Jussi Kukkonen
55dbb53a5b
ngclient: Remove the mention of "single instance"
...
The file locking should make multiple processes safe
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-24 16:22:44 +03:00
Jussi Kukkonen
5f467bba58
ngclient: Refactor lock file implementation
...
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-24 16:21:28 +03:00
Jussi Kukkonen
ba0842ff72
ngclient: Fix the lockfile handling in Windows
...
There does not seem to be a way around a ugly loop over open()...
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-24 15:40:13 +03:00
Jussi Kukkonen
cbe34d956a
tests: Fix check to be compatible with .lock
...
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-24 15:40:13 +03:00
Jussi Kukkonen
ba3adef2b4
ngclient: Move bootstrap root loading inside lock
...
Otherwise another process might delete the file underneath us
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-24 15:40:13 +03:00
Jussi Kukkonen
b63cf71662
lint fixes
...
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-22 19:07:12 +03:00
Jussi Kukkonen
7a8edd9830
ngclient: Advisory locking for artifacts
...
This should prevent issues with multiple processes trying to write at
same time.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-22 18:48:55 +03:00
Jussi Kukkonen
6d666968df
tests: Expand parallel refresh test
...
Use get_targetinfo() so that the delegated role loading is tested as
well
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-22 18:42:50 +03:00
Jussi Kukkonen
eeb59f8484
ngclient: Advisory locking, first draft
...
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-22 18:37:46 +03:00
Jussi Kukkonen
53cc81b11f
Add test for parallel refresh
...
This likely fails on all platforms right now, but the Windows
behaviour cannot be fixed without actual locking.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-22 18:37:38 +03:00
dependabot[bot]
e4e841ffd3
build(deps): bump the test-and-lint-dependencies group with 2 updates ( #2858 )
...
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff ) and [zizmor](https://github.com/zizmorcore/zizmor ).
Updates `ruff` from 0.12.8 to 0.12.9
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.12.8...0.12.9 )
Updates `zizmor` from 1.11.0 to 1.12.1
- [Release notes](https://github.com/zizmorcore/zizmor/releases )
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md )
- [Commits](https://github.com/zizmorcore/zizmor/compare/v1.11.0...v1.12.1 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.12.9
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
- dependency-name: zizmor
dependency-version: 1.12.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-19 14:15:57 +03:00
dependabot[bot]
3c66266d69
build(deps): bump coverage[toml] in the dependencies group ( #2857 )
...
Bumps the dependencies group with 1 update: [coverage[toml]](https://github.com/nedbat/coveragepy ).
Updates `coverage[toml]` from 7.10.3 to 7.10.4
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.10.3...7.10.4 )
---
updated-dependencies:
- dependency-name: coverage[toml]
dependency-version: 7.10.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-19 14:15:48 +03:00
dependabot[bot]
ca979a6abc
build(deps): bump the dependencies group across 1 directory with 7 updates ( #2855 )
...
* build(deps): bump the dependencies group across 1 directory with 7 updates
Bumps the dependencies group with 7 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [cryptography](https://github.com/pyca/cryptography ) | `45.0.5` | `45.0.6` |
| [ruff](https://github.com/astral-sh/ruff ) | `0.12.0` | `0.12.8` |
| [mypy](https://github.com/python/mypy ) | `1.16.1` | `1.17.1` |
| [zizmor](https://github.com/zizmorcore/zizmor ) | `1.9.0` | `1.11.0` |
| [freezegun](https://github.com/spulec/freezegun ) | `1.5.3` | `1.5.5` |
| [build](https://github.com/pypa/build ) | `1.2.2.post1` | `1.3.0` |
| [coverage[toml]](https://github.com/nedbat/coveragepy ) | `7.9.2` | `7.10.3` |
Updates `cryptography` from 45.0.5 to 45.0.6
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/45.0.5...45.0.6 )
Updates `ruff` from 0.12.0 to 0.12.8
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.12.0...0.12.8 )
Updates `mypy` from 1.16.1 to 1.17.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/python/mypy/compare/v1.16.1...v1.17.1 )
Updates `zizmor` from 1.9.0 to 1.11.0
- [Release notes](https://github.com/zizmorcore/zizmor/releases )
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md )
- [Commits](https://github.com/zizmorcore/zizmor/compare/v1.9.0...v1.11.0 )
Updates `freezegun` from 1.5.3 to 1.5.5
- [Release notes](https://github.com/spulec/freezegun/releases )
- [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG )
- [Commits](https://github.com/spulec/freezegun/compare/1.5.3...1.5.5 )
Updates `build` from 1.2.2.post1 to 1.3.0
- [Release notes](https://github.com/pypa/build/releases )
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pypa/build/compare/1.2.2.post1...1.3.0 )
Updates `coverage[toml]` from 7.9.2 to 7.10.3
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.9.2...7.10.3 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 45.0.6
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: ruff
dependency-version: 0.12.8
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: mypy
dependency-version: 1.17.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: zizmor
dependency-version: 1.11.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: freezegun
dependency-version: 1.5.5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: build
dependency-version: 1.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
- dependency-name: coverage[toml]
dependency-version: 7.10.3
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
* lint: Set zizmor to lower pedantry level
pedantic means a little too much churn.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jussi Kukkonen <jkukkonen@google.com>
2025-08-15 12:24:08 +03:00
dependabot[bot]
5f60ee52e5
build(deps): bump the action-dependencies group with 2 updates ( #2856 )
...
Bumps the action-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [actions/download-artifact](https://github.com/actions/download-artifact ).
Updates `actions/checkout` from 4.2.2 to 5.0.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](11bd71901b...08c6903cd8https://github.com/actions/download-artifact/releases )
- [Commits](d3f86a106a...634f93cb29
2025-08-12 11:20:34 +03:00
dependabot[bot]
a01210b4ba
build(deps): bump freezegun in the dependencies group ( #2849 )
...
Bumps the dependencies group with 1 update: [freezegun](https://github.com/spulec/freezegun ).
Updates `freezegun` from 1.5.2 to 1.5.3
- [Release notes](https://github.com/spulec/freezegun/releases )
- [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG )
- [Commits](https://github.com/spulec/freezegun/compare/1.5.2...1.5.3 )
---
updated-dependencies:
- dependency-name: freezegun
dependency-version: 1.5.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-15 09:34:31 +03:00
dependabot[bot]
92dc2a28d4
build(deps): bump the dependencies group with 2 updates ( #2848 )
...
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 45.0.5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: coverage[toml]
dependency-version: 7.9.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-08 10:47:59 +03:00
Lukas Pühringer
961e6f5ed8
Merge pull request #2845 from theupdateframework/dependabot/pip/test-and-lint-dependencies-04bd18a988
...
build(deps): bump ruff from 0.11.13 to 0.12.0 in the test-and-lint-dependencies group
2025-06-24 10:41:55 +02:00
Jussi Kukkonen
88cc98420e
lint fixes
...
Fixes for ruff 0.12
* Tweak some annotations
* Add __hash__() implementations to api classes: These really should be
hashable
* My use of "super().__hash__()" is not very optimized but avoids some
repetition
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-06-24 11:02:09 +03:00
dependabot[bot]
71de7dd956
build(deps): bump urllib3 from 2.4.0 to 2.5.0 in the dependencies group ( #2846 )
...
Bumps the dependencies group with 1 update: [urllib3](https://github.com/urllib3/urllib3 ).
Updates `urllib3` from 2.4.0 to 2.5.0
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/2.4.0...2.5.0 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-version: 2.5.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-24 10:16:39 +03:00
dependabot[bot]
16d1486d9d
build(deps): bump ruff in the test-and-lint-dependencies group
...
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff ).
Updates `ruff` from 0.11.13 to 0.12.0
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.13...0.12.0 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.12.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-06-23 23:10:36 +00:00
Lukas Pühringer
37e6d007ad
Merge pull request #2844 from theupdateframework/dependabot/pip/dependencies-d576f69241
...
build(deps): bump the dependencies group with 2 updates
2025-06-17 09:16:33 +02:00
Lukas Pühringer
e571ef22df
Merge pull request #2843 from theupdateframework/dependabot/pip/test-and-lint-dependencies-80d7b7752b
...
build(deps): bump mypy from 1.16.0 to 1.16.1 in the test-and-lint-dependencies group
2025-06-17 09:14:54 +02:00
dependabot[bot]
c408066c9f
build(deps): bump the dependencies group with 2 updates
...
Bumps the dependencies group with 2 updates: [cryptography](https://github.com/pyca/cryptography ) and [coverage[toml]](https://github.com/nedbat/coveragepy ).
Updates `cryptography` from 45.0.3 to 45.0.4
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/45.0.3...45.0.4 )
Updates `coverage[toml]` from 7.8.2 to 7.9.1
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.8.2...7.9.1 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 45.0.4
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: coverage[toml]
dependency-version: 7.9.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-06-16 22:45:56 +00:00
dependabot[bot]
7ff3af36a4
build(deps): bump mypy in the test-and-lint-dependencies group
...
Bumps the test-and-lint-dependencies group with 1 update: [mypy](https://github.com/python/mypy ).
Updates `mypy` from 1.16.0 to 1.16.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/python/mypy/compare/v1.16.0...v1.16.1 )
---
updated-dependencies:
- dependency-name: mypy
dependency-version: 1.16.1
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-06-16 22:33:39 +00:00
Lukas Pühringer
1ff624da25
Merge pull request #2841 from theupdateframework/dependabot/pip/test-and-lint-dependencies-5490283cf1
...
build(deps): bump ruff from 0.11.12 to 0.11.13 in the test-and-lint-dependencies group
2025-06-10 09:54:23 +02:00
dependabot[bot]
e0f4ef78ad
build(deps): bump ruff in the test-and-lint-dependencies group
...
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff ).
Updates `ruff` from 0.11.12 to 0.11.13
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.12...0.11.13 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.11.13
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-06-09 21:52:33 +00:00
dependabot[bot]
c4df52468e
build(deps): bump the test-and-lint-dependencies group with 3 updates ( #2839 )
...
Bumps the test-and-lint-dependencies group with 3 updates: [ruff](https://github.com/astral-sh/ruff ), [mypy](https://github.com/python/mypy ) and [zizmor](https://github.com/zizmorcore/zizmor ).
Updates `ruff` from 0.11.11 to 0.11.12
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.11...0.11.12 )
Updates `mypy` from 1.15.0 to 1.16.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/python/mypy/compare/v1.15.0...v1.16.0 )
Updates `zizmor` from 1.7.0 to 1.9.0
- [Release notes](https://github.com/zizmorcore/zizmor/releases )
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md )
- [Commits](https://github.com/zizmorcore/zizmor/compare/v1.7.0...v1.9.0 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.11.12
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
- dependency-name: mypy
dependency-version: 1.16.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: test-and-lint-dependencies
- dependency-name: zizmor
dependency-version: 1.9.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-03 12:34:36 +03:00
dependabot[bot]
8f10e91463
build(deps): bump ossf/scorecard-action in the action-dependencies group ( #2840 )
...
Bumps the action-dependencies group with 1 update: [ossf/scorecard-action](https://github.com/ossf/scorecard-action ).
Updates `ossf/scorecard-action` from 2.4.1 to 2.4.2
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](f49aabe0b5...05b42c6244
2025-06-03 12:34:06 +03:00
dependabot[bot]
4e654fe698
build(deps): bump the dependencies group with 3 updates ( #2837 )
...
Bumps the dependencies group with 3 updates: [cryptography](https://github.com/pyca/cryptography ), [coverage[toml]](https://github.com/nedbat/coveragepy ) and [freezegun](https://github.com/spulec/freezegun ).
Updates `cryptography` from 45.0.2 to 45.0.3
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/45.0.2...45.0.3 )
Updates `coverage[toml]` from 7.8.0 to 7.8.2
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.8.0...7.8.2 )
Updates `freezegun` from 1.5.1 to 1.5.2
- [Release notes](https://github.com/spulec/freezegun/releases )
- [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG )
- [Commits](https://github.com/spulec/freezegun/compare/1.5.1...1.5.2 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 45.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: coverage[toml]
dependency-version: 7.8.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: freezegun
dependency-version: 1.5.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-27 11:32:36 +03:00
Kairo Araujo
877ac5076e
Merge pull request #2838 from theupdateframework/dependabot/pip/test-and-lint-dependencies-8db52d3157
...
build(deps): bump ruff from 0.11.10 to 0.11.11 in the test-and-lint-dependencies group
2025-05-27 07:44:51 +02:00
dependabot[bot]
566ed3e897
build(deps): bump ruff in the test-and-lint-dependencies group
...
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff ).
Updates `ruff` from 0.11.10 to 0.11.11
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.10...0.11.11 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.11.11
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-05-26 21:47:54 +00:00
Lukas Pühringer
6fc2a3c275
Merge pull request #2835 from theupdateframework/dependabot/pip/dependencies-6b442c29d5
...
build(deps): bump the dependencies group across 1 directory with 2 updates
2025-05-20 09:31:54 +02:00
dependabot[bot]
5cec62cd03
build(deps): bump the dependencies group across 1 directory with 2 updates
...
Bumps the dependencies group with 2 updates in the / directory: [cryptography](https://github.com/pyca/cryptography ) and [ruff](https://github.com/astral-sh/ruff ).
Updates `cryptography` from 44.0.3 to 45.0.2
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/44.0.3...45.0.2 )
Updates `ruff` from 0.11.9 to 0.11.10
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.9...0.11.10 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 45.0.2
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: dependencies
- dependency-name: ruff
dependency-version: 0.11.10
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-05-19 21:41:38 +00:00
Lukas Pühringer
4bfca1f97e
Merge pull request #2832 from theupdateframework/dependabot/pip/test-and-lint-dependencies-7682f5adcf
...
build(deps): bump the test-and-lint-dependencies group with 2 updates
2025-05-13 09:23:08 +02:00
dependabot[bot]
f5b2acf627
build(deps): bump the test-and-lint-dependencies group with 2 updates
...
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff ) and [zizmor](https://github.com/woodruffw/zizmor ).
Updates `ruff` from 0.11.8 to 0.11.9
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.8...0.11.9 )
Updates `zizmor` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/woodruffw/zizmor/releases )
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md )
- [Commits](https://github.com/woodruffw/zizmor/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.11.9
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
- dependency-name: zizmor
dependency-version: 1.7.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-05-12 21:09:04 +00:00
Kairo Araujo
b0aa482a66
Merge pull request #2830 from theupdateframework/dependabot/pip/dependencies-2efb510e51
...
build(deps): bump cryptography from 44.0.2 to 44.0.3 in the dependencies group
2025-05-06 06:18:08 +02:00
Kairo Araujo
8ea1a9e256
Merge pull request #2831 from theupdateframework/dependabot/pip/test-and-lint-dependencies-3a2edb1555
...
build(deps): bump ruff from 0.11.7 to 0.11.8 in the test-and-lint-dependencies group
2025-05-06 06:17:19 +02:00
dependabot[bot]
29b482390e
build(deps): bump ruff in the test-and-lint-dependencies group
...
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff ).
Updates `ruff` from 0.11.7 to 0.11.8
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.7...0.11.8 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.11.8
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-05-05 22:37:53 +00:00
dependabot[bot]
769a61b405
build(deps): bump cryptography in the dependencies group
...
Bumps the dependencies group with 1 update: [cryptography](https://github.com/pyca/cryptography ).
Updates `cryptography` from 44.0.2 to 44.0.3
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/44.0.2...44.0.3 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-version: 44.0.3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-05-05 22:26:19 +00:00
Lukas Pühringer
6fe57fa569
Merge pull request #2829 from theupdateframework/dependabot/github_actions/action-dependencies-351cf6cc53
...
build(deps): bump the action-dependencies group with 2 updates
2025-04-29 09:17:44 +02:00
Kairo Araujo
00c16fb42c
Merge pull request #2828 from theupdateframework/dependabot/pip/test-and-lint-dependencies-e9eafb5758
2025-04-29 08:11:06 +02:00
dependabot[bot]
ec50bc52b8
build(deps): bump the action-dependencies group with 2 updates
...
Bumps the action-dependencies group with 2 updates: [actions/setup-python](https://github.com/actions/setup-python ) and [actions/download-artifact](https://github.com/actions/download-artifact ).
Updates `actions/setup-python` from 5.5.0 to 5.6.0
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](8d9ed9ac5c...a26af69be9https://github.com/actions/download-artifact/releases )
- [Commits](95815c38cf...d3f86a106a
2025-04-28 22:28:44 +00:00
dependabot[bot]
96fd7bde44
build(deps): bump ruff in the test-and-lint-dependencies group
...
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff ).
Updates `ruff` from 0.11.6 to 0.11.7
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.6...0.11.7 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.11.7
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-04-28 22:13:03 +00:00
Lukas Pühringer
9a4f8d5dbd
Merge pull request #2826 from theupdateframework/dependabot/pip/dependencies-54f6db96fa
...
build(deps): bump securesystemslib from 1.2.0 to 1.3.0 in the dependencies group
2025-04-22 10:28:04 +02:00
Jussi Kukkonen
ee50fea0c6
annotation fixes
...
* Start linting securesystemslib calls
(this requires new securesystemslib)
* Fix various issues that suddenly popup
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2025-04-22 10:53:54 +03:00
Lukas Pühringer
737b41f94d
Merge pull request #2825 from theupdateframework/dependabot/pip/test-and-lint-dependencies-b11e8444e9
...
build(deps): bump the test-and-lint-dependencies group with 2 updates
2025-04-22 09:29:39 +02:00
dependabot[bot]
394d47c257
build(deps): bump securesystemslib in the dependencies group
...
Bumps the dependencies group with 1 update: [securesystemslib](https://github.com/secure-systems-lab/securesystemslib ).
Updates `securesystemslib` from 1.2.0 to 1.3.0
- [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases )
- [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v1.2.0...v1.3.0 )
---
updated-dependencies:
- dependency-name: securesystemslib
dependency-version: 1.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-04-21 21:11:19 +00:00
dependabot[bot]
7660291ad1
build(deps): bump the test-and-lint-dependencies group with 2 updates
...
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff ) and [zizmor](https://github.com/woodruffw/zizmor ).
Updates `ruff` from 0.11.5 to 0.11.6
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.5...0.11.6 )
Updates `zizmor` from 1.5.2 to 1.6.0
- [Release notes](https://github.com/woodruffw/zizmor/releases )
- [Changelog](https://github.com/woodruffw/zizmor/blob/main/docs/release-notes.md )
- [Commits](https://github.com/woodruffw/zizmor/compare/v1.5.2...v1.6.0 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.11.6
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
- dependency-name: zizmor
dependency-version: 1.6.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-04-21 21:10:40 +00:00
dependabot[bot]
9f8dc40a85
build(deps): bump ruff in the test-and-lint-dependencies group ( #2823 )
...
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff ).
Updates `ruff` from 0.11.4 to 0.11.5
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.4...0.11.5 )
---
updated-dependencies:
- dependency-name: ruff
dependency-version: 0.11.5
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-15 12:40:23 +03:00
dependabot[bot]
dc3f556642
build(deps): bump urllib3 from 2.3.0 to 2.4.0 in the dependencies group ( #2824 )
...
Bumps the dependencies group with 1 update: [urllib3](https://github.com/urllib3/urllib3 ).
Updates `urllib3` from 2.3.0 to 2.4.0
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/2.3.0...2.4.0 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-version: 2.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-15 12:39:52 +03:00
