bump gitpython because of CVE-2023-40267

[philipclaesson]

Gitpython has a vulnerability where it does not block insecure non-multi options in clone and clone_from. This popped up in our vulnerability scanner, so I thought it suggest to bump it.

https://avd.aquasec.com/nvd/2023/cve-2023-40267/

I have a hard time seeing it should pose a real security issue for OPAL users, but who knows. At the very least, it's nice to not get any critical vulnerability reports in vulnerability scanners.

The minor version bump suggest it should be an easy one. Complete changelog here: gitpython-developers/GitPython@3.1.27...3.1.32

Check List (Check all the applicable boxes)

• I sign off on contributing this submission to open-source
• My code follows the code style of this project.
• My change requires changes to the documentation.
• I have updated the documentation accordingly.
• All new and existing tests passed.
• This PR does not contain plagiarized content.
• The title of my pull request is a short description of the requested changes.

Note to reviewers

I am not sure exactly how to test this further than the automated tests. Let me know if you want further action from my side.

I did not get the tests running on my local machine - would need approval on the test run: https://github.com/permitio/opal/actions/runs/5956379336

[netlify]

✅ Deploy Preview for opal-docs canceled.

Name	Link
🔨 Latest commit	aca303a
🔍 Latest deploy log	https://app.netlify.com/sites/opal-docs/deploys/64e67291df922b00082c4c80

[orweis]

Thanks @philipclaesson ! :)
@asafc / @roekatz what do you think ?