Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
6506 commits 28 branches 35 tags 23 MiB
Commit graph

6506 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jussi Kukkonen
88cc98420e lint fixes 
Fixes for ruff 0.12
* Tweak some annotations
* Add __hash__() implementations to api classes: These really should be
  hashable
* My use of "super().__hash__()" is not very optimized but avoids some
  repetition

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2025-06-24 11:02:09 +03:00
dependabot[bot]
16d1486d9d
build(deps): bump ruff in the test-and-lint-dependencies group 
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.11.13 to 0.12.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.13...0.12.0)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-23 23:10:36 +00:00
Lukas Pühringer
37e6d007ad
Merge pull request #2844 from theupdateframework/dependabot/pip/dependencies-d576f69241 
build(deps): bump the dependencies group with 2 updates
 2025-06-17 09:16:33 +02:00
Lukas Pühringer
e571ef22df
Merge pull request #2843 from theupdateframework/dependabot/pip/test-and-lint-dependencies-80d7b7752b 
build(deps): bump mypy from 1.16.0 to 1.16.1 in the test-and-lint-dependencies group
 2025-06-17 09:14:54 +02:00
dependabot[bot]
c408066c9f
build(deps): bump the dependencies group with 2 updates 
Bumps the dependencies group with 2 updates: [cryptography](https://github.com/pyca/cryptography) and [coverage[toml]](https://github.com/nedbat/coveragepy).


Updates `cryptography` from 45.0.3 to 45.0.4
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/45.0.3...45.0.4)

Updates `coverage[toml]` from 7.8.2 to 7.9.1
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.8.2...7.9.1)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: coverage[toml]
  dependency-version: 7.9.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-16 22:45:56 +00:00
dependabot[bot]
7ff3af36a4
build(deps): bump mypy in the test-and-lint-dependencies group 
Bumps the test-and-lint-dependencies group with 1 update: [mypy](https://github.com/python/mypy).


Updates `mypy` from 1.16.0 to 1.16.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.16.0...v1.16.1)

---
updated-dependencies:
- dependency-name: mypy
  dependency-version: 1.16.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-16 22:33:39 +00:00
Lukas Pühringer
1ff624da25
Merge pull request #2841 from theupdateframework/dependabot/pip/test-and-lint-dependencies-5490283cf1 
build(deps): bump ruff from 0.11.12 to 0.11.13 in the test-and-lint-dependencies group
 2025-06-10 09:54:23 +02:00
dependabot[bot]
e0f4ef78ad
build(deps): bump ruff in the test-and-lint-dependencies group 
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.11.12 to 0.11.13
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.12...0.11.13)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.13
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-09 21:52:33 +00:00
dependabot[bot]
c4df52468e
build(deps): bump the test-and-lint-dependencies group with 3 updates (#2839) 
Bumps the test-and-lint-dependencies group with 3 updates: [ruff](https://github.com/astral-sh/ruff), [mypy](https://github.com/python/mypy) and [zizmor](https://github.com/zizmorcore/zizmor).


Updates `ruff` from 0.11.11 to 0.11.12
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.11...0.11.12)

Updates `mypy` from 1.15.0 to 1.16.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.15.0...v1.16.0)

Updates `zizmor` from 1.7.0 to 1.9.0
- [Release notes](https://github.com/zizmorcore/zizmor/releases)
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md)
- [Commits](https://github.com/zizmorcore/zizmor/compare/v1.7.0...v1.9.0)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: mypy
  dependency-version: 1.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
- dependency-name: zizmor
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-03 12:34:36 +03:00
dependabot[bot]
8f10e91463
build(deps): bump ossf/scorecard-action in the action-dependencies group (#2840) 
Bumps the action-dependencies group with 1 update: [ossf/scorecard-action](https://github.com/ossf/scorecard-action).


Updates `ossf/scorecard-action` from 2.4.1 to 2.4.2
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](f49aabe0b5...05b42c6244)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-03 12:34:06 +03:00
dependabot[bot]
4e654fe698
build(deps): bump the dependencies group with 3 updates (#2837) 
Bumps the dependencies group with 3 updates: [cryptography](https://github.com/pyca/cryptography), [coverage[toml]](https://github.com/nedbat/coveragepy) and [freezegun](https://github.com/spulec/freezegun).


Updates `cryptography` from 45.0.2 to 45.0.3
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/45.0.2...45.0.3)

Updates `coverage[toml]` from 7.8.0 to 7.8.2
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.8.0...7.8.2)

Updates `freezegun` from 1.5.1 to 1.5.2
- [Release notes](https://github.com/spulec/freezegun/releases)
- [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG)
- [Commits](https://github.com/spulec/freezegun/compare/1.5.1...1.5.2)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: coverage[toml]
  dependency-version: 7.8.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: freezegun
  dependency-version: 1.5.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-27 11:32:36 +03:00
Kairo Araujo
877ac5076e
Merge pull request #2838 from theupdateframework/dependabot/pip/test-and-lint-dependencies-8db52d3157 
build(deps): bump ruff from 0.11.10 to 0.11.11 in the test-and-lint-dependencies group
 2025-05-27 07:44:51 +02:00
dependabot[bot]
566ed3e897
build(deps): bump ruff in the test-and-lint-dependencies group 
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.11.10 to 0.11.11
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.10...0.11.11)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-26 21:47:54 +00:00
Lukas Pühringer
6fc2a3c275
Merge pull request #2835 from theupdateframework/dependabot/pip/dependencies-6b442c29d5 
build(deps): bump the dependencies group across 1 directory with 2 updates
 2025-05-20 09:31:54 +02:00
dependabot[bot]
5cec62cd03
build(deps): bump the dependencies group across 1 directory with 2 updates 
Bumps the dependencies group with 2 updates in the / directory: [cryptography](https://github.com/pyca/cryptography) and [ruff](https://github.com/astral-sh/ruff).


Updates `cryptography` from 44.0.3 to 45.0.2
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.3...45.0.2)

Updates `ruff` from 0.11.9 to 0.11.10
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.9...0.11.10)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 45.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: ruff
  dependency-version: 0.11.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-19 21:41:38 +00:00
Lukas Pühringer
4bfca1f97e
Merge pull request #2832 from theupdateframework/dependabot/pip/test-and-lint-dependencies-7682f5adcf 
build(deps): bump the test-and-lint-dependencies group with 2 updates
 2025-05-13 09:23:08 +02:00
dependabot[bot]
f5b2acf627
build(deps): bump the test-and-lint-dependencies group with 2 updates 
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff) and [zizmor](https://github.com/woodruffw/zizmor).


Updates `ruff` from 0.11.8 to 0.11.9
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.8...0.11.9)

Updates `zizmor` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/woodruffw/zizmor/releases)
- [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md)
- [Commits](https://github.com/woodruffw/zizmor/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: zizmor
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-12 21:09:04 +00:00
Kairo Araujo
b0aa482a66
Merge pull request #2830 from theupdateframework/dependabot/pip/dependencies-2efb510e51 
build(deps): bump cryptography from 44.0.2 to 44.0.3 in the dependencies group
 2025-05-06 06:18:08 +02:00
Kairo Araujo
8ea1a9e256
Merge pull request #2831 from theupdateframework/dependabot/pip/test-and-lint-dependencies-3a2edb1555 
build(deps): bump ruff from 0.11.7 to 0.11.8 in the test-and-lint-dependencies group
 2025-05-06 06:17:19 +02:00
dependabot[bot]
29b482390e
build(deps): bump ruff in the test-and-lint-dependencies group 
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.11.7 to 0.11.8
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.7...0.11.8)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-05 22:37:53 +00:00
dependabot[bot]
769a61b405
build(deps): bump cryptography in the dependencies group 
Bumps the dependencies group with 1 update: [cryptography](https://github.com/pyca/cryptography).


Updates `cryptography` from 44.0.2 to 44.0.3
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/44.0.2...44.0.3)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-version: 44.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-05 22:26:19 +00:00
Lukas Pühringer
6fe57fa569
Merge pull request #2829 from theupdateframework/dependabot/github_actions/action-dependencies-351cf6cc53 
build(deps): bump the action-dependencies group with 2 updates
 2025-04-29 09:17:44 +02:00
Kairo Araujo
00c16fb42c
Merge pull request #2828 from theupdateframework/dependabot/pip/test-and-lint-dependencies-e9eafb5758 2025-04-29 08:11:06 +02:00
dependabot[bot]
ec50bc52b8
build(deps): bump the action-dependencies group with 2 updates 
Bumps the action-dependencies group with 2 updates: [actions/setup-python](https://github.com/actions/setup-python) and [actions/download-artifact](https://github.com/actions/download-artifact).


Updates `actions/setup-python` from 5.5.0 to 5.6.0
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](8d9ed9ac5c...a26af69be9)

Updates `actions/download-artifact` from 4.2.1 to 4.3.0
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](95815c38cf...d3f86a106a)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
- dependency-name: actions/download-artifact
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-28 22:28:44 +00:00
dependabot[bot]
96fd7bde44
build(deps): bump ruff in the test-and-lint-dependencies group 
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.11.6 to 0.11.7
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.6...0.11.7)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-28 22:13:03 +00:00
Lukas Pühringer
9a4f8d5dbd
Merge pull request #2826 from theupdateframework/dependabot/pip/dependencies-54f6db96fa 
build(deps): bump securesystemslib from 1.2.0 to 1.3.0 in the dependencies group
 2025-04-22 10:28:04 +02:00
Jussi Kukkonen
ee50fea0c6 annotation fixes 
* Start linting securesystemslib calls
  (this requires new securesystemslib)
* Fix various issues that suddenly popup

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2025-04-22 10:53:54 +03:00
Lukas Pühringer
737b41f94d
Merge pull request #2825 from theupdateframework/dependabot/pip/test-and-lint-dependencies-b11e8444e9 
build(deps): bump the test-and-lint-dependencies group with 2 updates
 2025-04-22 09:29:39 +02:00
dependabot[bot]
394d47c257
build(deps): bump securesystemslib in the dependencies group 
Bumps the dependencies group with 1 update: [securesystemslib](https://github.com/secure-systems-lab/securesystemslib).


Updates `securesystemslib` from 1.2.0 to 1.3.0
- [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases)
- [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: securesystemslib
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-21 21:11:19 +00:00
dependabot[bot]
7660291ad1
build(deps): bump the test-and-lint-dependencies group with 2 updates 
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff) and [zizmor](https://github.com/woodruffw/zizmor).


Updates `ruff` from 0.11.5 to 0.11.6
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.5...0.11.6)

Updates `zizmor` from 1.5.2 to 1.6.0
- [Release notes](https://github.com/woodruffw/zizmor/releases)
- [Changelog](https://github.com/woodruffw/zizmor/blob/main/docs/release-notes.md)
- [Commits](https://github.com/woodruffw/zizmor/compare/v1.5.2...v1.6.0)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: zizmor
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-21 21:10:40 +00:00
dependabot[bot]
9f8dc40a85
build(deps): bump ruff in the test-and-lint-dependencies group (#2823) 
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.11.4 to 0.11.5
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.4...0.11.5)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-15 12:40:23 +03:00
dependabot[bot]
dc3f556642
build(deps): bump urllib3 from 2.3.0 to 2.4.0 in the dependencies group (#2824) 
Bumps the dependencies group with 1 update: [urllib3](https://github.com/urllib3/urllib3).


Updates `urllib3` from 2.3.0 to 2.4.0
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.3.0...2.4.0)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-version: 2.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-15 12:39:52 +03:00
Lukas Pühringer
6b3b52c788
Merge pull request #2822 from theupdateframework/dependabot/pip/test-and-lint-dependencies-ccd0c3bccc 
build(deps): bump ruff from 0.11.2 to 0.11.4 in the test-and-lint-dependencies group
 2025-04-08 09:34:47 +02:00
dependabot[bot]
2451af9f57
build(deps): bump ruff in the test-and-lint-dependencies group 
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.11.2 to 0.11.4
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.11.2...0.11.4)

---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.11.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-07 22:31:10 +00:00
dependabot[bot]
63b2ca5b07
build(deps): bump actions/setup-python in the action-dependencies group (#2820) 2025-04-01 09:25:13 +03:00
dependabot[bot]
7df7711895
build(deps): bump coverage[toml] in the dependencies group (#2821) 2025-04-01 09:24:35 +03:00
dependabot[bot]
48262c9b2a
build(deps): bump the action-dependencies group with 2 updates (#2816) 2025-03-25 09:23:38 +02:00
dependabot[bot]
ab735655cc
build(deps): bump the test-and-lint-dependencies group with 2 updates (#2817) 2025-03-25 09:23:10 +02:00
dependabot[bot]
d017fff422
build(deps): bump coverage[toml] in the dependencies group (#2818) 2025-03-25 09:22:22 +02:00
Lukas Pühringer
500e8b9a8b
Merge pull request #2815 from lukpueh/port-sslib-hash 
Port securesystemslib.hash module
 2025-03-19 12:21:09 +01:00
Lukas Puehringer
75e83b36d0 docs: Remove reference to securesystemslib hash 
Default hash sha256 is now defined locally.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2025-03-19 11:29:36 +01:00
Lukas Puehringer
6f50998c37 Add tests for custom blake hash 
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2025-03-19 10:34:35 +01:00
Lukas Puehringer
535a18918b Refactor hash helpers 
Consolidate interface of bytes hash and file hash helpers.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2025-03-19 10:07:58 +01:00
Lukas Puehringer
57010fb0b1 Rename hash algo global in repo simulator 
Remove the "default" prefix, because it's not a default but rather a
fixed value.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2025-03-19 09:28:01 +01:00
Jussi Kukkonen
c69af9959f
Merge pull request #2814 from theupdateframework/dependabot/pip/test-and-lint-dependencies-8ddb29c2ba 2025-03-18 20:20:26 +02:00
Jussi Kukkonen
f3eddc19ff lint: Accept ruff suggestions for cast() 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2025-03-18 18:20:11 +02:00
Lukas Puehringer
866409ffe9 Port securesystemslib.hash module 
securesystemslib.hash is a small wrapper around hashlib, which serves
two main purposes:
* provide helper function to hash a file
* translate custom hash algorithm name "blake2b-256" to "blake2b" with
  (digest_size=32).

In preparation for the removal of securesystemslib.hash, this patch ports
above behavior to tuf and uses the builtin hashlib directly where
possible.

related secure-systems-lab/securesystemslib#943

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2025-03-18 16:39:46 +01:00
dependabot[bot]
9f873cb9d5
build(deps): bump coverage[toml] in the dependencies group (#2813) 2025-03-18 10:17:42 +02:00
dependabot[bot]
075949fece
build(deps): bump the test-and-lint-dependencies group with 2 updates 
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff) and [zizmor](https://github.com/woodruffw/zizmor).


Updates `ruff` from 0.9.10 to 0.11.0
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.9.10...0.11.0)

Updates `zizmor` from 1.4.1 to 1.5.1
- [Release notes](https://github.com/woodruffw/zizmor/releases)
- [Changelog](https://github.com/woodruffw/zizmor/blob/main/docs/release-notes.md)
- [Commits](https://github.com/woodruffw/zizmor/compare/v1.4.1...v1.5.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
- dependency-name: zizmor
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-17 21:31:22 +00:00
Jussi Kukkonen
ea88fdecc3
Merge pull request #2812 from jku/include-version-in-docs 2025-03-14 19:04:03 +02:00