Anomaly: 3.1.50 has no GitHub release.
Every prior GitPython version follows a consistent release pattern:
3.1.46 → GitHub release ✅ + PyPI ✅
3.1.47 → GitHub release ✅ + PyPI ✅
3.1.48 → GitHub release ✅ + PyPI ✅
3.1.49 → GitHub release ✅ + PyPI ✅
3.1.50 → GitHub release ❌ (tag only) + PyPI ✅
The 3.1.50 tag exists and a PyPI package was published on May 6, 2026, but there is no corresponding GitHub release entry with release notes. This is a significant deviation from the established release process.
The GHSA ID for 3.1.50 is GHSA-mv93-w799-cj2w
Why this matters for supply chain security:
A PyPI package can be published by anyone with maintainer credentials — the PyPI upload alone does not confirm an intentional, reviewed release by the project maintainers. A proper GitHub release with associated release notes provides the second confirmation that the version was deliberately released via the official process. 3.1.50 lacks that confirmation.
The code commit itself (5453842) appears legitimate (co-authored by @Byron, the original maintainer), but the incomplete release process is a supply chain risk indicator that warrants caution.
I might be being overly cautious, yes.
Anomaly: 3.1.50 has no GitHub release.
Every prior GitPython version follows a consistent release pattern:
3.1.46 → GitHub release ✅ + PyPI ✅
3.1.47 → GitHub release ✅ + PyPI ✅
3.1.48 → GitHub release ✅ + PyPI ✅
3.1.49 → GitHub release ✅ + PyPI ✅
3.1.50 → GitHub release ❌ (tag only) + PyPI ✅
The
3.1.50tag exists and a PyPI package was published on May 6, 2026, but there is no corresponding GitHub release entry with release notes. This is a significant deviation from the established release process.The GHSA ID for
3.1.50is GHSA-mv93-w799-cj2wWhy this matters for supply chain security:
A PyPI package can be published by anyone with maintainer credentials — the PyPI upload alone does not confirm an intentional, reviewed release by the project maintainers. A proper GitHub release with associated release notes provides the second confirmation that the version was deliberately released via the official process. 3.1.50 lacks that confirmation.
The code commit itself (5453842) appears legitimate (co-authored by @Byron, the original maintainer), but the incomplete release process is a supply chain risk indicator that warrants caution.
I might be being overly cautious, yes.