fail queues in anvilprod deployment _{or this PR does not require reindexing}

Operator

• Unassigned PR

Shorthand for review comments

• L line is too long
• W line wrapping is wrong
• Q bad quotes
• F other formatting problem

[codecov]

Codecov Report

Merging #5482 (e11d68a) into develop (9c573f1) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff            @@
##           develop    #5482   +/-   ##
========================================
  Coverage    83.68%   83.68%           
========================================
  Files          152      152           
  Lines        18707    18707           
========================================
  Hits         15655    15655           
  Misses        3052     3052           

[coveralls]

coverage: 83.706%. remained the same when pulling e11d68a on dependabot/pip/gitpython-3.1.32 into 9c573f1 on develop.

[nadove-ucsc]

PR was missing reqs label

[achave11-ucsc]

@nadove-ucsc, PR needs re-approval. PR sat long enough for a transitive dependency to be updated and cause a test failure. I've updated the dependency and force pushed but the last review was dismissed as stale.