chore(deps): bump gitpython from 3.1.46 to 3.1.50 in /libs/cua-bench by dependabot[bot] · Pull Request #1466 · trycua/cua

dependabot · 2026-05-09T06:03:34Z

Bumps gitpython from 3.1.46 to 3.1.50.

Release notes

3.1.49 - Security

What's Changed

reject control chars in written values in configuration by @Byron in gitpython-developers/GitPython#2137

Improve pure Python rev-parse coverage and behavior by @Copilot in gitpython-developers/GitPython#2136

Full Changelog: gitpython-developers/GitPython@3.1.48...3.1.49

3.1.48 - Security

Accidentally deleted the previous GH release, it did mention the advisory this fixes.

What's Changed

prevent out-of-repo access when manipulating references. by @Byron in gitpython-developers/GitPython#2134

Full Changelog: gitpython-developers/GitPython@3.1.47...3.1.48

3.1.47 - with security fixes

Advisories

GHSA-rpm5-65cw-6hj4

GHSA-x2qx-6953-8485

What's Changed

Prepare next release by @Byron in gitpython-developers/GitPython#2095

Bump git/ext/gitdb from 335c0f6 to 4c63ee6 by @dependabot[bot] in gitpython-developers/GitPython#2096

DOC: README Add urls and updated a relative url by @Timour-Ilyas in gitpython-developers/GitPython#2098

Fix GitConfigParser ignoring multiple [include] path entries by @daniel7an in gitpython-developers/GitPython#2100

Switch back from Alpine to Debian for WSL by @EliahKagan in gitpython-developers/GitPython#2108

Bump git/ext/gitdb from 4c63ee6 to 5c1b303 by @dependabot[bot] in gitpython-developers/GitPython#2106

Run gc.collect() twice in test_rename on Python 3.12 by @EliahKagan in gitpython-developers/GitPython#2109

fix: guard AutoInterrupt terminate during interpreter shutdown by @lweyrich1 in gitpython-developers/GitPython#2105

Improve CI infrastructure for pre-commit by @EliahKagan in gitpython-developers/GitPython#2110

Bump the pre-commit group with 5 updates by @dependabot[bot] in gitpython-developers/GitPython#2111

Upgrade Sphinx for 3.14 support; drop doc build support on 3.8; test 3.14 by @EliahKagan in gitpython-developers/GitPython#2112

Fix Repo.active_branch resolution for reftable-backed repositories by @Copilot in gitpython-developers/GitPython#2114

docs: warn about GitDB performance with large commits by @mvanhorn in gitpython-developers/GitPython#2115

cmd: fix kwarg formatting in docstring example by @UweSchwaeke in gitpython-developers/GitPython#2117

Bump https://github.com/astral-sh/ruff-pre-commit from v0.15.5 to 0.15.8 in the pre-commit group by @dependabot[bot] in gitpython-developers/GitPython#2122

Add trailer support for commit creation by @Krishnachaitanyakc in gitpython-developers/GitPython#2116

Harden commit trailer subprocess handling and align trailer I/O paths by @Copilot in gitpython-developers/GitPython#2125

git.cmd.Git.execute(..): fix with_stdout=False by @ngie-eign in gitpython-developers/GitPython#2126

Make sure that multi-options are checked after splitting them with shlex by @Byron in gitpython-developers/GitPython#2130

Block unsafe underscored git kwargs / Fix for GHSA-rpm5-65cw-6hj4 by @WesR in gitpython-developers/GitPython#2131

New Contributors

@Timour-Ilyas made their first contribution in gitpython-developers/GitPython#2098

@daniel7an made their first contribution in gitpython-developers/GitPython#2100

@lweyrich1 made their first contribution in gitpython-developers/GitPython#2105

@Copilot made their first contribution in gitpython-developers/GitPython#2114

... (truncated)

Commits

5a294a6 bump version to 3.1.50
d7b029f Merge pull request #2142 from gitpython-developers/fix-validate-config-key-ne...
5453842 Validate config key section names before writing
1085a7c Merge pull request #2128 from meliezer/fix-worktree-git-dir
b7f5fde Merge pull request #2141 from gitpython-developers/dependabot/submodules/git/...
4e8cd45 Bump git/ext/gitdb from 335c0f6 to 53c94d6
9e94459 Merge pull request #2140 from gitpython-developers/dependabot/pre_commit/pre-...
714e2e1 Xfail Windows symlink-capable index mutation test
b17f113 Bump https://github.com/astral-sh/ruff-pre-commit
aee2fd5 bump version to 3.1.49
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.46 to 3.1.50. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](gitpython-developers/GitPython@3.1.46...3.1.50) --- updated-dependencies: - dependency-name: gitpython dependency-version: 3.1.50 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

vercel · 2026-05-09T06:03:39Z

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Actions	Updated (UTC)
docs	Ignored	Preview	May 9, 2026 6:03am

github-actions · 2026-05-09T06:03:44Z