Update nbgitpuller requirement from ~=1.2.0 to ~=1.2.1 in /enterprise/redhat/openshift-ai/gaudi/docker

[dependabot]

Updates the requirements on nbgitpuller to permit the latest version.

Changelog

Sourced from nbgitpuller's changelog.

1.2.1 - 2024-03-29

This release provides compatibility with JupyterHub >=4.1.

(full changelog)

Bugs fixed

• 403 on failed auth for EventStream #347 (@​minrk, @​consideRatio)
• include xsrf token in event stream request #346 (@​minrk, @​consideRatio, @​yuvipanda)

Maintenance and upkeep improvements

• Add test for Python 3.12, jupyter_server 1, notebook 5 and 7, and git 2.43 (ubuntu 24.04) #345 (@​consideRatio, @​minrk, @​yuvipanda)

Documentation improvements

• Fix automatic merging link in README.md #328 (@​mathbunnyru, @​manics)
• Add a FAQ entry for 'nbgitpuller link selecting profile options' #322 (@​yuvipanda, @​consideRatio, @​ryanlovett, @​sgibson91)

Contributors to this release

The following people contributed discussions, new ideas, code and documentation contributions, and review. See our definition of contributors.

(GitHub contributors page for this release)

@​balajialg (activity) | @​consideRatio (activity) | @​fomightez (activity) | @​jtpio (activity) | @​manics (activity) | @​mathbunnyru (activity) | @​minrk (activity) | @​ryanlovett (activity) | @​sgibson91 (activity) | @​yuvipanda (activity)

1.2.0 - 2023-08-07

(full changelog)

Enhancements made

• Depend on jupyter-server only, compatibility with jupyter server >= 2, notebook < 7 #240 (@​manics, @​yuvipanda, @​consideRatio, @​akhmerov, @​minrk, @​jtpio)

Bugs fixed

• fix handling of deleted-but-not-staged files with git 2.40 #302 (@​minrk, @​consideRatio, @​yuvipanda)

Maintenance and upkeep improvements

• avoid deprecation warnings in test_api teardown #301 (@​minrk, @​consideRatio, @​yuvipanda)
• redirect gh-pages to readthedocs #298 (@​minrk, @​consideRatio)
• migrate docs to RTD #297 (@​minrk, @​consideRatio, @​yuvipanda, @​frankier)
• Bootstrap pre-commit config, add dependabot config, test py311 #288 (@​consideRatio, @​yuvipanda)
• Fix test_exception_branch_exists #287 (@​a3626a, @​minrk, @​yuvipanda)
• Make tests work with different default branch, or different locale #284 (@​jdmansour, @​yuvipanda)

... (truncated)

Commits

• abed309 Bump to 1.2.1
• 4f837bf Merge pull request #348 from consideRatio/pr/update-nbgitpuller-
• ef354eb Add note about compatibility with jupyterhub 4.1+
• b34002d Add changelog for 1.2.1
• 34f7dee Merge pull request #346 from minrk/xsrf-event-stream
• 79784e0 Merge pull request #347 from minrk/403-on-fail
• bbfd41c 403 on auth failure in EventStream
• 1ceca4a include xsrf token in event stream request
• 518c9c8 Merge pull request #345 from consideRatio/pr/add-test
• a55f65a Test against jupyter_server 1 and notebook 5 and 7
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/nbgitpuller	~> 1.2.1	🟢 5.3	Details Check Score Reason Code-Review 🟢 6 Found 5/8 approved changesets -- score normalized to 6 Maintained 🟢 5 4 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities 🟢 10 0 existing vulnerabilities detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Packaging 🟢 10 packaging workflow detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Manifest Files

enterprise/redhat/openshift-ai/gaudi/docker/requirements.txt

• nbgitpuller@~> 1.2.1
• nbgitpuller@~> 1.2.0

[dependabot]

Superseded by #384.