python-tuf

mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00

Author	SHA1	Message	Date
Lukas Pühringer	1e813fe759	Merge pull request #2022 from theupdateframework/dependabot/pip/requests-2.28.0 build(deps): bump requests from 2.27.1 to 2.28.0	2022-06-13 10:17:14 +02:00
Jussi Kukkonen	c05070286c	Merge pull request #2021 from theupdateframework/dependabot/github_actions/actions/setup-python-4 build(deps): bump actions/setup-python from 3.1.2 to 4	2022-06-13 10:16:08 +03:00
dependabot[bot]	548b5b87b0	build(deps): bump requests from 2.27.1 to 2.28.0 Bumps [requests](https://github.com/psf/requests) from 2.27.1 to 2.28.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.27.1...v2.28.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-10 10:05:20 +00:00
dependabot[bot]	94b08faade	build(deps): bump actions/setup-python from 3.1.2 to 4 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3.1.2 to 4. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v3.1.2...d09bd5e6005b175076f227b13d9730d56e9dcfcb) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-09 10:22:16 +00:00
Lukas Pühringer	b8360a2f69	Merge pull request #2017 from MVrachev/fix-eq-tests Tests: simplify and shorten test_metadata_eq_.py	2022-06-08 14:48:08 +02:00
Martin Vrachev	6c2952fc2c	Tests: simplify and shorten test_metadata_eq_.py There is a lot of repetitive code inside test_metadata_eq_.py. Remove it by using the decorator. I am initializing the object instances in setUpClass instead of doing it inside the test function in order to escape the need for reinitialization of the instances on each attribute. Signed-off-by: Martin Vrachev <mvrachev@vmware.com>	2022-06-08 14:31:41 +03:00
Jussi Kukkonen	5910e37c54	Merge pull request #2018 from theupdateframework/dependabot/pip/pylint-2.14.1 build(deps): bump pylint from 2.14.0 to 2.14.1	2022-06-07 13:43:58 +03:00
dependabot[bot]	57a4e57940	build(deps): bump pylint from 2.14.0 to 2.14.1 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.14.0 to 2.14.1. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Commits](https://github.com/PyCQA/pylint/compare/v2.14.0...v2.14.1) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-07 10:22:22 +00:00
Jussi Kukkonen	bd9cb3b654	Merge pull request #2019 from theupdateframework/dependabot/pip/mypy-0.961 build(deps): bump mypy from 0.960 to 0.961	2022-06-07 13:21:45 +03:00
dependabot[bot]	ffdec52762	build(deps): bump mypy from 0.960 to 0.961 Bumps [mypy](https://github.com/python/mypy) from 0.960 to 0.961. - [Release notes](https://github.com/python/mypy/releases) - [Commits](https://github.com/python/mypy/compare/v0.960...v0.961) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-07 10:07:37 +00:00
Jussi Kukkonen	cfcc0c3f0f	Merge pull request #1974 from naveensrinivasan/Dependency-Review-Action chore: Dependency Review Action	2022-06-06 16:30:12 +03:00
Jussi Kukkonen	f31c090c6b	Merge pull request #2016 from theupdateframework/dependabot/pip/coverage-6.4.1 build(deps): bump coverage from 6.4 to 6.4.1	2022-06-06 09:23:26 +03:00
dependabot[bot]	6a589754c2	build(deps): bump coverage from 6.4 to 6.4.1 Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4 to 6.4.1. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.4...6.4.1) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-03 10:22:08 +00:00
Marina Moore	2f2c9b20f4	Merge pull request #2015 from theupdateframework/dependabot/pip/pylint-2.14.0 build(deps): bump pylint from 2.13.9 to 2.14.0	2022-06-02 10:36:05 -04:00
naveensrinivasan	a5afebd1ab	Changed the tags to SHA Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>	2022-06-02 07:01:45 -05:00
dependabot[bot]	0b3da181ff	build(deps): bump pylint from 2.13.9 to 2.14.0 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.9 to 2.14.0. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Commits](https://github.com/PyCQA/pylint/compare/v2.13.9...v2.14.0) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-02 10:06:32 +00:00
Jussi Kukkonen	46979bb46d	Merge pull request #2002 from abs007/patch-1916 Appending Fetcher docs to state the method to be implemented.	2022-05-31 15:17:52 +03:00
Jussi Kukkonen	e78b1aaa7d	Merge pull request #2003 from dhavalgshah/kceu22_bugbash/issue1999 fix: ngclient: temp_file could be undefined #1999	2022-05-31 10:04:07 +03:00
Jussi Kukkonen	12833b08d8	Merge pull request #2013 from theupdateframework/dependabot/pip/mypy-0.960 build(deps): bump mypy from 0.950 to 0.960	2022-05-31 10:00:38 +03:00
dependabot[bot]	6949db0a45	build(deps): bump mypy from 0.950 to 0.960 Bumps [mypy](https://github.com/python/mypy) from 0.950 to 0.960. - [Release notes](https://github.com/python/mypy/releases) - [Commits](https://github.com/python/mypy/compare/v0.950...v0.960) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-26 10:05:42 +00:00
Lukas Pühringer	e9d11962b9	Merge pull request #2006 from theupdateframework/dependabot/github_actions/actions/github-script-6.1.0 build(deps): bump actions/github-script from 6.0.0 to 6.1.0	2022-05-24 11:20:33 +02:00
Lukas Pühringer	0a0f2dd6b5	Merge pull request #2011 from theupdateframework/dependabot/pip/coverage-6.4 build(deps): bump coverage from 6.3.2 to 6.4	2022-05-24 11:12:07 +02:00
Lukas Pühringer	a586fc0be0	Merge pull request #2009 from theupdateframework/dependabot/pip/certifi-2022.5.18.1 build(deps): bump certifi from 2021.10.8 to 2022.5.18.1	2022-05-24 11:03:54 +02:00
dependabot[bot]	38201fb7f3	build(deps): bump coverage from 6.3.2 to 6.4 Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.3.2 to 6.4. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.3.2...6.4) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-24 08:39:11 +00:00
Lukas Pühringer	b26ed79c20	Merge pull request #2007 from theupdateframework/dependabot/pip/pylint-2.13.9 build(deps): bump pylint from 2.13.8 to 2.13.9	2022-05-24 10:38:20 +02:00
Lukas Pühringer	acfbe6836d	Merge pull request #2012 from theupdateframework/dependabot/github_actions/actions/upload-artifact-3.1.0 build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.0	2022-05-23 13:53:55 +02:00
dependabot[bot]	2ae099c140	build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.0 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](`6673cd052c...3cea537223`) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-23 10:23:02 +00:00
dependabot[bot]	4d310aa24c	build(deps): bump certifi from 2021.10.8 to 2022.5.18.1 Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.5.18.1. - [Release notes](https://github.com/certifi/python-certifi/releases) - [Commits](https://github.com/certifi/python-certifi/compare/2021.10.08...2022.05.18.1) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-20 10:06:23 +00:00
Abhisman Sarkar	4a2fdabc2d	Fixes #1916 The class docstring for FetcherInterface needed to clearly state that only _fetch() had to be implemented in it's implementation. This is because the public API of the interface is implemented already. Signed-off-by: Abhisman Sarkar <abhisman.sarkar@gmail.com>	2022-05-17 09:40:16 +05:30
dependabot[bot]	e1b69498ad	build(deps): bump pylint from 2.13.8 to 2.13.9 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.8 to 2.13.9. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog) - [Commits](https://github.com/PyCQA/pylint/compare/v2.13.8...v2.13.9) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-16 10:09:51 +00:00
dependabot[bot]	78dc59bf8b	build(deps): bump actions/github-script from 6.0.0 to 6.1.0 Bumps [actions/github-script](https://github.com/actions/github-script) from 6.0.0 to 6.1.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](`9ac08808f9...7a5c598405`) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-13 10:17:47 +00:00
Dhaval Shah	ac7ecfb8d5	fix: Uninitialized local #1999 Annotating local temp_file_name variable is simple than to annotate temp_file. Fixes #1999 Signed-off-by: Dhaval Shah <30974879+dhavalgshah@users.noreply.github.com>	2022-05-11 12:04:36 +05:30
Lukas Pühringer	80235093d2	Merge pull request #2004 from rdimitrov/dimitrovr/fix-typo docs: remove a duplicated word in refresh() doc comment	2022-05-10 11:58:11 +02:00
Radoslav Dimitrov	9d441da73b	docs: remove a duplicated word in refresh() doc comment Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>	2022-05-10 12:29:30 +03:00
Dhaval Shah	b23c5d9fe5	fix: ngclient: temp_file could be undefined #1999 Fixes ngclient: temp_file could be undefined #1999 Signed-off-by: Dhaval Shah <30974879+dhavalgshah@users.noreply.github.com>	2022-05-10 00:32:20 +05:30
Jussi Kukkonen	c5ca38f0ae	Merge pull request #1996 from theupdateframework/dependabot/pip/cryptography-37.0.2 build(deps): bump cryptography from 37.0.1 to 37.0.2	2022-05-06 10:14:33 +03:00
dependabot[bot]	adc5770e6c	build(deps): bump cryptography from 37.0.1 to 37.0.2 Bumps [cryptography](https://github.com/pyca/cryptography) from 37.0.1 to 37.0.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/37.0.1...37.0.2) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-04 10:12:49 +00:00
Jussi Kukkonen	211f2afe56	Merge pull request #1914 from jku/blog-ngclient-design docs: Add a blog post about ngclient design	2022-05-04 10:01:10 +03:00
Jussi Kukkonen	ac96114309	blog: Update post date, update sloccount Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>	2022-05-04 09:53:46 +03:00
Jussi Kukkonen	7b593f3fdb	docs: Add doc links to ngclient blog post Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>	2022-05-04 09:50:56 +03:00
Jussi Kukkonen	2d52473dd3	docs: Add a blog post about ngclient design Try to explain some decisions made in ngclient. Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>	2022-05-04 09:50:56 +03:00
Jussi Kukkonen	096152db03	Merge pull request #1994 from theupdateframework/dependabot/pip/pylint-2.13.8 build(deps): bump pylint from 2.13.7 to 2.13.8	2022-05-04 09:25:51 +03:00
dependabot[bot]	384b1ab590	build(deps): bump pylint from 2.13.7 to 2.13.8 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.7 to 2.13.8. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog) - [Commits](https://github.com/PyCQA/pylint/compare/v2.13.7...v2.13.8) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-03 10:08:54 +00:00
Jussi Kukkonen	4c872e3fa6	Merge pull request #1991 from jku/no-requests-type-checking lint: Stop using requests annotations	2022-05-03 10:42:01 +03:00
Jussi Kukkonen	cdca321b67	Merge pull request #1986 from theupdateframework/dependabot/pip/mypy-0.950 build(deps): bump mypy from 0.942 to 0.950	2022-05-03 10:36:52 +03:00
Jussi Kukkonen	dc1d1e600a	Merge pull request #1985 from theupdateframework/dependabot/pip/cryptography-37.0.1 build(deps): bump cryptography from 36.0.2 to 37.0.1	2022-05-03 10:34:51 +03:00
Lukas Pühringer	1efd52c7c4	Merge pull request #1975 from abs007/1937 Checking for None instead of falsyness	2022-05-02 09:17:06 +02:00
Abhisman Sarkar	79d924a4df	Metadata API: Checking for None instead of falsyness Fixes #1937 Initialization of unrecognized_fields acts surprisingly when the input container is empty. Hence, We're checking for None instead of falsyness. Signed-off-by: Abhisman Sarkar <abhisman.sarkar@gmail.com>	2022-04-29 22:39:48 +05:30
Jussi Kukkonen	eb23fff3af	lint: Stop using requests annotations requests project does not maintain annotations: typeshed project tries to do it for them, and releases the annotations as "types-requests". There's two main problems: * typeshed releases constantly: this means a lot of test dependency updates * typeshed releases are not tagged in git: updates are impossible to review The benefit we get from types-requests is minimal as there is very little requests-related code and it does not change often. Remove annotations to lower the test dependency update churn. Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>	2022-04-29 15:27:50 +03:00
Lukas Pühringer	83f2eee19f	Merge pull request #1983 from jku/update-maintainer-permissions-list Update maintainers permission checklist	2022-04-28 15:40:29 +02:00

1 2 3 4 5 ...

5139 commits