Jussi Kukkonen
4e889e7212
dev env: Stop installing tuf as "editable"
...
This was likely only necessary because the test suite required it:
Now tuf does not get installed at all by tox (or by dev install)
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-12-11 10:11:55 +02:00
dependabot[bot]
42c3b2d919
build(deps): bump the action-dependencies group with 2 updates ( #2729 )
2024-10-29 08:50:53 +02:00
dependabot[bot]
192a349c1b
build(deps): bump the action-dependencies group with 3 updates
...
Bumps the action-dependencies group with 3 updates: [actions/checkout](https://github.com/actions/checkout ), [actions/upload-artifact](https://github.com/actions/upload-artifact ) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ).
Updates `actions/checkout` from 4.2.0 to 4.2.1
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](d632683dd7...eef61447b9https://github.com/actions/upload-artifact/releases )
- [Commits](50769540e7...604373da63https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](897895f1e1...f7600683ef
2024-10-07 21:33:01 +00:00
dependabot[bot]
4ec49e23f7
build(deps): bump actions/checkout in the action-dependencies group ( #2710 )
...
Bumps the action-dependencies group with 1 update: [actions/checkout](https://github.com/actions/checkout ).
Updates `actions/checkout` from 4.1.7 to 4.2.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...d632683dd7
2024-10-01 11:00:12 +03:00
dependabot[bot]
dc004e7d2b
build(deps): bump the action-dependencies group with 3 updates
...
Bumps the action-dependencies group with 3 updates: [actions/setup-python](https://github.com/actions/setup-python ), [actions/upload-artifact](https://github.com/actions/upload-artifact ) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ).
Updates `actions/setup-python` from 5.1.1 to 5.2.0
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](39cd14951b...f677139bbehttps://github.com/actions/upload-artifact/releases )
- [Commits](834a144ee9...50769540e7https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](ec4db0b4dd...8a08d61689
2024-09-02 21:33:56 +00:00
dependabot[bot]
ab6dbf790b
build(deps): bump actions/setup-python in the action-dependencies group
...
Bumps the action-dependencies group with 1 update: [actions/setup-python](https://github.com/actions/setup-python ).
Updates `actions/setup-python` from 5.1.0 to 5.1.1
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](82c7e631bb...39cd14951b
2024-07-15 21:42:17 +00:00
dependabot[bot]
31e8eeb3f6
build(deps): bump the action-dependencies group with 2 updates ( #2660 )
...
Bumps the action-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ).
Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](81e9d935c8...ec4db0b4dd
2024-06-18 10:56:02 +03:00
dependabot[bot]
c5c81dd885
---
...
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: action-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-20 21:18:03 +00:00
dependabot[bot]
dd9bf7410a
build(deps): bump actions/checkout in the action-dependencies group
...
Bumps the action-dependencies group with 1 update: [actions/checkout](https://github.com/actions/checkout ).
Updates `actions/checkout` from 4.1.4 to 4.1.5
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
2024-05-06 21:50:18 +00:00
dependabot[bot]
8607c56000
build(deps): bump the action-dependencies group with 2 updates
...
Bumps the action-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [actions/download-artifact](https://github.com/actions/download-artifact ).
Updates `actions/checkout` from 4.1.3 to 4.1.4
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1d96c772d1...0ad4b8fadahttps://github.com/actions/download-artifact/releases )
- [Commits](9c19ed7fe5...65a9edc588
2024-04-29 21:42:06 +00:00
dependabot[bot]
0e5833afb8
build(deps): bump the action-dependencies group with 3 updates
...
Bumps the action-dependencies group with 3 updates: [actions/checkout](https://github.com/actions/checkout ), [actions/upload-artifact](https://github.com/actions/upload-artifact ) and [actions/download-artifact](https://github.com/actions/download-artifact ).
Updates `actions/checkout` from 4.1.2 to 4.1.3
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](9bb56186c3...1d96c772d1https://github.com/actions/upload-artifact/releases )
- [Commits](5d5d22a312...65462800fdhttps://github.com/actions/download-artifact/releases )
- [Commits](c850b930e6...9c19ed7fe5
2024-04-22 21:40:01 +00:00
dependabot[bot]
feaaeab865
build(deps): bump the action-dependencies group with 2 updates
...
Bumps the action-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [actions/setup-python](https://github.com/actions/setup-python ).
Updates `actions/checkout` from 4.1.1 to 4.1.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3https://github.com/actions/setup-python/releases )
- [Commits](0a5c615913...82c7e631bb
2024-04-02 08:02:13 +00:00
dependabot[bot]
9cb3eb582b
build(deps): bump actions/setup-python from 4.7.1 to 5.0.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.7.1 to 5.0.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](65d7f2d534...0a5c615913
2023-12-07 10:56:23 +00:00
dependabot[bot]
2764851c88
build(deps): bump actions/checkout from 4.1.0 to 4.1.1
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8ade135a41...b4ffde65f4
2023-10-18 10:10:55 +00:00
dependabot[bot]
cf3445c22f
build(deps): bump actions/setup-python from 4.7.0 to 4.7.1
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.7.0 to 4.7.1.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](61a6322f88...65d7f2d534
2023-10-03 11:01:32 +00:00
dependabot[bot]
aaea6c29ab
build(deps): bump actions/checkout from 4.0.0 to 4.1.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](3df4ab11eb...8ade135a41
2023-09-25 10:56:33 +00:00
dependabot[bot]
811bf02fb0
build(deps): bump actions/checkout from 3.6.0 to 4.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](f43a0e5ff2...3df4ab11eb
2023-09-07 12:36:36 +00:00
sumanth8495
ade02cfb17
Missing version numbers are given, mentioned bugs are resolved.
...
Signed-off-by: sumanth8495 <msgupthamurukuri123@gmail.com>
2023-09-06 19:04:23 +05:30
sumanth8495
1f676a8e34
version numbers are commented respectively
...
Signed-off-by: sumanth8495 <msgupthamurukuri123@gmail.com>
2023-09-06 13:10:40 +05:30
sumanth8495
e3772c7082
workflows: Includes version comments in GH action uses-lines
...
Signed-off-by: sumanth8495 <msgupthamurukuri123@gmail.com>
2023-09-02 18:44:15 +05:30
dependabot[bot]
82c223cafe
build(deps): bump actions/checkout from 3.5.3 to 3.6.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...f43a0e5ff2
2023-08-31 09:14:00 +00:00
dependabot[bot]
44dbf4bc02
build(deps): bump actions/setup-python from 4.6.1 to 4.7.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.6.1 to 4.7.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](bd6b4b6205...61a6322f88
2023-07-14 10:23:57 +00:00
dependabot[bot]
55a17cc3ee
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2023-06-12 11:00:10 +00:00
dependabot[bot]
4f3ff9fa12
build(deps): bump actions/setup-python from 4.6.0 to 4.6.1
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](57ded4d7d5...bd6b4b6205
2023-05-25 10:58:36 +00:00
dependabot[bot]
964c30c2dd
build(deps): bump actions/setup-python from 4.5.0 to 4.6.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d27e3f3d7c...57ded4d7d5
2023-04-21 10:58:33 +00:00
dependabot[bot]
308c9874b7
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8f4b7f8486...8e5e7e5ab8
2023-04-14 10:58:57 +00:00
dependabot[bot]
f86f656d3c
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](24cb908017...8f4b7f8486
2023-03-28 07:44:51 +00:00
dependabot[bot]
a673ac3df5
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...24cb908017
2023-03-20 08:21:35 +00:00
dependabot[bot]
4c3df14a50
build(deps): bump actions/setup-python from 4.4.0 to 4.5.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](5ccb29d877...d27e3f3d7c
2023-01-13 10:50:28 +00:00
dependabot[bot]
bfbfb55444
build(deps): bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-01-13 10:32:56 +00:00
dependabot[bot]
681c134e09
build(deps): bump actions/setup-python from 4.3.1 to 4.4.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.3.1 to 4.4.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](2c3dd9e7e2...5ccb29d877
2022-12-23 10:22:10 +00:00
dependabot[bot]
98991d8f50
build(deps): bump actions/checkout from 3.1.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](93ea575cb5...755da8c3cf
2022-12-13 10:04:50 +00:00
dependabot[bot]
205769d9bf
build(deps): bump actions/setup-python from 4.3.0 to 4.3.1
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](13ae5bb136...2c3dd9e7e2
2022-12-09 17:50:35 +00:00
Jussi Kukkonen
b6c3b66ca6
build: Change build dependency pinning strategy
...
* don't autoupgrade pip: let's consider pip to be part of platform?
* pin build and tox in new requirements-build.txt: this mostly prevents
tox from going to 4.x before we're ready
* use requirements-build.txt as constraint when installing tox or build
during CI & CD
* use requirements-build.txt in requiremenets-dev.txt
Note that coveralls is not pinned, not sure if it should be.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2022-12-09 18:10:03 +02:00
Jussi Kukkonen
53521bfda0
workflows: Set top-level permissions
...
This changes very little but it does mean any jobs added in future have to
be explicit about the permissions they need. This also makes OSSF scorecard
happier.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2022-10-30 12:56:22 +02:00
Miles Liu
0a79245c43
ci: migrate deprecating set-output commands
...
Signed-off-by: Miles Liu <miles@bung.cc>
2022-10-24 15:46:44 +08:00
dependabot[bot]
76c0d6cec0
build(deps): bump actions/setup-python from 4.2.0 to 4.3.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](b55428b188...13ae5bb136
2022-10-11 10:29:56 +00:00
dependabot[bot]
9907d4d38a
build(deps): bump actions/checkout from 3.0.2 to 3.1.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](2541b1294d...93ea575cb5
2022-10-04 10:45:28 +00:00
Lukas Puehringer
b83c738373
chore: fix error in spec version check workflow
...
Use `--upgrade` option to upgrade pip with pip in workflow, instead
of non-existing `-u` option (-U would also be possible).
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-08-30 14:19:12 +02:00
Lukas Puehringer
7baf1d3376
chore: misc setup-python changes in spec check job
...
1. update action/setup-python to latest version
2. pin major version to be used to 3.x
3. upgrade pip before using it
1 and 2 were suggested in #2089
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-08-30 09:44:19 +02:00
Radoslav Dimitrov
53f1611b74
chore: limit the permissions for the job calling the version check workflow
...
Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
2022-08-30 09:37:01 +02:00
Radoslav Dimitrov
0e6b928d9a
chore: update the workflow responsible for notifying of new TUF spec release
...
Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
2022-08-30 09:36:59 +02:00
