Skip to content

Commit

Permalink
Bump gitpython from 3.1.34 to 3.1.35 in /.github/scripts (#111)
Browse files Browse the repository at this point in the history
Bumps [gitpython](https://github.com/gitpython-developers/GitPython)
from 3.1.34 to 3.1.35.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gitpython-developers/GitPython/releases">gitpython's
releases</a>.</em></p>
<blockquote>
<h2>3.1.35 - a fix for CVE-2023-41040</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gitpython-developers/GitPython/pull/1643">gitpython-developers/GitPython#1643</a></li>
<li>Fix 'Tree' object has no attribute '_name' when submodule path is
normal path by <a
href="https://github.com/CosmosAtlas"><code>@​CosmosAtlas</code></a> in
<a
href="https://redirect.github.com/gitpython-developers/GitPython/pull/1645">gitpython-developers/GitPython#1645</a></li>
<li>Fix CVE-2023-41040 by <a
href="https://github.com/facutuesca"><code>@​facutuesca</code></a> in <a
href="https://redirect.github.com/gitpython-developers/GitPython/pull/1644">gitpython-developers/GitPython#1644</a></li>
<li>Only make config more permissive in tests that need it by <a
href="https://github.com/EliahKagan"><code>@​EliahKagan</code></a> in <a
href="https://redirect.github.com/gitpython-developers/GitPython/pull/1648">gitpython-developers/GitPython#1648</a></li>
<li>Added test for PR <a
href="https://redirect.github.com/gitpython-developers/GitPython/issues/1645">#1645</a>
submodule path by <a
href="https://github.com/CosmosAtlas"><code>@​CosmosAtlas</code></a> in
<a
href="https://redirect.github.com/gitpython-developers/GitPython/pull/1647">gitpython-developers/GitPython#1647</a></li>
<li>Fix Windows environment variable upcasing bug by <a
href="https://github.com/EliahKagan"><code>@​EliahKagan</code></a> in <a
href="https://redirect.github.com/gitpython-developers/GitPython/pull/1650">gitpython-developers/GitPython#1650</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/CosmosAtlas"><code>@​CosmosAtlas</code></a>
made their first contribution in <a
href="https://redirect.github.com/gitpython-developers/GitPython/pull/1645">gitpython-developers/GitPython#1645</a></li>
<li><a
href="https://github.com/facutuesca"><code>@​facutuesca</code></a> made
their first contribution in <a
href="https://redirect.github.com/gitpython-developers/GitPython/pull/1644">gitpython-developers/GitPython#1644</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gitpython-developers/GitPython/compare/3.1.34...3.1.35">https://github.com/gitpython-developers/GitPython/compare/3.1.34...3.1.35</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/c8e303ffd3204195fc7f768f7b17dc5bde3dd53f"><code>c8e303f</code></a>
prepare next release</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/09e1b3dbae3437cf3e2c7fb0326128c2e20b372e"><code>09e1b3d</code></a>
Merge pull request <a
href="https://redirect.github.com/gitpython-developers/GitPython/issues/1650">#1650</a>
from EliahKagan/envcase</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/8017421ade3d1058d753e24119d1f7796a84abe6"><code>8017421</code></a>
Merge pull request <a
href="https://redirect.github.com/gitpython-developers/GitPython/issues/1647">#1647</a>
from CosmosAtlas/master</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/fafb4f6651eac242a7e143831fbe23d10beaf89b"><code>fafb4f6</code></a>
updated docs to better describe testing procedure with new repo</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/9da24d46c64eaf4c7db65c0f67324801fafbf30d"><code>9da24d4</code></a>
add test for submodule path not owned by submodule case</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/eebdb25ee6e88d8fce83ea0970bd08f5e5301f65"><code>eebdb25</code></a>
Eliminate duplication of git.util.cwd logic</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/c7fad20be5df0a86636459bf673ff9242a82e1fc"><code>c7fad20</code></a>
Fix Windows env var upcasing regression</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/7296e5c021450743e5fe824e94b830a73eebc4c8"><code>7296e5c</code></a>
Make test helper script a file, for readability</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/d88372a11ac145d92013dcc64b7d21a5a6ad3a91"><code>d88372a</code></a>
Add test for Windows env var upcasing regression</li>
<li><a
href="https://github.com/gitpython-developers/GitPython/commit/11839ab5ce4d721d127283f1d37ca712d0b79027"><code>11839ab</code></a>
Merge pull request <a
href="https://redirect.github.com/gitpython-developers/GitPython/issues/1648">#1648</a>
from EliahKagan/file-protocol</li>
<li>Additional commits viewable in <a
href="https://github.com/gitpython-developers/GitPython/compare/3.1.34...3.1.35">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitpython&package-manager=pip&previous-version=3.1.34&new-version=3.1.35)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
dependabot[bot] authored Sep 12, 2023
1 parent c42b1c8 commit db17f52
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/scripts/requirements.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
GitPython==3.1.34
GitPython==3.1.35

0 comments on commit db17f52

Please sign in to comment.