The GitPython dependency, which is pinned to 3.1.30 is vulnerable to a Remote Code Execution attack and needs to be updated to version 3.1.32.

Unfortunately, the packages that use pydriller are now forced to ship the vulnerable GitPython, which is not acceptable. Can you please give a timeline when you plan to fix this issue?

See CVE details here: https://osv.dev/vulnerability/GHSA-pr76-5cm5-w9cj

Hi! Unfortunately newer versions of GitPython do not use properly git stat, which breaks many functions in Pydriller. I opened an issue some time ago: gitpython-developers/GitPython#1556

We don't have a fix yet, I'll have to work on it, or someone from the community maybe

New version with GitPython published. Closing this issue.
Thanks!