dependabot[bot]
97eebaf049
build(deps): bump requests from 2.29.0 to 2.30.0
...
Bumps [requests](https://github.com/psf/requests ) from 2.29.0 to 2.30.0.
- [Release notes](https://github.com/psf/requests/releases )
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md )
- [Commits](https://github.com/psf/requests/compare/v2.29.0...v2.30.0 )
---
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-05 10:57:06 +00:00
Lukas Pühringer
c56def7c18
Merge pull request #2379 from jku/rtd-workaround
...
readthedocs: Specify build image
2023-05-05 10:48:45 +02:00
Jussi Kukkonen
93d1d29d48
readthedocs: Specify build image
...
RTD docs build is failing because the default image has openssl that is
incompatible with current urllib3: Specify a newer image.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2023-05-05 10:55:21 +03:00
Jussi Kukkonen
6433355f42
Merge pull request #2375 from theupdateframework/dependabot/pip/coverage-7.2.5
...
build(deps): bump coverage from 7.2.4 to 7.2.5
2023-05-02 10:49:09 +03:00
Lukas Pühringer
979d69c3b2
Merge pull request #2367 from theupdateframework/dependabot/pip/requests-2.29.0
...
build(deps): bump requests from 2.28.2 to 2.29.0
2023-05-01 14:43:54 +02:00
dependabot[bot]
078f996781
build(deps): bump requests from 2.28.2 to 2.29.0
...
Bumps [requests](https://github.com/psf/requests ) from 2.28.2 to 2.29.0.
- [Release notes](https://github.com/psf/requests/releases )
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md )
- [Commits](https://github.com/psf/requests/compare/v2.28.2...v2.29.0 )
---
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-01 11:14:47 +00:00
dependabot[bot]
1de47255c5
build(deps): bump coverage from 7.2.4 to 7.2.5
...
Bumps [coverage](https://github.com/nedbat/coveragepy ) from 7.2.4 to 7.2.5.
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.2.4...7.2.5 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-05-01 10:59:07 +00:00
Lukas Pühringer
3630dac49b
Merge pull request #2373 from theupdateframework/dependabot/github_actions/github/codeql-action-2.3.2
...
build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
2023-04-28 15:15:18 +02:00
Lukas Pühringer
00543b0aef
Merge pull request #2372 from theupdateframework/dependabot/pip/coverage-7.2.4
...
build(deps): bump coverage from 7.2.3 to 7.2.4
2023-04-28 15:14:08 +02:00
dependabot[bot]
ac419451cc
build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...f3feb00acb )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-28 10:58:26 +00:00
dependabot[bot]
e544a4baf4
build(deps): bump coverage from 7.2.3 to 7.2.4
...
Bumps [coverage](https://github.com/nedbat/coveragepy ) from 7.2.3 to 7.2.4.
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.2.3...7.2.4 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-28 10:57:31 +00:00
Jussi Kukkonen
53c280680b
release: Use PyPI Trusted Publishing
...
Instead of using the secret stored in environment secrets, allow the
publish action to use the OIDC identity to authenticate to pypi.org.
This repository/workflow/environment has been marked as a "Trusted
Publisher" in pypi.org: this means PyPI should give the publish action a
short lived token to use for publishing.
This enables #2370 : but the secret should still be removed before
closing the issue (maybe after one successful release with Trusted
Publishing).
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2023-04-27 15:42:55 +03:00
Lukas Pühringer
03a26b7b7c
Merge pull request #2366 from theupdateframework/dependabot/pip/pylint-2.17.3
...
build(deps): bump pylint from 2.17.2 to 2.17.3
2023-04-26 09:45:39 +02:00
dependabot[bot]
d9172c050d
build(deps): bump pylint from 2.17.2 to 2.17.3
...
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.17.2 to 2.17.3.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.17.2...v2.17.3 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-25 10:57:16 +00:00
Jussi Kukkonen
91a08e32d3
Merge pull request #2365 from theupdateframework/dependabot/github_actions/github/codeql-action-2.3.0
...
build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
2023-04-25 10:48:13 +03:00
dependabot[bot]
28ea174245
build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-24 11:00:22 +00:00
Lukas Pühringer
600d16b29a
Merge pull request #2364 from theupdateframework/dependabot/github_actions/actions/setup-python-4.6.0
...
build(deps): bump actions/setup-python from 4.5.0 to 4.6.0
2023-04-24 09:09:32 +02:00
Lukas Pühringer
5d9937aac8
Merge pull request #2362 from theupdateframework/dependabot/pip/securesystemslib-cryptopynacl--0.28.0
...
build(deps): bump securesystemslib[crypto,pynacl] from 0.27.0 to 0.28.0
2023-04-24 09:04:00 +02:00
dependabot[bot]
964c30c2dd
build(deps): bump actions/setup-python from 4.5.0 to 4.6.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d27e3f3d7c...57ded4d7d5 )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-21 10:58:33 +00:00
dependabot[bot]
78db3f27a0
build(deps): bump securesystemslib[crypto,pynacl] from 0.27.0 to 0.28.0
...
Bumps [securesystemslib[crypto,pynacl]](https://github.com/secure-systems-lab/securesystemslib ) from 0.27.0 to 0.28.0.
- [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases )
- [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v0.27.0...v0.28.0 )
---
updated-dependencies:
- dependency-name: securesystemslib[crypto,pynacl]
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-19 10:57:08 +00:00
Lukas Pühringer
808cf94da5
Merge pull request #2357 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.12
...
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
2023-04-17 13:30:42 +02:00
dependabot[bot]
25cbdcaf32
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d186a2a36c...7df0ce3489 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 11:22:23 +00:00
Lukas Pühringer
25d3151254
Merge pull request #2358 from theupdateframework/dependabot/github_actions/actions/checkout-3.5.2
...
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
2023-04-17 13:21:41 +02:00
Lukas Pühringer
68f4a095cb
Merge pull request #2360 from theupdateframework/dependabot/pip/cryptography-40.0.2
...
build(deps): bump cryptography from 40.0.1 to 40.0.2
2023-04-17 13:21:28 +02:00
dependabot[bot]
f130651d55
build(deps): bump cryptography from 40.0.1 to 40.0.2
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 40.0.1 to 40.0.2.
- [Release notes](https://github.com/pyca/cryptography/releases )
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/40.0.1...40.0.2 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-17 10:57:26 +00:00
dependabot[bot]
308c9874b7
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8f4b7f8486...8e5e7e5ab8 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-14 10:58:57 +00:00
Lukas Pühringer
fe3fa79bf8
Merge pull request #2355 from theupdateframework/dependabot/github_actions/actions/github-script-6.4.1
...
build(deps): bump actions/github-script from 6.4.0 to 6.4.1
2023-04-11 12:53:14 +02:00
Lukas Pühringer
561071888e
Merge pull request #2354 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.11
...
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
2023-04-11 12:53:09 +02:00
Lukas Pühringer
df01f87eba
Merge pull request #2353 from theupdateframework/dependabot/pip/coverage-7.2.3
...
build(deps): bump coverage from 7.2.2 to 7.2.3
2023-04-11 12:52:56 +02:00
Lukas Pühringer
0b3229ce0f
Merge pull request #2352 from theupdateframework/dependabot/pip/mypy-1.2.0
...
build(deps): bump mypy from 1.1.1 to 1.2.0
2023-04-11 12:52:11 +02:00
dependabot[bot]
63da19d127
build(deps): bump actions/github-script from 6.4.0 to 6.4.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](98814c53be...d7906e4ad0 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-07 10:58:44 +00:00
dependabot[bot]
64816c40f8
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...d186a2a36c )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-07 10:58:40 +00:00
dependabot[bot]
86335a7a1d
build(deps): bump coverage from 7.2.2 to 7.2.3
...
Bumps [coverage](https://github.com/nedbat/coveragepy ) from 7.2.2 to 7.2.3.
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.2.2...7.2.3 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-07 10:57:30 +00:00
dependabot[bot]
dc0610b051
build(deps): bump mypy from 1.1.1 to 1.2.0
...
Bumps [mypy](https://github.com/python/mypy ) from 1.1.1 to 1.2.0.
- [Release notes](https://github.com/python/mypy/releases )
- [Commits](https://github.com/python/mypy/compare/v1.1.1...v1.2.0 )
---
updated-dependencies:
- dependency-name: mypy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-07 10:57:19 +00:00
Jussi Kukkonen
16ffdb017a
Merge pull request #2350 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.5
...
build(deps): bump pypa/gh-action-pypi-publish from 1.8.3 to 1.8.5
2023-04-05 10:53:28 +03:00
Jussi Kukkonen
6132be0a86
Merge pull request #2349 from theupdateframework/dependabot/pip/pylint-2.17.2
...
build(deps): bump pylint from 2.17.1 to 2.17.2
2023-04-05 10:07:53 +03:00
dependabot[bot]
b52c7dbcfc
build(deps): bump pypa/gh-action-pypi-publish from 1.8.3 to 1.8.5
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.8.3 to 1.8.5.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](48b317d84d...0bf742be3e )
---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-04 11:00:18 +00:00
dependabot[bot]
d3647a6af1
build(deps): bump pylint from 2.17.1 to 2.17.2
...
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.17.1 to 2.17.2.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.17.1...v2.17.2 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-04-04 10:58:13 +00:00
Jussi Kukkonen
01ca2987ca
Merge pull request #2347 from theupdateframework/dependabot/github_actions/ossf/scorecard-action-2.1.3
...
build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
2023-03-31 09:53:28 +03:00
dependabot[bot]
904f956d4c
build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e38b1902ae...80e868c13c )
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-30 10:58:48 +00:00
Jussi Kukkonen
6a0a12b1f1
Merge pull request #2346 from theupdateframework/dependabot/pip/black-23.3.0
...
build(deps): bump black from 23.1.0 to 23.3.0
2023-03-29 14:04:33 +03:00
dependabot[bot]
dbd2c9b155
build(deps): bump black from 23.1.0 to 23.3.0
...
Bumps [black](https://github.com/psf/black ) from 23.1.0 to 23.3.0.
- [Release notes](https://github.com/psf/black/releases )
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md )
- [Commits](https://github.com/psf/black/compare/23.1.0...23.3.0 )
---
updated-dependencies:
- dependency-name: black
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-29 10:57:39 +00:00
Lukas Pühringer
8ae0a38039
Merge pull request #2338 from jku/hash-prefix
...
Add TargetFile.get_prefixed_paths()
2023-03-29 12:13:04 +02:00
Lukas Pühringer
0dc4ab2687
Merge pull request #2345 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.9
...
build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
2023-03-29 11:51:48 +02:00
Lukas Pühringer
c005d285a5
Merge pull request #2339 from theupdateframework/dependabot/pip/pylint-2.17.1
...
build(deps): bump pylint from 2.17.0 to 2.17.1
2023-03-29 11:40:18 +02:00
dependabot[bot]
d68cd71fcd
build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](67a35a0858...04df1262e6 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-28 10:59:06 +00:00
Lukas Pühringer
1372630fdb
Merge pull request #2343 from theupdateframework/dependabot/github_actions/actions/checkout-3.5.0
...
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
2023-03-28 11:05:28 +02:00
dependabot[bot]
f86f656d3c
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](24cb908017...8f4b7f8486 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-03-28 07:44:51 +00:00
Lukas Pühringer
d55b5df4e9
Merge pull request #2341 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.8
...
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
2023-03-28 09:44:11 +02:00
Lukas Pühringer
cc6a4efd8c
Merge pull request #2340 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.3
...
build(deps): bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3
2023-03-28 09:43:43 +02:00