This is the gitdb part of the fix for the top-of-file license URLs
that have come to point to a page about a related but different
license from the one GitPython and gitdb are (intended to be)
offered under.

See gitpython-developers/GitPython#1662
for details about the problem and how it came about.

This is the gitdb part of the fix for the top-of-file license URLs
that have come to point to a page about a related but different
license from the one GitPython and gitdb are (intended to be)
offered under.

See gitpython-developers/GitPython#1662
for details about the problem and how it came about.

…opers#1659

When gitpython-developers#1659 was updated to pick up linting configuration changes, it
inadvertently undid one of the URL changes made in gitpython-developers#1662, putting
the URL in the git.exe module back to the one that redirects to a
different BSD license from the one this project uses.

Since only that one module was affected, the fix is simple. This
only changes the URL back; it doesn't undo any other gitpython-developers#1659 changes.

…opers#1659

When gitpython-developers#1659 was updated to pick up linting configuration changes, it
inadvertently undid one of the URL changes made in gitpython-developers#1662, putting
the URL in the git.exc module back to the one that redirects to a
different BSD license from the one this project uses.

Since only that one module was affected, the fix is simple. This
only changes the URL back; it doesn't undo any other gitpython-developers#1659 changes.

Bump gitpython from 3.1.35 to 3.1.37

Bumps gitpython from 3.1.35 to 3.1.37.

Release notes
Sourced from gitpython's releases.

3.1.37 - a proper fix CVE-2023-41040
What's Changed

Improve Python version and OS compatibility, fixing deprecations by @​EliahKagan in gitpython-developers/GitPython#1654
Better document env_case test/fixture and cwd by @​EliahKagan in gitpython-developers/GitPython#1657
Remove spurious executable permissions by @​EliahKagan in gitpython-developers/GitPython#1658
Fix up checks in Makefile and make them portable by @​EliahKagan in gitpython-developers/GitPython#1661
Fix URLs that were redirecting to another license by @​EliahKagan in gitpython-developers/GitPython#1662
Assorted small fixes/improvements to root dir docs by @​EliahKagan in gitpython-developers/GitPython#1663
Use venv instead of virtualenv in test_installation by @​EliahKagan in gitpython-developers/GitPython#1664
Omit py_modules in setup by @​EliahKagan in gitpython-developers/GitPython#1665
Don't track code coverage temporary files by @​EliahKagan in gitpython-developers/GitPython#1666
Configure tox by @​EliahKagan in gitpython-developers/GitPython#1667
Format tests with black and auto-exclude untracked paths by @​EliahKagan in gitpython-developers/GitPython#1668
Upgrade and broaden flake8, fixing style problems and bugs by @​EliahKagan in gitpython-developers/GitPython#1673
Fix rollback bug in SymbolicReference.set_reference by @​EliahKagan in gitpython-developers/GitPython#1675
Remove @NoEffect annotations by @​EliahKagan in gitpython-developers/GitPython#1677
Add more checks for the validity of refnames by @​facutuesca in gitpython-developers/GitPython#1672

Full Changelog: gitpython-developers/GitPython@3.1.36...3.1.37



Commits

b27a89f fix makefile to compare commit hashes only
0bd2890 prepare next release
832b6ee remove unnecessary list comprehension to fix CI
e98f57b Merge pull request #1672 from trail-of-forks/robust-refname-checks
1774f1e Merge pull request #1677 from EliahKagan/no-noeffect
a4701a0 Remove @NoEffect annotations
d40320b Merge pull request #1675 from EliahKagan/rollback
d1c1f31 Merge pull request #1673 from EliahKagan/flake8
e480985 Tweak rollback logic in log.to_file
ff84b26 Refactor try-finally cleanup in git/
Additional commits viewable in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Reviewed-by: Vladimir Vshivkov

This improves the consistency of top-of-module comments as follows:

- All names of the current file are removed. Some included these
  while others didn't. In general, this can be useful information,
  which can remind readers and developers of what the file is and
  may even reduce mistakes. However, in GitPython, many modules
  inside git/ have the same name as other modules in other
  subdirectories of git/. So the presence of filenames would
  often be the same for multiple files, a condition that would be
  intensified if consistency were achieved by adding them
  everywhere. This instead removes them, which should (albeit
  slightly) decrease the risk of confusing modules that have the
  same name as each other.

- All modules (.py files) inside git/ and test/, except for .py
  files that are entirely empty (without even comments) or are
  inside test/fixtures/, now have comments indicating the license
  and linking to it on opensource.org. Previously, some modules
  had this, while others did not.

The comment about the license is short, and does not contain an
explicit copyright statement. No new explicit copyright statements
are added, but some top-of-modules already contained them, and this
does not remove (nor update or otherwise modify) them.

Although explicit copyright statements are not touched, all the
license comments are modified, including where they had previously
appeared, to say "the 3-Clause BSD License" instead of
"the BSD License", since there is no specific license known as the
"BSD License" (and both the 2-clause and 3-clause BSD licenses are
very popular).

This change should not be confused with gitpython-developers#1662, which fixed an
originally correct hyperlink that had come to redirect to a page
about a different license. The change here does not change the link
again. It makes the commented wording more specific, so that it is
clear, even without looking at the link, which BSD license is being
referred to.

This improves the consistency of top-of-module comments as follows:

- All names of the current file are removed. Some included these
  while others didn't. In general, this can be useful information,
  which can remind readers and developers of what the file is and
  may even reduce mistakes. However, in GitPython, many modules
  inside git/ have the same name as other modules in other
  subdirectories of git/. So the presence of filenames would
  often be the same for multiple files, a condition that would be
  intensified if consistency were achieved by adding them
  everywhere. This instead removes them, which should (albeit
  slightly) decrease the risk of confusing modules that have the
  same name as each other.

- All modules (.py files) inside git/ and test/, except for .py
  files that are entirely empty (without even comments) or are
  inside test/fixtures/, now have comments indicating the license
  and linking to it on opensource.org. Previously, some modules
  had this, while others did not.

The comment about the license is short, and does not contain an
explicit copyright statement. No new explicit copyright statements
are added, but some top-of-modules already contained them, and this
does not remove (nor update or otherwise modify) them.

Although explicit copyright statements are not touched, all the
license comments are modified, including where they had previously
appeared, to say "the 3-Clause BSD License" instead of
"the BSD License", since there is no specific license known as the
"BSD License" (and both the 2-clause and 3-clause BSD licenses are
very popular).

This change should not be confused with gitpython-developers#1662, which fixed an
originally correct hyperlink that had come to redirect to a page
about a different license. The change here does not change the link
again. It makes the commented wording more specific, so that it is
clear, even without looking at the link, which BSD license is being
referred to.