Bump gitpython from 3.1.32 to 3.1.37

[dependabot[bot]]

Bumps gitpython from 3.1.32 to 3.1.37.

Release notes

Sourced from gitpython's releases.

3.1.37 - a proper fix CVE-2023-41040

What's Changed

• Improve Python version and OS compatibility, fixing deprecations by @​EliahKagan in gitpython-developers/GitPython#1654
• Better document env_case test/fixture and cwd by @​EliahKagan in gitpython-developers/GitPython#1657
• Remove spurious executable permissions by @​EliahKagan in gitpython-developers/GitPython#1658
• Fix up checks in Makefile and make them portable by @​EliahKagan in gitpython-developers/GitPython#1661
• Fix URLs that were redirecting to another license by @​EliahKagan in gitpython-developers/GitPython#1662
• Assorted small fixes/improvements to root dir docs by @​EliahKagan in gitpython-developers/GitPython#1663
• Use venv instead of virtualenv in test_installation by @​EliahKagan in gitpython-developers/GitPython#1664
• Omit py_modules in setup by @​EliahKagan in gitpython-developers/GitPython#1665
• Don't track code coverage temporary files by @​EliahKagan in gitpython-developers/GitPython#1666
• Configure tox by @​EliahKagan in gitpython-developers/GitPython#1667
• Format tests with black and auto-exclude untracked paths by @​EliahKagan in gitpython-developers/GitPython#1668
• Upgrade and broaden flake8, fixing style problems and bugs by @​EliahKagan in gitpython-developers/GitPython#1673
• Fix rollback bug in SymbolicReference.set_reference by @​EliahKagan in gitpython-developers/GitPython#1675
• Remove @NoEffect annotations by @​EliahKagan in gitpython-developers/GitPython#1677
• Add more checks for the validity of refnames by @​facutuesca in gitpython-developers/GitPython#1672

Full Changelog: https://github.com/gitpython-developers/GitPython/compare/3.1.36...3.1.37

3.1.35 - a fix for CVE-2023-41040

What's Changed

• Bump actions/checkout from 3 to 4 by @​dependabot in gitpython-developers/GitPython#1643
• Fix 'Tree' object has no attribute '_name' when submodule path is normal path by @​CosmosAtlas in gitpython-developers/GitPython#1645
• Fix CVE-2023-41040 by @​facutuesca in gitpython-developers/GitPython#1644
• Only make config more permissive in tests that need it by @​EliahKagan in gitpython-developers/GitPython#1648
• Added test for PR #1645 submodule path by @​CosmosAtlas in gitpython-developers/GitPython#1647
• Fix Windows environment variable upcasing bug by @​EliahKagan in gitpython-developers/GitPython#1650

New Contributors

• @​CosmosAtlas made their first contribution in gitpython-developers/GitPython#1645
• @​facutuesca made their first contribution in gitpython-developers/GitPython#1644

Full Changelog: https://github.com/gitpython-developers/GitPython/compare/3.1.34...3.1.35

3.1.34 - fix resource leaking

What's Changed

• util: close lockfile after opening successfully by @​skshetry in gitpython-developers/GitPython#1639

New Contributors

• @​skshetry made their first contribution in gitpython-developers/GitPython#1639

Full Changelog: https://github.com/gitpython-developers/GitPython/compare/3.1.33...3.1.34

v3.1.33 - with security fix

What's Changed

• WIP Quick doc by @​LeoDaCoda in gitpython-developers/GitPython#1608
• Partial clean up wrt mypy and black by @​bodograumann in gitpython-developers/GitPython#1617
• Disable merge_includes in config writers by @​bodograumann in gitpython-developers/GitPython#1618

... (truncated)

Commits

• b27a89f fix makefile to compare commit hashes only
• 0bd2890 prepare next release
• 832b6ee remove unnecessary list comprehension to fix CI
• e98f57b Merge pull request #1672 from trail-of-forks/robust-refname-checks
• 1774f1e Merge pull request #1677 from EliahKagan/no-noeffect
• a4701a0 Remove @NoEffect annotations
• d40320b Merge pull request #1675 from EliahKagan/rollback
• d1c1f31 Merge pull request #1673 from EliahKagan/flake8
• e480985 Tweak rollback logic in log.to_file
• ff84b26 Refactor try-finally cleanup in git/
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)