3.1.41 - fix Windows security issue
The details about the Windows security issue can be found in this advisory.
Special thanks go to @EliahKagan who reported the issue and fixed it in a single stroke, while being responsible for an incredible amount of improvements that he contributed over the last couple of months ❤️.
What's Changed
- Add
__all__
in git.exc by @EliahKagan in #1719 - Set submodule update cadence to weekly by @EliahKagan in #1721
- Never modify sys.path by @EliahKagan in #1720
- Bump git/ext/gitdb from
8ec2390
toec58b7e
by @dependabot in #1722 - Revise comments, docstrings, some messages, and a bit of code by @EliahKagan in #1725
- Use zero-argument super() by @EliahKagan in #1726
- Remove obsolete note in _iter_packed_refs by @EliahKagan in #1727
- Reorganize test_util and make xfail marks precise by @EliahKagan in #1729
- Clarify license and make module top comments more consistent by @EliahKagan in #1730
- Deprecate compat.is_, rewriting all uses by @EliahKagan in #1732
- Revise and restore some module docstrings by @EliahKagan in #1735
- Make the rmtree callback Windows-only by @EliahKagan in #1739
- List all non-passing tests in test summaries by @EliahKagan in #1740
- Document some minor subtleties in test_util.py by @EliahKagan in #1749
- Always read metadata files as UTF-8 in setup.py by @EliahKagan in #1748
- Test native Windows on CI by @EliahKagan in #1745
- Test macOS on CI by @EliahKagan in #1752
- Let close_fds be True on all platforms by @EliahKagan in #1753
- Fix IndexFile.from_tree on Windows by @EliahKagan in #1751
- Remove unused TASKKILL fallback in AutoInterrupt by @EliahKagan in #1754
- Don't return with operand when conceptually void by @EliahKagan in #1755
- Group .gitignore entries by purpose by @EliahKagan in #1758
- Adding dubious ownership handling by @marioaag in #1746
- Avoid brittle assumptions about preexisting temporary files in tests by @EliahKagan in #1759
- Overhaul noqa directives by @EliahKagan in #1760
- Clarify some Git.execute kill_after_timeout limitations by @EliahKagan in #1761
- Bump actions/setup-python from 4 to 5 by @dependabot in #1763
- Don't install black on Cygwin by @EliahKagan in #1766
- Extract all "import gc" to module level by @EliahKagan in #1765
- Extract remaining local "import gc" to module level by @EliahKagan in #1768
- Replace xfail with gc.collect in TestSubmodule.test_rename by @EliahKagan in #1767
- Enable CodeQL by @EliahKagan in #1769
- Replace some uses of the deprecated mktemp function by @EliahKagan in #1770
- Bump github/codeql-action from 2 to 3 by @dependabot in #1773
- Run some Windows environment variable tests only on Windows by @EliahKagan in #1774
- Fix TemporaryFileSwap regression where file_path could not be Path by @EliahKagan in #1776
- Improve hooks tests by @EliahKagan in #1777
- Fix if items of Index is of type PathLike by @stegm in #1778
- Better document IterableObj.iter_items and improve some subclasses by @EliahKagan in #1780
- Revert "Don't install black on Cygwin" by @EliahKagan in #1783
- Add missing pip in $PATH on Cygwin CI by @EliahKagan in #1784
- Shorten Iterable docstrings and put IterableObj first by @EliahKagan in #1785
- Fix incompletely revised Iterable/IterableObj docstrings by @EliahKagan in #1786
- Pre-deprecate setting Git.USE_SHELL by @EliahKagan in #1782
- Deprecate Git.USE_SHELL by @EliahKagan in #1787
- In handle_process_output don't forward finalizer result by @EliahKagan in #1788
- Fix mypy warning "Missing return statement" by @EliahKagan in #1789
- Fix two remaining Windows untrusted search path cases by @EliahKagan in #1792
New Contributors
Full Changelog: 3.1.40...3.1.41