Skip to content

chore(deps): bump gitpython from 3.1.50 to 3.1.51#1148

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/gitpython-3.1.51
Open

chore(deps): bump gitpython from 3.1.50 to 3.1.51#1148
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/gitpython-3.1.51

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps gitpython from 3.1.50 to 3.1.51.

Release notes

Sourced from gitpython's releases.

3.1.51 - Security

What's Changed

New Contributors

Full Changelog: gitpython-developers/GitPython@3.1.50...3.1.51

Commits
  • 7b0764d bump to v3.1.51
  • af027be Merge pull request #2163 from gitpython-developers/fix-unguarded-blame
  • 701ce32 fix: Guard unsafe git command options (GHSA-956x-8gvw-wg5v)
  • 65a7283 Merge pull request #2168 from gitpython-developers/advisory-fix-1
  • 3e59876 Merge pull request #2169 from gitpython-developers/fix-config-assert
  • f033017 chore: avoid duplicate runs of CI in PRs
  • 1551238 fix: allow relative config paths with includes (#2103)
  • 5680608 fix: reject joined unsafe short options
  • 181e8ed Address review feedback about unsafe option abbreviations
  • 40f1424 Add Commit.is_shallow property; document stats() limitation at shallow bounda...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.50 to 3.1.51.
- [Release notes](https://github.com/gitpython-developers/GitPython/releases)
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES)
- [Commits](gitpython-developers/GitPython@3.1.50...3.1.51)

---
updated-dependencies:
- dependency-name: gitpython
  dependency-version: 3.1.51
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 13, 2026
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 13, 2026
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants