⬆️ [dev]: Bump gitpython from 3.1.31 to 3.1.35

[dependabot[bot]]

Bumps gitpython from 3.1.31 to 3.1.35.

Release notes

Sourced from gitpython's releases.

3.1.35 - a fix for CVE-2023-41040

What's Changed

• Bump actions/checkout from 3 to 4 by @​dependabot in gitpython-developers/GitPython#1643
• Fix 'Tree' object has no attribute '_name' when submodule path is normal path by @​CosmosAtlas in gitpython-developers/GitPython#1645
• Fix CVE-2023-41040 by @​facutuesca in gitpython-developers/GitPython#1644
• Only make config more permissive in tests that need it by @​EliahKagan in gitpython-developers/GitPython#1648
• Added test for PR #1645 submodule path by @​CosmosAtlas in gitpython-developers/GitPython#1647
• Fix Windows environment variable upcasing bug by @​EliahKagan in gitpython-developers/GitPython#1650

New Contributors

• @​CosmosAtlas made their first contribution in gitpython-developers/GitPython#1645
• @​facutuesca made their first contribution in gitpython-developers/GitPython#1644

Full Changelog: https://github.com/gitpython-developers/GitPython/compare/3.1.34...3.1.35

3.1.34 - fix resource leaking

What's Changed

• util: close lockfile after opening successfully by @​skshetry in gitpython-developers/GitPython#1639

New Contributors

• @​skshetry made their first contribution in gitpython-developers/GitPython#1639

Full Changelog: https://github.com/gitpython-developers/GitPython/compare/3.1.33...3.1.34

v3.1.33 - with security fix

What's Changed

• WIP Quick doc by @​LeoDaCoda in gitpython-developers/GitPython#1608
• Partial clean up wrt mypy and black by @​bodograumann in gitpython-developers/GitPython#1617
• Disable merge_includes in config writers by @​bodograumann in gitpython-developers/GitPython#1618
• feat: full typing for "progress" parameter in Repo class by @​madebylydia in gitpython-developers/GitPython#1634
• Fix CVE-2023-40590 by @​EliahKagan in gitpython-developers/GitPython#1636
• #1566 Creating a lock now uses python built-in "open()" method to work arou… by @​HageMaster3108 in gitpython-developers/GitPython#1619

New Contributors

• @​LeoDaCoda made their first contribution in gitpython-developers/GitPython#1608
• @​bodograumann made their first contribution in gitpython-developers/GitPython#1617
• @​EliahKagan made their first contribution in gitpython-developers/GitPython#1636
• @​HageMaster3108 made their first contribution in gitpython-developers/GitPython#1619

Full Changelog: https://github.com/gitpython-developers/GitPython/compare/3.1.32...3.1.33

v3.1.32 - with another security update

What's Changed

• Bump cygwin/cygwin-install-action from 3 to 4 by @​dependabot in gitpython-developers/GitPython#1572
• Fix up the commit trailers functionality by @​itsluketwist in gitpython-developers/GitPython#1576
• Name top-level exceptions as private variables by @​Hawk777 in gitpython-developers/GitPython#1590
• fix pypi long description by @​eUgEntOptIc44 in gitpython-developers/GitPython#1603
• Don't rely on del by @​r-darwish in gitpython-developers/GitPython#1606
• Block insecure non-multi options in clone/clone_from by @​Beuc in gitpython-developers/GitPython#1609

... (truncated)

Commits

• c8e303f prepare next release
• 09e1b3d Merge pull request #1650 from EliahKagan/envcase
• 8017421 Merge pull request #1647 from CosmosAtlas/master
• fafb4f6 updated docs to better describe testing procedure with new repo
• 9da24d4 add test for submodule path not owned by submodule case
• eebdb25 Eliminate duplication of git.util.cwd logic
• c7fad20 Fix Windows env var upcasing regression
• 7296e5c Make test helper script a file, for readability
• d88372a Add test for Windows env var upcasing regression
• 11839ab Merge pull request #1648 from EliahKagan/file-protocol
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #1201.