diff --git a/bandit/cli/baseline.py b/bandit/cli/baseline.py
index 0d65185b3..81b7bdb7e 100644
--- a/bandit/cli/baseline.py
+++ b/bandit/cli/baseline.py
@@ -19,7 +19,10 @@
 import sys
 import tempfile
 
-import git
+try:
+    import git
+except ImportError:
+    git = None
 
 bandit_args = sys.argv[1:]
 baseline_tmp_file = "_bandit_baseline_run.json_"
@@ -198,23 +201,27 @@ def initialize():
     report_fname = f"{report_basename}.{output_format}"
 
     # #################### Check Requirements #################################
-    try:
-        repo = git.Repo(os.getcwd())
+    if git is not None:
+        try:
+            repo = git.Repo(os.getcwd())
 
-    except git.exc.InvalidGitRepositoryError:
-        LOG.error("Bandit baseline must be called from a git project root")
-        valid = False
+        except git.exc.InvalidGitRepositoryError:
+            LOG.error("Bandit baseline must be called from a git project root")
+            valid = False
 
-    except git.exc.GitCommandNotFound:
-        LOG.error("Git command not found")
-        valid = False
+        except git.exc.GitCommandNotFound:
+            LOG.error("Git command not found")
+            valid = False
 
+        else:
+            if repo.is_dirty():
+                LOG.error(
+                    "Current working directory is dirty and must be resolved"
+                )
+                valid = False
     else:
-        if repo.is_dirty():
-            LOG.error(
-                "Current working directory is dirty and must be " "resolved"
-            )
-            valid = False
+        LOG.error("Git not available, reinstall with GitPython extra")
+        valid = False
 
     # if output format is specified, we need to be able to write the report
     if output_format != default_output_format and os.path.exists(report_fname):
diff --git a/doc/source/start.rst b/doc/source/start.rst
index 06a2206a3..b3f2d1f98 100644
--- a/doc/source/start.rst
+++ b/doc/source/start.rst
@@ -31,6 +31,13 @@ If you want to include TOML support, install it with the `toml` extras:
 
     pip install bandit[toml]
 
+If you want to use the bandit-baseline CLI, install it with the `GitPython`
+extras:
+
+.. code-block:: console
+
+    pip install bandit[GitPython]
+
 Run Bandit:
 
 .. code-block:: console
diff --git a/requirements.txt b/requirements.txt
index 289782022..3bc89154a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,6 @@
 # The order of packages is significant, because pip processes them in the order
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
-GitPython>=3.1.30 # BSD License (3 clause)
 PyYAML>=5.3.1 # MIT
 stevedore>=1.20.0 # Apache-2.0
 colorama>=0.3.9;platform_system=="Windows" # BSD License (3 clause)
diff --git a/setup.cfg b/setup.cfg
index 2cd658aad..24920d381 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -38,7 +38,7 @@ toml =
 
 [entry_points]
 console_scripts =
-    bandit = bandit.cli.main:main
+    bandit = bandit.cli.main:main [GitPython]
     bandit-config-generator = bandit.cli.config_generator:main
     bandit-baseline = bandit.cli.baseline:main
 bandit.blacklists =
diff --git a/test-requirements.txt b/test-requirements.txt
index 6c8c57e7f..081b7b513 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -10,3 +10,4 @@ testtools>=2.3.0 # MIT
 tomli>=1.1.0;python_version<"3.11" # MIT
 beautifulsoup4>=4.8.0 # MIT
 pylint==1.9.4 # GPLv2
+GitPython # BSD License (3 clause)