Bump gitpython from 3.1.32 to 3.1.34 in /.github/scripts (#110)

dependabot[bot] · web-flow · commit c42b1c8f9eb4 · 2023-09-05T15:34:38.000+01:00
Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.32 to 3.1.34. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gitpython-developers/GitPython/releases">gitpython's releases</a>.</em></p> <blockquote> <h2>3.1.34 - fix resource leaking</h2> <h2>What's Changed</h2> <ul> <li>util: close lockfile after opening successfully by <a href="https://github.com/skshetry"><code>@​skshetry</code></a> in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1639">gitpython-developers/GitPython#1639</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/skshetry"><code>@​skshetry</code></a> made their first contribution in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1639">gitpython-developers/GitPython#1639</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gitpython-developers/GitPython/compare/3.1.33...3.1.34">https://github.com/gitpython-developers/GitPython/compare/3.1.33...3.1.34</a></p> <h2>v3.1.33 - with security fix</h2> <h2>What's Changed</h2> <ul> <li>WIP Quick doc by <a href="https://github.com/LeoDaCoda"><code>@​LeoDaCoda</code></a> in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1608">gitpython-developers/GitPython#1608</a></li> <li>Partial clean up wrt mypy and black by <a href="https://github.com/bodograumann"><code>@​bodograumann</code></a> in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1617">gitpython-developers/GitPython#1617</a></li> <li>Disable merge_includes in config writers by <a href="https://github.com/bodograumann"><code>@​bodograumann</code></a> in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1618">gitpython-developers/GitPython#1618</a></li> <li>feat: full typing for &quot;progress&quot; parameter in Repo class by <a href="https://github.com/madebylydia"><code>@​madebylydia</code></a> in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1634">gitpython-developers/GitPython#1634</a></li> <li>Fix CVE-2023-40590 by <a href="https://github.com/EliahKagan"><code>@​EliahKagan</code></a> in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1636">gitpython-developers/GitPython#1636</a></li> <li><a href="https://redirect.github.com/gitpython-developers/GitPython/issues/1566">#1566</a> Creating a lock now uses python built-in &quot;open()&quot; method to work arou… by <a href="https://github.com/HageMaster3108"><code>@​HageMaster3108</code></a> in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1619">gitpython-developers/GitPython#1619</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/LeoDaCoda"><code>@​LeoDaCoda</code></a> made their first contribution in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1608">gitpython-developers/GitPython#1608</a></li> <li><a href="https://github.com/bodograumann"><code>@​bodograumann</code></a> made their first contribution in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1617">gitpython-developers/GitPython#1617</a></li> <li><a href="https://github.com/EliahKagan"><code>@​EliahKagan</code></a> made their first contribution in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1636">gitpython-developers/GitPython#1636</a></li> <li><a href="https://github.com/HageMaster3108"><code>@​HageMaster3108</code></a> made their first contribution in <a href="https://redirect.github.com/gitpython-developers/GitPython/pull/1619">gitpython-developers/GitPython#1619</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gitpython-developers/GitPython/compare/3.1.32...3.1.33">https://github.com/gitpython-developers/GitPython/compare/3.1.32...3.1.33</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gitpython-developers/GitPython/commit/2a2ae776825f249a3bb7efd9b08650486226b027"><code>2a2ae77</code></a> prepare patch release</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/47147406a5931e07641385f27e0e018927044c55"><code>4714740</code></a> Merge pull request <a href="https://redirect.github.com/gitpython-developers/GitPython/issues/1639">#1639</a> from skshetry/close-lockfile</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/3e829eb516a60212bae81a6549361be4748e22d7"><code>3e829eb</code></a> util: close lockfile after opening successfully</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/f882cd8422fbb2517eebbf45824eb07951b948f3"><code>f882cd8</code></a> update instructions for how to create a release</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/993f04588aa362fdce7c7f2f0848b5daedd8cb72"><code>993f045</code></a> prepare for next release</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/a1c472bd314f3b2cd3743f2c17bfcf36453c4784"><code>a1c472b</code></a> Merge pull request <a href="https://redirect.github.com/gitpython-developers/GitPython/issues/1619">#1619</a> from HageMaster3108/bugfix/use-python-builtin-open-m...</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/70924c4265c2d3629d978dd7bfc9ab1678d91e7d"><code>70924c4</code></a> Skip now permanently failing test with note on how to fix it</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/8b75434e2c8a082cdeb4971cc6f0ee2bafec45bc"><code>8b75434</code></a> Merge pull request <a href="https://redirect.github.com/gitpython-developers/GitPython/issues/1636">#1636</a> from EliahKagan/cve-2023-40590</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/7611cd909b890b971d23bce3bd4244ad1c381f22"><code>7611cd9</code></a> Don't check form of version number</li> <li><a href="https://github.com/gitpython-developers/GitPython/commit/94e0fb0794b88b78ceed94ff18ee7d68587d890d"><code>94e0fb0</code></a> Add a unit test for CVE-2023-40590</li> <li>Additional commits viewable in <a href="https://github.com/gitpython-developers/GitPython/compare/3.1.32...3.1.34">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gitpython&package-manager=pip&previous-version=3.1.32&new-version=3.1.34)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt
@@ -1 +1 @@
-GitPython==3.1.32
+GitPython==3.1.34
