dependabot[bot]
25cbdcaf32
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d186a2a36c...7df0ce3489
2023-04-17 11:22:23 +00:00
Lukas Pühringer
25d3151254
Merge pull request #2358 from theupdateframework/dependabot/github_actions/actions/checkout-3.5.2
...
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
2023-04-17 13:21:41 +02:00
Lukas Pühringer
68f4a095cb
Merge pull request #2360 from theupdateframework/dependabot/pip/cryptography-40.0.2
...
build(deps): bump cryptography from 40.0.1 to 40.0.2
2023-04-17 13:21:28 +02:00
dependabot[bot]
f130651d55
build(deps): bump cryptography from 40.0.1 to 40.0.2
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 40.0.1 to 40.0.2.
- [Release notes](https://github.com/pyca/cryptography/releases )
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/40.0.1...40.0.2 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 10:57:26 +00:00
dependabot[bot]
308c9874b7
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8f4b7f8486...8e5e7e5ab8
2023-04-14 10:58:57 +00:00
Lukas Pühringer
fe3fa79bf8
Merge pull request #2355 from theupdateframework/dependabot/github_actions/actions/github-script-6.4.1
...
build(deps): bump actions/github-script from 6.4.0 to 6.4.1
2023-04-11 12:53:14 +02:00
Lukas Pühringer
561071888e
Merge pull request #2354 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.11
...
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
2023-04-11 12:53:09 +02:00
Lukas Pühringer
df01f87eba
Merge pull request #2353 from theupdateframework/dependabot/pip/coverage-7.2.3
...
build(deps): bump coverage from 7.2.2 to 7.2.3
2023-04-11 12:52:56 +02:00
Lukas Pühringer
0b3229ce0f
Merge pull request #2352 from theupdateframework/dependabot/pip/mypy-1.2.0
...
build(deps): bump mypy from 1.1.1 to 1.2.0
2023-04-11 12:52:11 +02:00
dependabot[bot]
63da19d127
build(deps): bump actions/github-script from 6.4.0 to 6.4.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](98814c53be...d7906e4ad0
2023-04-07 10:58:44 +00:00
dependabot[bot]
64816c40f8
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...d186a2a36c
2023-04-07 10:58:40 +00:00
dependabot[bot]
86335a7a1d
build(deps): bump coverage from 7.2.2 to 7.2.3
...
Bumps [coverage](https://github.com/nedbat/coveragepy ) from 7.2.2 to 7.2.3.
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.2.2...7.2.3 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-07 10:57:30 +00:00
dependabot[bot]
dc0610b051
build(deps): bump mypy from 1.1.1 to 1.2.0
...
Bumps [mypy](https://github.com/python/mypy ) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/python/mypy/releases )
- [Commits](https://github.com/python/mypy/compare/v1.1.1...v1.2.0 )
---
updated-dependencies:
- dependency-name: mypy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-07 10:57:19 +00:00
Jussi Kukkonen
16ffdb017a
Merge pull request #2350 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.5
...
build(deps): bump pypa/gh-action-pypi-publish from 1.8.3 to 1.8.5
2023-04-05 10:53:28 +03:00
Jussi Kukkonen
6132be0a86
Merge pull request #2349 from theupdateframework/dependabot/pip/pylint-2.17.2
...
build(deps): bump pylint from 2.17.1 to 2.17.2
2023-04-05 10:07:53 +03:00
dependabot[bot]
b52c7dbcfc
build(deps): bump pypa/gh-action-pypi-publish from 1.8.3 to 1.8.5
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.8.3 to 1.8.5.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](48b317d84d...0bf742be3e
2023-04-04 11:00:18 +00:00
dependabot[bot]
d3647a6af1
build(deps): bump pylint from 2.17.1 to 2.17.2
...
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.17.1 to 2.17.2.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.17.1...v2.17.2 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-04 10:58:13 +00:00
Jussi Kukkonen
01ca2987ca
Merge pull request #2347 from theupdateframework/dependabot/github_actions/ossf/scorecard-action-2.1.3
...
build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
2023-03-31 09:53:28 +03:00
dependabot[bot]
904f956d4c
build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e38b1902ae...80e868c13c
2023-03-30 10:58:48 +00:00
Jussi Kukkonen
6a0a12b1f1
Merge pull request #2346 from theupdateframework/dependabot/pip/black-23.3.0
...
build(deps): bump black from 23.1.0 to 23.3.0
2023-03-29 14:04:33 +03:00
dependabot[bot]
dbd2c9b155
build(deps): bump black from 23.1.0 to 23.3.0
...
Bumps [black](https://github.com/psf/black ) from 23.1.0 to 23.3.0.
- [Release notes](https://github.com/psf/black/releases )
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md )
- [Commits](https://github.com/psf/black/compare/23.1.0...23.3.0 )
---
updated-dependencies:
- dependency-name: black
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-29 10:57:39 +00:00
Lukas Pühringer
8ae0a38039
Merge pull request #2338 from jku/hash-prefix
...
Add TargetFile.get_prefixed_paths()
2023-03-29 12:13:04 +02:00
Lukas Pühringer
0dc4ab2687
Merge pull request #2345 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.9
...
build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
2023-03-29 11:51:48 +02:00
Lukas Pühringer
c005d285a5
Merge pull request #2339 from theupdateframework/dependabot/pip/pylint-2.17.1
...
build(deps): bump pylint from 2.17.0 to 2.17.1
2023-03-29 11:40:18 +02:00
dependabot[bot]
d68cd71fcd
build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](67a35a0858...04df1262e6
2023-03-28 10:59:06 +00:00
Lukas Pühringer
1372630fdb
Merge pull request #2343 from theupdateframework/dependabot/github_actions/actions/checkout-3.5.0
...
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
2023-03-28 11:05:28 +02:00
dependabot[bot]
f86f656d3c
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](24cb908017...8f4b7f8486
2023-03-28 07:44:51 +00:00
Lukas Pühringer
d55b5df4e9
Merge pull request #2341 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.8
...
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
2023-03-28 09:44:11 +02:00
Lukas Pühringer
cc6a4efd8c
Merge pull request #2340 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.3
...
build(deps): bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3
2023-03-28 09:43:43 +02:00
Lukas Pühringer
727a08522a
Merge pull request #2337 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-3.0.4
...
build(deps): bump actions/dependency-review-action from 3.0.3 to 3.0.4
2023-03-28 09:38:32 +02:00
Lukas Pühringer
981347fcb5
Merge pull request #2344 from theupdateframework/dependabot/pip/cryptography-40.0.1
...
build(deps): bump cryptography from 39.0.2 to 40.0.1
2023-03-28 09:37:13 +02:00
dependabot[bot]
7b516010c4
build(deps): bump cryptography from 39.0.2 to 40.0.1
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 39.0.2 to 40.0.1.
- [Release notes](https://github.com/pyca/cryptography/releases )
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/39.0.2...40.0.1 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-27 10:57:38 +00:00
dependabot[bot]
8eaa8dc377
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](168b99b3c2...67a35a0858
2023-03-23 10:59:10 +00:00
dependabot[bot]
f98f94b46b
build(deps): bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.8.1 to 1.8.3.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](a3a3bafbb3...48b317d84d
2023-03-23 10:59:06 +00:00
dependabot[bot]
1c45eaa1df
build(deps): bump pylint from 2.17.0 to 2.17.1
...
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.17.0 to 2.17.1.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.17.0...v2.17.1 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-23 10:57:32 +00:00
Jussi Kukkonen
cddae3b892
Updates to TargetFile.get_prefixed_paths()
...
* Use the same solution for producing the paths as we already do in ngclient
* Fix linting issues
* Modify the test results according to new code (I believe these are
correct, although some cases are so edge cases that disagreement may
exist. Most importantly I think the method should always return as
many paths as there are hashes listed
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2023-03-20 16:12:00 +02:00
Kamui
0eef15ad28
fix: parse manually and handle url edge cases
...
Signed-off-by: Kamui <fin-kamui@pm.me>
2023-03-20 15:48:51 +02:00
Kamui
1e47e390fb
docs: add docstring for method
...
Signed-off-by: Kamui <fin-kamui@pm.me>
2023-03-20 15:48:51 +02:00
Kamui
24b1db6781
feat: generate hash-prefixed path names for target
...
Signed-off-by: Kamui <fin-kamui@pm.me>
2023-03-20 15:48:51 +02:00
dependabot[bot]
12266d8fc6
build(deps): bump actions/dependency-review-action from 3.0.3 to 3.0.4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](c090f4e553...f46c48ed6d
2023-03-20 11:00:23 +00:00
Jussi Kukkonen
db027027ce
Merge pull request #2334 from theupdateframework/dependabot/github_actions/actions/checkout-3.4.0
...
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
2023-03-20 10:40:11 +02:00
Jussi Kukkonen
73dae65e23
Merge pull request #2333 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.1
...
build(deps): bump pypa/gh-action-pypi-publish from 1.7.1 to 1.8.1
2023-03-20 10:22:49 +02:00
dependabot[bot]
a673ac3df5
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...24cb908017
2023-03-20 08:21:35 +00:00
Jussi Kukkonen
839473ce8e
Merge pull request #2335 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.7
...
build(deps): bump github/codeql-action from 2.2.6 to 2.2.7
2023-03-20 10:20:55 +02:00
Jussi Kukkonen
c5dafe96e5
Merge pull request #2336 from theupdateframework/dependabot/pip/coverage-7.2.2
...
build(deps): bump coverage from 7.2.1 to 7.2.2
2023-03-20 10:20:30 +02:00
dependabot[bot]
f2ca2d66f9
build(deps): bump coverage from 7.2.1 to 7.2.2
...
Bumps [coverage](https://github.com/nedbat/coveragepy ) from 7.2.1 to 7.2.2.
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.2.1...7.2.2 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-17 10:57:37 +00:00
Lukas Pühringer
2145b67234
Merge pull request #2321 from jku/repository-annotations
...
Repository annotations
2023-03-16 12:43:30 +01:00
dependabot[bot]
b930e5328a
build(deps): bump github/codeql-action from 2.2.6 to 2.2.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.6 to 2.2.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](16964e90ba...168b99b3c2
2023-03-16 10:22:59 +00:00
dependabot[bot]
21d87de04a
build(deps): bump pypa/gh-action-pypi-publish from 1.7.1 to 1.8.1
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.7.1 to 1.8.1.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](22b4d1f125...a3a3bafbb3
2023-03-16 10:22:42 +00:00
Lukas Pühringer
9d09c427c7
Merge pull request #2332 from theupdateframework/dependabot/pip/securesystemslib-cryptopynacl--0.27.0
...
build(deps): bump securesystemslib[crypto,pynacl] from 0.26.0 to 0.27.0
2023-03-15 13:15:17 +01:00
