dependabot[bot]
ab6dbf790b
build(deps): bump actions/setup-python in the action-dependencies group
...
Bumps the action-dependencies group with 1 update: [actions/setup-python](https://github.com/actions/setup-python ).
Updates `actions/setup-python` from 5.1.0 to 5.1.1
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](82c7e631bb...39cd14951b
2024-07-15 21:42:17 +00:00
Jussi Kukkonen
981e678bd9
Merge pull request #2671 from jku/tweak-workflow-name
...
workflows: Change conformance workflow name
2024-07-11 18:48:51 +03:00
Jussi Kukkonen
40f72b1f14
workflows: Change conformance workflow name
...
Otherwise you can't tell them apart in the UI...
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-11 18:41:32 +03:00
Jussi Kukkonen
cb550d29ef
Merge pull request #2670 from jku/add-conformance-workflow
...
Add a conformance test workflow
2024-07-11 18:39:11 +03:00
Jussi Kukkonen
b14452dac6
workflows: Tweak conformance step name
...
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-11 18:26:58 +03:00
Jussi Kukkonen
0b85ed570d
Add a conformance test workflow
...
* The conformance test suite is likely to still change quite a bit so
the workflow is not enabled on PRs yet
* The actual conformance client is copied from the tuf-conformance project
* This is mostly a test to see how things should work out, and a
demonstration of how the tuf-conformance project should be used
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-10 16:15:36 +03:00
Jussi Kukkonen
3947033974
Merge pull request #2665 from harshitasao/scorecard-badge-link
...
changed the scorecard badge link to the standard format
2024-07-09 17:15:39 +03:00
Jussi Kukkonen
cde61e82c5
README: Fix scorecard image url as well
...
scorecard.dev is the "correct" domain.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-09 09:27:25 +03:00
dependabot[bot]
970dd075f1
build(deps): bump the action-dependencies group with 2 updates ( #2666 )
...
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: action-dependencies
- dependency-name: actions/download-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: action-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 09:21:13 +03:00
dependabot[bot]
3f9bcd2ac9
build(deps): bump the test-and-lint-dependencies group across 1 directory with 2 updates ( #2667 )
...
Bumps the test-and-lint-dependencies group with 2 updates in the / directory: [ruff](https://github.com/astral-sh/ruff ) and [mypy](https://github.com/python/mypy ).
Updates `ruff` from 0.4.10 to 0.5.1
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.10...0.5.1 )
Updates `mypy` from 1.10.0 to 1.10.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md )
- [Commits](https://github.com/python/mypy/compare/v1.10.0...v1.10.1 )
---
updated-dependencies:
- dependency-name: ruff
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: test-and-lint-dependencies
- dependency-name: mypy
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 09:20:23 +03:00
dependabot[bot]
74667373aa
build(deps): bump certifi in the dependencies group ( #2668 )
...
Bumps the dependencies group with 1 update: [certifi](https://github.com/certifi/python-certifi ).
Updates `certifi` from 2024.6.2 to 2024.7.4
- [Commits](https://github.com/certifi/python-certifi/compare/2024.06.02...2024.07.04 )
---
updated-dependencies:
- dependency-name: certifi
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 09:16:12 +03:00
harshitasao
621ec86954
changed the scorecard badge link to the standard format
...
Signed-off-by: harshitasao <harshitasao@gmail.com>
2024-07-05 02:02:11 +05:30
dependabot[bot]
aa2b7547d6
build(deps): bump the test-and-lint-dependencies group with 2 updates ( #2663 )
...
Bumps the test-and-lint-dependencies group with 2 updates: [coverage](https://github.com/nedbat/coveragepy ) and [ruff](https://github.com/astral-sh/ruff ).
Updates `coverage` from 7.5.3 to 7.5.4
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.5.3...7.5.4 )
Updates `ruff` from 0.4.9 to 0.4.10
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.9...v0.4.10 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
- dependency-name: ruff
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-25 09:40:26 +03:00
dependabot[bot]
e84be5e138
build(deps): bump hatchling in the build-and-release-dependencies group ( #2662 )
...
Bumps the build-and-release-dependencies group with 1 update: [hatchling](https://github.com/pypa/hatch ).
Updates `hatchling` from 1.24.2 to 1.25.0
- [Release notes](https://github.com/pypa/hatch/releases )
- [Commits](https://github.com/pypa/hatch/compare/hatchling-v1.24.2...hatchling-v1.25.0 )
---
updated-dependencies:
- dependency-name: hatchling
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: build-and-release-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-25 09:38:50 +03:00
dependabot[bot]
74f0947aa2
build(deps): bump ruff in the test-and-lint-dependencies group ( #2658 )
...
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff ).
Updates `ruff` from 0.4.8 to 0.4.9
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.8...v0.4.9 )
---
updated-dependencies:
- dependency-name: ruff
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-18 10:57:08 +03:00
dependabot[bot]
4f1012aeff
build(deps): bump urllib3 from 2.2.1 to 2.2.2 in the dependencies group ( #2659 )
...
Bumps the dependencies group with 1 update: [urllib3](https://github.com/urllib3/urllib3 ).
Updates `urllib3` from 2.2.1 to 2.2.2
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/2.2.1...2.2.2 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-18 10:56:41 +03:00
dependabot[bot]
31e8eeb3f6
build(deps): bump the action-dependencies group with 2 updates ( #2660 )
...
Bumps the action-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ).
Updates `actions/checkout` from 4.1.6 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](81e9d935c8...ec4db0b4dd
2024-06-18 10:56:02 +03:00
Lukas Pühringer
20840450ef
Merge pull request #2656 from theupdateframework/dependabot/pip/test-and-lint-dependencies-4921451a6f
...
build(deps): bump ruff from 0.4.7 to 0.4.8 in the test-and-lint-dependencies group
2024-06-17 11:27:18 +02:00
dependabot[bot]
ad87322b6f
build(deps): bump the dependencies group with 2 updates ( #2657 )
...
Bumps the dependencies group with 2 updates: [cryptography](https://github.com/pyca/cryptography ) and [securesystemslib[crypto,pynacl]](https://github.com/secure-systems-lab/securesystemslib ).
Updates `cryptography` from 42.0.7 to 42.0.8
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/42.0.7...42.0.8 )
Updates `securesystemslib[crypto,pynacl]` from 1.0.0 to 1.1.0
- [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases )
- [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v1.0.0...v1.1.0 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: securesystemslib[crypto,pynacl]
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-17 11:29:00 +03:00
dependabot[bot]
e109834221
build(deps): bump ruff in the test-and-lint-dependencies group
...
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff ).
Updates `ruff` from 0.4.7 to 0.4.8
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.7...v0.4.8 )
---
updated-dependencies:
- dependency-name: ruff
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-10 21:37:15 +00:00
Kapil Sharma
0ac86c67ad
repository: handle online key changes ( #2650 )
...
* repository: Handle online key change situations in do_snapshot() and do_timestamp():
always create a new version if current version is not correctly signed
* remove expectedFailure marks from the related tests
Signed-off-by: h4l0gen <ks3913688@gmail.com>
Signed-off-by: Kapil Sharma <ks3913688@gmail.com>
2024-06-04 09:56:53 +03:00
Lukas Pühringer
d2afc09dcd
Merge pull request #2652 from theupdateframework/dependabot/pip/test-and-lint-dependencies-1e4dbd611a
...
build(deps): bump the test-and-lint-dependencies group with 2 updates
2024-06-04 08:39:47 +02:00
Kapil Sharma
292fb0f774
Updating Contributing guidelines and copy-pastable code ( #2642 )
...
* Make commands easier to copy
Signed-off-by: h4l0gen <ks3913688@gmail.com>
Signed-off-by: Kapil Sharma <ks3913688@gmail.com>
2024-06-04 09:33:49 +03:00
Jussi Kukkonen
ecf2f08ce1
Merge pull request #2653 from theupdateframework/dependabot/pip/dependencies-3219dbc958
...
build(deps): bump the dependencies group with 2 updates
2024-06-04 09:25:30 +03:00
dependabot[bot]
1b064dd11c
build(deps): bump the dependencies group with 2 updates
...
Bumps the dependencies group with 2 updates: [requests](https://github.com/psf/requests ) and [certifi](https://github.com/certifi/python-certifi ).
Updates `requests` from 2.32.2 to 2.32.3
- [Release notes](https://github.com/psf/requests/releases )
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md )
- [Commits](https://github.com/psf/requests/compare/v2.32.2...v2.32.3 )
Updates `certifi` from 2024.2.2 to 2024.6.2
- [Commits](https://github.com/certifi/python-certifi/compare/2024.02.02...2024.06.02 )
---
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
- dependency-name: certifi
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 21:32:39 +00:00
dependabot[bot]
52625bfe8a
build(deps): bump the test-and-lint-dependencies group with 2 updates
...
Bumps the test-and-lint-dependencies group with 2 updates: [coverage](https://github.com/nedbat/coveragepy ) and [ruff](https://github.com/astral-sh/ruff ).
Updates `coverage` from 7.5.2 to 7.5.3
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.5.2...7.5.3 )
Updates `ruff` from 0.4.5 to 0.4.7
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.5...v0.4.7 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
- dependency-name: ruff
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-03 21:29:20 +00:00
Jussi Kukkonen
bafab1e0b8
Merge pull request #2651 from jku/add-repository-tests
...
tests: Add some initial tests for tuf.repository
2024-06-03 13:11:55 +03:00
Jussi Kukkonen
2b9cc1e462
tests: Add some initial tests for tuf.repository
...
These are pretty basic and do not test much about the content of the
repository... but it does check version numbers (and how many versions
have been published) in a couple of situations.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-06-03 10:12:35 +03:00
Jussi Kukkonen
ac981a6c28
Merge pull request #2647 from h4l0gen/make_variable_publlic
...
made variable public
2024-05-30 11:01:18 +03:00
Jussi Kukkonen
2f80ad5d77
Merge pull request #2648 from h4l0gen/change_path
...
change_target_file_path
2024-05-29 13:28:05 +03:00
Kapil Sharma
adc0a26020
Update basic_repo.py
...
Signed-off-by: Kapil Sharma <ks3913688@gmail.com>
2024-05-29 13:03:25 +05:30
h4l0gen
033a231c92
change_target_file_path
...
Signed-off-by: h4l0gen <ks3913688@gmail.com>
2024-05-29 10:48:08 +05:30
Kapil Sharma
83974c7cab
removing linting contraint arise from noqa:SLF001
...
Signed-off-by: Kapil Sharma <ks3913688@gmail.com>
2024-05-28 17:45:12 +05:30
h4l0gen
e63ba54906
made variable public
...
Signed-off-by: h4l0gen <ks3913688@gmail.com>
2024-05-28 17:35:14 +05:30
Jussi Kukkonen
c81eefd9e3
Merge pull request #2645 from theupdateframework/dependabot/pip/test-and-lint-dependencies-92388a58c4
...
build(deps): bump the test-and-lint-dependencies group with 2 updates
2024-05-28 09:21:24 +03:00
Jussi Kukkonen
ecc0996e19
Merge pull request #2646 from theupdateframework/dependabot/pip/dependencies-775dd686c6
...
build(deps): bump requests from 2.32.0 to 2.32.2 in the dependencies group
2024-05-28 09:20:57 +03:00
dependabot[bot]
41b13fd8f4
build(deps): bump requests in the dependencies group
...
Bumps the dependencies group with 1 update: [requests](https://github.com/psf/requests ).
Updates `requests` from 2.32.0 to 2.32.2
- [Release notes](https://github.com/psf/requests/releases )
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md )
- [Commits](https://github.com/psf/requests/compare/v2.32.0...v2.32.2 )
---
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-27 22:06:50 +00:00
dependabot[bot]
23b9e65bef
build(deps): bump the test-and-lint-dependencies group with 2 updates
...
Bumps the test-and-lint-dependencies group with 2 updates: [coverage](https://github.com/nedbat/coveragepy ) and [ruff](https://github.com/astral-sh/ruff ).
Updates `coverage` from 7.5.1 to 7.5.2
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.5.1...7.5.2 )
Updates `ruff` from 0.4.4 to 0.4.5
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md )
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.4...v0.4.5 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
- dependency-name: ruff
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: test-and-lint-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-27 22:05:31 +00:00
Justin Cappos
c26b9e9f36
Merge pull request #2641 from h4l0gen/add_contributing.md_link
...
adding `Instructions for contributors` link on README.md
2024-05-24 08:26:02 -04:00
h4l0gen
b196b4b0ec
adding contributing.md on README.md
...
Signed-off-by: h4l0gen <ks3913688@gmail.com>
2024-05-24 17:43:56 +05:30
Jussi Kukkonen
68e6435661
Merge pull request #2636 from h4l0gen/fix_url
...
fixing url link
2024-05-22 09:10:32 +03:00
h4l0gen
35a29bbf1d
fix url link
...
Signed-off-by: h4l0gen <ks3913688@gmail.com>
2024-05-21 17:09:14 +05:30
Jussi Kukkonen
668f9ba20e
Merge pull request #2632 from h4l0gen/change_user_agent
...
changing user-agent value
2024-05-21 10:15:34 +03:00
Jussi Kukkonen
bcdf1c967f
Merge pull request #2633 from theupdateframework/dependabot/github_actions/action-dependencies-edf2abb101
...
build(deps): bump actions/checkout from 4.1.5 to 4.1.6 in the action-dependencies group
2024-05-21 10:00:49 +03:00
Jussi Kukkonen
8e7ebb8d69
Merge pull request #2634 from theupdateframework/dependabot/pip/dependencies-aed9f6bbcd
...
build(deps): bump requests from 2.31.0 to 2.32.0 in the dependencies group
2024-05-21 10:00:22 +03:00
dependabot[bot]
18d036cf3d
---
...
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-20 21:51:36 +00:00
dependabot[bot]
c5c81dd885
---
...
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: action-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-20 21:18:03 +00:00
h4l0gen
d2f9f6dee6
changing useragent
...
Signed-off-by: h4l0gen <ks3913688@gmail.com>
2024-05-20 21:55:02 +05:30
Lukas Pühringer
1b0c9f7d44
Merge pull request #2630 from lukpueh/release-v5
...
Rlease v5.0.0
2024-05-14 10:42:15 +02:00
Lukas Pühringer
d3d2ac187a
Update docs/CHANGELOG.md
...
Co-authored-by: Jussi Kukkonen <jku@goto.fi>
Signed-off-by: Lukas Pühringer <luk.puehringer@gmail.com>
2024-05-14 10:38:38 +02:00
