HBASE-28308 Bump gitpython from 3.1.37 to 3.1.41 in /dev-support/flaky-tests #5616

dependabot · 2024-01-10T16:56:22Z

Bumps gitpython from 3.1.37 to 3.1.41.

Release notes

3.1.41 - fix Windows security issue

The details about the Windows security issue can be found in this advisory.

Special thanks go to @EliahKagan who reported the issue and fixed it in a single stroke, while being responsible for an incredible amount of improvements that he contributed over the last couple of months ❤️.

What's Changed

Add __all__ in git.exc by @EliahKagan in gitpython-developers/GitPython#1719

Set submodule update cadence to weekly by @EliahKagan in gitpython-developers/GitPython#1721

Never modify sys.path by @EliahKagan in gitpython-developers/GitPython#1720

Bump git/ext/gitdb from 8ec2390 to ec58b7e by @dependabot in gitpython-developers/GitPython#1722

Revise comments, docstrings, some messages, and a bit of code by @EliahKagan in gitpython-developers/GitPython#1725

Use zero-argument super() by @EliahKagan in gitpython-developers/GitPython#1726

Remove obsolete note in _iter_packed_refs by @EliahKagan in gitpython-developers/GitPython#1727

Reorganize test_util and make xfail marks precise by @EliahKagan in gitpython-developers/GitPython#1729

Clarify license and make module top comments more consistent by @EliahKagan in gitpython-developers/GitPython#1730

Deprecate compat.is_, rewriting all uses by @EliahKagan in gitpython-developers/GitPython#1732

Revise and restore some module docstrings by @EliahKagan in gitpython-developers/GitPython#1735

Make the rmtree callback Windows-only by @EliahKagan in gitpython-developers/GitPython#1739

List all non-passing tests in test summaries by @EliahKagan in gitpython-developers/GitPython#1740

Document some minor subtleties in test_util.py by @EliahKagan in gitpython-developers/GitPython#1749

Always read metadata files as UTF-8 in setup.py by @EliahKagan in gitpython-developers/GitPython#1748

Test native Windows on CI by @EliahKagan in gitpython-developers/GitPython#1745

Test macOS on CI by @EliahKagan in gitpython-developers/GitPython#1752

Let close_fds be True on all platforms by @EliahKagan in gitpython-developers/GitPython#1753

Fix IndexFile.from_tree on Windows by @EliahKagan in gitpython-developers/GitPython#1751

Remove unused TASKKILL fallback in AutoInterrupt by @EliahKagan in gitpython-developers/GitPython#1754

Don't return with operand when conceptually void by @EliahKagan in gitpython-developers/GitPython#1755

Group .gitignore entries by purpose by @EliahKagan in gitpython-developers/GitPython#1758

Adding dubious ownership handling by @marioaag in gitpython-developers/GitPython#1746

Avoid brittle assumptions about preexisting temporary files in tests by @EliahKagan in gitpython-developers/GitPython#1759

Overhaul noqa directives by @EliahKagan in gitpython-developers/GitPython#1760

Clarify some Git.execute kill_after_timeout limitations by @EliahKagan in gitpython-developers/GitPython#1761

Bump actions/setup-python from 4 to 5 by @dependabot in gitpython-developers/GitPython#1763

Don't install black on Cygwin by @EliahKagan in gitpython-developers/GitPython#1766

Extract all "import gc" to module level by @EliahKagan in gitpython-developers/GitPython#1765

Extract remaining local "import gc" to module level by @EliahKagan in gitpython-developers/GitPython#1768

Replace xfail with gc.collect in TestSubmodule.test_rename by @EliahKagan in gitpython-developers/GitPython#1767

Enable CodeQL by @EliahKagan in gitpython-developers/GitPython#1769

Replace some uses of the deprecated mktemp function by @EliahKagan in gitpython-developers/GitPython#1770

Bump github/codeql-action from 2 to 3 by @dependabot in gitpython-developers/GitPython#1773

Run some Windows environment variable tests only on Windows by @EliahKagan in gitpython-developers/GitPython#1774

Fix TemporaryFileSwap regression where file_path could not be Path by @EliahKagan in gitpython-developers/GitPython#1776

Improve hooks tests by @EliahKagan in gitpython-developers/GitPython#1777

Fix if items of Index is of type PathLike by @stegm in gitpython-developers/GitPython#1778

Better document IterableObj.iter_items and improve some subclasses by @EliahKagan in gitpython-developers/GitPython#1780

Revert "Don't install black on Cygwin" by @EliahKagan in gitpython-developers/GitPython#1783

Add missing pip in $PATH on Cygwin CI by @EliahKagan in gitpython-developers/GitPython#1784

Shorten Iterable docstrings and put IterableObj first by @EliahKagan in gitpython-developers/GitPython#1785

Fix incompletely revised Iterable/IterableObj docstrings by @EliahKagan in gitpython-developers/GitPython#1786

Pre-deprecate setting Git.USE_SHELL by @EliahKagan in gitpython-developers/GitPython#1782

... (truncated)

Commits

f288738 bump patch level
ef3192c Merge pull request #1792 from EliahKagan/popen
1f3caa3 Further clarify comment in test_hook_uses_shell_not_from_cwd
3eb7c2a Move safer_popen from git.util to git.cmd
c551e91 Extract shared logic for using Popen safely on Windows
15ebb25 Clarify comment in test_hook_uses_shell_not_from_cwd
f44524a Avoid spurious "location may have moved" on Windows
a42ea0a Cover absent/no-distro bash.exe in hooks "not from cwd" test
7751436 Extract venv management from test_installation
66ff4c1 Omit CWD in search for bash.exe to run hooks on Windows
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.37 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](gitpython-developers/GitPython@3.1.37...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

Apache-HBase · 2024-01-10T17:12:02Z

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
+0 🆗	reexec	0m 23s	Docker mode activated.
-0 ⚠️	yetus	0m 3s	Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --whitespace-eol-ignore-list --whitespace-tabs-ignore-list --quick-hadoopcheck
		_ Prechecks _
		_ master Compile Tests _
+0 🆗	mvndep	0m 12s	Maven dependency ordering for branch
		_ Patch Compile Tests _
+0 🆗	mvndep	0m 3s	Maven dependency ordering for patch
		_ Other Tests _
		1m 19s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-5616/1/artifact/yetus-jdk8-hadoop3-check/output/Dockerfile
GITHUB PR	#5616
Optional Tests
uname	Linux e8a30c8ebf4f 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	master / `0db4231`
Max. process+thread count	30 (vs. ulimit of 30000)
modules	C: U:
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-5616/1/console
versions	git=2.34.1 maven=3.8.6
Powered by	Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

Apache-HBase · 2024-01-10T17:12:11Z

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
+0 🆗	reexec	0m 33s	Docker mode activated.
-0 ⚠️	yetus	0m 3s	Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --whitespace-eol-ignore-list --whitespace-tabs-ignore-list --quick-hadoopcheck
		_ Prechecks _
		_ master Compile Tests _
+0 🆗	mvndep	0m 11s	Maven dependency ordering for branch
		_ Patch Compile Tests _
+0 🆗	mvndep	0m 4s	Maven dependency ordering for patch
		_ Other Tests _
		1m 37s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-5616/1/artifact/yetus-jdk11-hadoop3-check/output/Dockerfile
GITHUB PR	#5616
Optional Tests
uname	Linux d2aeee91fe2b 5.4.0-166-generic #183-Ubuntu SMP Mon Oct 2 11:28:33 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	master / `0db4231`
Max. process+thread count	39 (vs. ulimit of 30000)
modules	C: U:
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-5616/1/console
versions	git=2.34.1 maven=3.8.6
Powered by	Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

Apache-HBase · 2024-01-10T17:13:33Z

🎊 +1 overall

Vote	Subsystem	Runtime	Comment
+0 🆗	reexec	0m 32s	Docker mode activated.
		_ Prechecks _
+1 💚	dupname	0m 0s	No case conflicting files found.
+1 💚	@author	0m 0s	The patch does not contain any @author tags.
		_ master Compile Tests _
+0 🆗	mvndep	0m 11s	Maven dependency ordering for branch
+1 💚	spotless	0m 41s	branch has no errors when running spotless:check.
		_ Patch Compile Tests _
+0 🆗	mvndep	0m 4s	Maven dependency ordering for patch
+1 💚	whitespace	0m 0s	The patch has no whitespace issues.
+1 💚	spotless	0m 38s	patch has no errors when running spotless:check.
		_ Other Tests _
+0 🆗	asflicense	0m 0s	ASF License check generated no output?
		2m 59s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-5616/1/artifact/yetus-general-check/output/Dockerfile
GITHUB PR	#5616
Optional Tests	dupname asflicense spotless
uname	Linux d6d53a69892e 5.4.0-166-generic #183-Ubuntu SMP Mon Oct 2 11:28:33 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	master / `0db4231`
Max. process+thread count	46 (vs. ulimit of 30000)
modules	C: U:
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-5616/1/console
versions	git=2.34.1 maven=3.8.6
Powered by	Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

…y-tests (#5616) Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.37 to 3.1.41. - [Release notes](https://github.com/gitpython-developers/GitPython/releases) - [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES) - [Commits](gitpython-developers/GitPython@3.1.37...3.1.41) --- updated-dependencies: - dependency-name: gitpython dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Duo Zhang <zhangduo@apache.org> (cherry picked from commit d57e4e2)

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jan 10, 2024

Apache9 changed the title ~~Bump gitpython from 3.1.37 to 3.1.41 in /dev-support/flaky-tests~~ HBASE-28308 Bump gitpython from 3.1.37 to 3.1.41 in /dev-support/flaky-tests Jan 13, 2024

Apache9 merged commit d57e4e2 into master Jan 13, 2024
1 check passed

dependabot bot deleted the dependabot/pip/dev-support/flaky-tests/gitpython-3.1.41 branch January 13, 2024 06:50

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

HBASE-28308 Bump gitpython from 3.1.37 to 3.1.41 in /dev-support/flaky-tests #5616

HBASE-28308 Bump gitpython from 3.1.37 to 3.1.41 in /dev-support/flaky-tests #5616

dependabot bot commented on behalf of github Jan 10, 2024

Apache-HBase commented Jan 10, 2024

Apache-HBase commented Jan 10, 2024

Apache-HBase commented Jan 10, 2024

HBASE-28308 Bump gitpython from 3.1.37 to 3.1.41 in /dev-support/flaky-tests #5616

HBASE-28308 Bump gitpython from 3.1.37 to 3.1.41 in /dev-support/flaky-tests #5616

Conversation

dependabot bot commented on behalf of github Jan 10, 2024

3.1.41 - fix Windows security issue

What's Changed

Apache-HBase commented Jan 10, 2024

Apache-HBase commented Jan 10, 2024

Apache-HBase commented Jan 10, 2024