Bump gitpython from 3.1.46 to 3.1.47

[dependabot]

Bumps gitpython from 3.1.46 to 3.1.47.

Release notes

Sourced from gitpython's releases.

3.1.47 - with security fixes

Advisories

• GHSA-rpm5-65cw-6hj4
• GHSA-x2qx-6953-8485

What's Changed

• Prepare next release by @​Byron in gitpython-developers/GitPython#2095
• Bump git/ext/gitdb from 335c0f6 to 4c63ee6 by @​dependabot[bot] in gitpython-developers/GitPython#2096
• DOC: README Add urls and updated a relative url by @​Timour-Ilyas in gitpython-developers/GitPython#2098
• Fix GitConfigParser ignoring multiple [include] path entries by @​daniel7an in gitpython-developers/GitPython#2100
• Switch back from Alpine to Debian for WSL by @​EliahKagan in gitpython-developers/GitPython#2108
• Bump git/ext/gitdb from 4c63ee6 to 5c1b303 by @​dependabot[bot] in gitpython-developers/GitPython#2106
• Run gc.collect() twice in test_rename on Python 3.12 by @​EliahKagan in gitpython-developers/GitPython#2109
• fix: guard AutoInterrupt terminate during interpreter shutdown by @​lweyrich1 in gitpython-developers/GitPython#2105
• Improve CI infrastructure for pre-commit by @​EliahKagan in gitpython-developers/GitPython#2110
• Bump the pre-commit group with 5 updates by @​dependabot[bot] in gitpython-developers/GitPython#2111
• Upgrade Sphinx for 3.14 support; drop doc build support on 3.8; test 3.14 by @​EliahKagan in gitpython-developers/GitPython#2112
• Fix Repo.active_branch resolution for reftable-backed repositories by @​Copilot in gitpython-developers/GitPython#2114
• docs: warn about GitDB performance with large commits by @​mvanhorn in gitpython-developers/GitPython#2115
• cmd: fix kwarg formatting in docstring example by @​UweSchwaeke in gitpython-developers/GitPython#2117
• Bump https://github.com/astral-sh/ruff-pre-commit from v0.15.5 to 0.15.8 in the pre-commit group by @​dependabot[bot] in gitpython-developers/GitPython#2122
• Add trailer support for commit creation by @​Krishnachaitanyakc in gitpython-developers/GitPython#2116
• Harden commit trailer subprocess handling and align trailer I/O paths by @​Copilot in gitpython-developers/GitPython#2125
• git.cmd.Git.execute(..): fix with_stdout=False by @​ngie-eign in gitpython-developers/GitPython#2126
• Make sure that multi-options are checked after splitting them with shlex by @​Byron in gitpython-developers/GitPython#2130
• Block unsafe underscored git kwargs / Fix for GHSA-rpm5-65cw-6hj4 by @​WesR in gitpython-developers/GitPython#2131

New Contributors

• @​Timour-Ilyas made their first contribution in gitpython-developers/GitPython#2098
• @​daniel7an made their first contribution in gitpython-developers/GitPython#2100
• @​lweyrich1 made their first contribution in gitpython-developers/GitPython#2105
• @​Copilot made their first contribution in gitpython-developers/GitPython#2114
• @​mvanhorn made their first contribution in gitpython-developers/GitPython#2115
• @​UweSchwaeke made their first contribution in gitpython-developers/GitPython#2117
• @​Krishnachaitanyakc made their first contribution in gitpython-developers/GitPython#2116
• @​ngie-eign made their first contribution in gitpython-developers/GitPython#2126
• @​WesR made their first contribution in gitpython-developers/GitPython#2131

Full Changelog: gitpython-developers/GitPython@3.1.46...3.1.47

Commits

• 4199cb8 bump version to 3.1.47
• 0f68db0 Merge pull request #2131 from WesR/main
• 43d92de git.cmd: harden unsafe option canonicalization and isolate push test cases
• 9aed7cf linter fix
• 1421958 Block unsafe underscored git kwargs / Fix for GHSA-rpm5-65cw-6hj4
• da54523 Merge pull request #2130 from gitpython-developers/fix-multi-options
• c9a2678 Make sure that multi-options are checked after splitting them with shlex
• 75e6c6b Merge pull request #2126 from ngie-eign/fix-execute-with_stdout-no-issues
• 6fc4742 test_avoids_changing...: don't leave test artifacts behind
• d966a0d git.cmd.Git.execute(..): fix with_stdout=False
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[kratz00]

@dependabot rebase

[dependabot]

Dependabot does not support your poetry version. Because of this, Dependabot cannot update this pull request.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.