Commit graph

6293 commits

Author SHA1 Message Date
dependabot[bot]
bb127ec6ca
build(deps): bump theupdateframework/tuf-conformance (#2727)
Bumps the action-dependencies group with 1 update: [theupdateframework/tuf-conformance](https://github.com/theupdateframework/tuf-conformance).


Updates `theupdateframework/tuf-conformance` from 2.0.0 to 2.1.0
- [Release notes](https://github.com/theupdateframework/tuf-conformance/releases)
- [Commits](f4acd16d0e...ad0e8bef1a)

---
updated-dependencies:
- dependency-name: theupdateframework/tuf-conformance
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-22 10:30:01 +03:00
Kairo Araujo
4abccdcf2e
Merge pull request #2723 from jku/badges-badges-badges
README: Update badges
2024-10-17 19:30:30 +02:00
Jussi Kukkonen
e30838428e README: Update badges
* Add a badge for conformance
* Shorten the name of the workflow (since that ends up in the badge)
* Tweak badge alt names to be more useful

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-10-17 16:42:27 +03:00
Jussi Kukkonen
2b4aa2e3c9
Merge pull request #2717 from theupdateframework/dependabot/github_actions/action-dependencies-a1cff6d793
build(deps): bump actions/upload-artifact from 4.4.1 to 4.4.3 in the action-dependencies group
2024-10-15 10:13:47 +03:00
Jussi Kukkonen
f9ac1f3ad1
Merge pull request #2720 from theupdateframework/dependabot/pip/dependencies-6725b0a49f
build(deps): bump charset-normalizer from 3.3.2 to 3.4.0 in the dependencies group
2024-10-15 10:09:47 +03:00
dependabot[bot]
8f04c43887
build(deps): bump charset-normalizer in the dependencies group
Bumps the dependencies group with 1 update: [charset-normalizer](https://github.com/Ousret/charset_normalizer).


Updates `charset-normalizer` from 3.3.2 to 3.4.0
- [Release notes](https://github.com/Ousret/charset_normalizer/releases)
- [Changelog](https://github.com/jawah/charset_normalizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Ousret/charset_normalizer/compare/3.3.2...3.4.0)

---
updated-dependencies:
- dependency-name: charset-normalizer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-14 21:27:33 +00:00
dependabot[bot]
aa1fb97722
build(deps): bump actions/upload-artifact
Bumps the action-dependencies group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/upload-artifact` from 4.4.1 to 4.4.3
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](604373da63...b4b15b8c7c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-14 21:03:11 +00:00
Jussi Kukkonen
cf05c11fcf
Merge pull request #2716 from mgorny/freezegun
tests: Use freezegun for time mocking to fix pypy3 compatibility
2024-10-10 10:11:25 +03:00
Michał Górny
ee27bcccc1 tests: Use freezegun for time mocking to fix pypy3 compatibility
Use freezegun for time mocking instead of manually patching the datetime
module, as it provides a more streamlined solution that works both
on CPython and on PyPy.  Unfortunately, due to differences between
the C datetime extension used by CPython, and the pure Python version
of datetime (used by PyPy, and as a fallback on CPython), there does not
seem to be a trivial way to mock time that would work with both
versions.

Fixes #2708

Signed-off-by: Michał Górny <mgorny@gentoo.org>
2024-10-09 14:01:09 +02:00
Jussi Kukkonen
014f6f0cfb
Merge pull request #2714 from theupdateframework/dependabot/pip/test-and-lint-dependencies-f3038cc42a
build(deps): bump ruff from 0.6.8 to 0.6.9 in the test-and-lint-dependencies group
2024-10-08 10:16:36 +03:00
Jussi Kukkonen
1be42e3d17
Merge pull request #2715 from theupdateframework/dependabot/github_actions/action-dependencies-3c42254ab4
build(deps): bump the action-dependencies group with 3 updates
2024-10-08 10:16:13 +03:00
dependabot[bot]
192a349c1b
build(deps): bump the action-dependencies group with 3 updates
Bumps the action-dependencies group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish).


Updates `actions/checkout` from 4.2.0 to 4.2.1
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](d632683dd7...eef61447b9)

Updates `actions/upload-artifact` from 4.4.0 to 4.4.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](50769540e7...604373da63)

Updates `pypa/gh-action-pypi-publish` from 1.10.2 to 1.10.3
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](897895f1e1...f7600683ef)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-07 21:33:01 +00:00
dependabot[bot]
854d33f4bf
build(deps): bump ruff in the test-and-lint-dependencies group
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.6.8 to 0.6.9
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.8...0.6.9)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-07 21:02:46 +00:00
Jussi Kukkonen
dd4caf439c
Merge pull request #2712 from jku/prepare-v5.1
Prepare v5.1.0 release
2024-10-07 14:21:41 +03:00
Jussi Kukkonen
72d0cea91b Prepare v5.1.0 release
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-10-07 10:12:15 +03:00
dependabot[bot]
4fbcfa0e2c
build(deps): bump theupdateframework/tuf-conformance (#2711)
Bumps the action-dependencies group with 1 update: [theupdateframework/tuf-conformance](https://github.com/theupdateframework/tuf-conformance).


Updates `theupdateframework/tuf-conformance` from 1.1.0 to 2.0.0
- [Release notes](https://github.com/theupdateframework/tuf-conformance/releases)
- [Commits](d8ab40ba95...f4acd16d0e)

---
updated-dependencies:
- dependency-name: theupdateframework/tuf-conformance
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-01 11:06:57 +03:00
dependabot[bot]
22b82d584f
build(deps): bump ruff in the test-and-lint-dependencies group (#2709)
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.6.7 to 0.6.8
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.7...0.6.8)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-01 11:00:50 +03:00
dependabot[bot]
4ec49e23f7
build(deps): bump actions/checkout in the action-dependencies group (#2710)
Bumps the action-dependencies group with 1 update: [actions/checkout](https://github.com/actions/checkout).


Updates `actions/checkout` from 4.1.7 to 4.2.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](692973e3d9...d632683dd7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-10-01 11:00:12 +03:00
dependabot[bot]
d77ab75a4e
build(deps): bump pypa/gh-action-pypi-publish (#2706)
Bumps the action-dependencies group with 1 update: [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish).


Updates `pypa/gh-action-pypi-publish` from 1.10.1 to 1.10.2
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](0ab0b79471...897895f1e1)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-30 16:24:52 +03:00
dependabot[bot]
42240dc862
build(deps): bump ruff in the test-and-lint-dependencies group (#2705)
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.6.5 to 0.6.7
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.5...0.6.7)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-24 10:14:50 +03:00
Jussi Kukkonen
9f7db146f6
Merge pull request #2707 from kairoaraujo/add-kairoaraujo-maintainers
docs: include kairoaraujo info in MAINTAINERS.txt
2024-09-24 10:06:13 +03:00
Kairo de Araujo
107cd2a258 docs: include kairoaraujo info in MAINTAINERS.txt
Add Kairo de Araujo information to the docs/MAINTAINERS.txt

Including my PGP fingerprint for future signatures.

Signed-off-by: Kairo de Araujo <kairo@dearaujo.nl>
2024-09-24 08:15:39 +02:00
dependabot[bot]
5971b09ac2
build(deps): bump theupdateframework/tuf-conformance (#2704)
Bumps the action-dependencies group with 1 update: [theupdateframework/tuf-conformance](https://github.com/theupdateframework/tuf-conformance).


Updates `theupdateframework/tuf-conformance` from 1.0.0 to 1.1.0
- [Release notes](https://github.com/theupdateframework/tuf-conformance/releases)
- [Commits](5ae68349ec...d8ab40ba95)

---
updated-dependencies:
- dependency-name: theupdateframework/tuf-conformance
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-17 13:04:14 +03:00
Jussi Kukkonen
8b2578274e
Merge pull request #2684 from jku/update-tuf-conformance-to-1.0
Update tuf conformance to 1.0
2024-09-17 12:46:08 +03:00
dependabot[bot]
8b533827d0
build(deps): bump ruff in the test-and-lint-dependencies group (#2702)
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.6.4 to 0.6.5
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.4...0.6.5)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-17 10:36:30 +03:00
dependabot[bot]
e47c9cabd1
build(deps): bump the dependencies group with 2 updates (#2703)
Bumps the dependencies group with 2 updates: [idna](https://github.com/kjd/idna) and [urllib3](https://github.com/urllib3/urllib3).


Updates `idna` from 3.8 to 3.10
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](https://github.com/kjd/idna/compare/v3.8...v3.10)

Updates `urllib3` from 2.2.2 to 2.2.3
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](https://github.com/urllib3/urllib3/compare/2.2.2...2.2.3)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: urllib3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-17 10:27:13 +03:00
Jussi Kukkonen
34744cd753
docs: Add CODEOWNERS file (#2701) 2024-09-16 16:00:16 +03:00
Jussi Kukkonen
9b2a931c78 Update permissions
This does not really change the default much but it's a decent practice
and makes the SSF Scorecard look better.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-09-12 12:58:12 +03:00
dependabot[bot]
26bcacf1d7
build(deps): bump pypa/gh-action-pypi-publish (#2696)
Bumps the action-dependencies group with 1 update: [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish).


Updates `pypa/gh-action-pypi-publish` from 1.10.0 to 1.10.1
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](8a08d61689...0ab0b79471)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-10 10:12:31 +03:00
dependabot[bot]
91e37e6622
build(deps): bump build in the build-and-release-dependencies group (#2697)
Bumps the build-and-release-dependencies group with 1 update: [build](https://github.com/pypa/build).


Updates `build` from 1.2.1 to 1.2.2
- [Release notes](https://github.com/pypa/build/releases)
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/build/compare/1.2.1...1.2.2)

---
updated-dependencies:
- dependency-name: build
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-and-release-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-10 10:12:05 +03:00
dependabot[bot]
6fc5751fbb
build(deps): bump ruff in the test-and-lint-dependencies group (#2698)
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.6.3 to 0.6.4
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.3...0.6.4)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-10 10:11:41 +03:00
dependabot[bot]
d35cce1445
build(deps): bump the dependencies group with 2 updates (#2699)
Bumps the dependencies group with 2 updates: [cffi](https://github.com/python-cffi/cffi) and [cryptography](https://github.com/pyca/cryptography).


Updates `cffi` from 1.17.0 to 1.17.1
- [Release notes](https://github.com/python-cffi/cffi/releases)
- [Commits](https://github.com/python-cffi/cffi/compare/v1.17.0...v1.17.1)

Updates `cryptography` from 43.0.0 to 43.0.1
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/43.0.0...43.0.1)

---
updated-dependencies:
- dependency-name: cffi
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-10 10:11:04 +03:00
dependabot[bot]
1b15b4944a
build(deps): bump certifi in the dependencies group (#2695)
Bumps the dependencies group with 1 update: [certifi](https://github.com/certifi/python-certifi).


Updates `certifi` from 2024.7.4 to 2024.8.30
- [Commits](https://github.com/certifi/python-certifi/compare/2024.07.04...2024.08.30)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-03 09:21:28 +03:00
dependabot[bot]
edb12d0e3b
build(deps): bump ruff in the test-and-lint-dependencies group (#2694)
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.6.2 to 0.6.3
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.2...0.6.3)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-03 09:20:33 +03:00
Jussi Kukkonen
9bb0be913a
Merge pull request #2693 from theupdateframework/dependabot/github_actions/action-dependencies-1916bf8524
build(deps): bump the action-dependencies group with 3 updates
2024-09-03 09:18:56 +03:00
dependabot[bot]
dc004e7d2b
build(deps): bump the action-dependencies group with 3 updates
Bumps the action-dependencies group with 3 updates: [actions/setup-python](https://github.com/actions/setup-python), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish).


Updates `actions/setup-python` from 5.1.1 to 5.2.0
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](39cd14951b...f677139bbe)

Updates `actions/upload-artifact` from 4.3.6 to 4.4.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](834a144ee9...50769540e7)

Updates `pypa/gh-action-pypi-publish` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](ec4db0b4dd...8a08d61689)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-02 21:33:56 +00:00
Jussi Kukkonen
4323460a96
Merge pull request #2691 from theupdateframework/dependabot/pip/test-and-lint-dependencies-864197ade3
build(deps): bump the test-and-lint-dependencies group with 2 updates
2024-08-27 09:48:10 +03:00
Jussi Kukkonen
3a14fe0d0f
Merge pull request #2692 from theupdateframework/dependabot/pip/dependencies-0a84ad121f
build(deps): bump idna from 3.7 to 3.8 in the dependencies group
2024-08-27 09:47:51 +03:00
dependabot[bot]
9cec5da218
build(deps): bump idna from 3.7 to 3.8 in the dependencies group
Bumps the dependencies group with 1 update: [idna](https://github.com/kjd/idna).


Updates `idna` from 3.7 to 3.8
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](https://github.com/kjd/idna/compare/v3.7...v3.8)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 21:15:56 +00:00
dependabot[bot]
bc3a51ae74
build(deps): bump the test-and-lint-dependencies group with 2 updates
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff) and [mypy](https://github.com/python/mypy).


Updates `ruff` from 0.6.1 to 0.6.2
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.1...0.6.2)

Updates `mypy` from 1.11.1 to 1.11.2
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.11.1...v1.11.2)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 21:14:50 +00:00
Jussi Kukkonen
92f8e16e98
Merge pull request #2690 from theupdateframework/dependabot/pip/test-and-lint-dependencies-37a0b79e71
build(deps): bump ruff from 0.5.7 to 0.6.1 in the test-and-lint-dependencies group
2024-08-22 15:31:16 +03:00
dependabot[bot]
7353d53ce8
build(deps): bump ruff in the test-and-lint-dependencies group
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.5.7 to 0.6.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.7...0.6.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-19 21:39:41 +00:00
Jussi Kukkonen
cc153d71dc
Merge pull request #2685 from theupdateframework/dependabot/pip/test-and-lint-dependencies-355f7870a1
build(deps): bump ruff from 0.5.6 to 0.5.7 in the test-and-lint-dependencies group
2024-08-13 10:33:52 +03:00
Jussi Kukkonen
07ae055bca
Merge pull request #2686 from theupdateframework/dependabot/pip/dependencies-3dee5f3149
build(deps): bump cffi from 1.16.0 to 1.17.0 in the dependencies group
2024-08-13 10:33:21 +03:00
Jussi Kukkonen
f013ea37f9
Merge pull request #2687 from theupdateframework/dependabot/github_actions/action-dependencies-720c8da8de
build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 in the action-dependencies group
2024-08-13 10:32:56 +03:00
dependabot[bot]
7a47f23872
build(deps): bump actions/upload-artifact
Bumps the action-dependencies group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/upload-artifact` from 4.3.5 to 4.3.6
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](89ef406dd8...834a144ee9)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 21:52:40 +00:00
dependabot[bot]
0caadbce1d
build(deps): bump cffi from 1.16.0 to 1.17.0 in the dependencies group
Bumps the dependencies group with 1 update: [cffi](https://github.com/python-cffi/cffi).


Updates `cffi` from 1.16.0 to 1.17.0
- [Release notes](https://github.com/python-cffi/cffi/releases)
- [Commits](https://github.com/python-cffi/cffi/compare/v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: cffi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 21:18:30 +00:00
dependabot[bot]
2a8d68bb27
build(deps): bump ruff in the test-and-lint-dependencies group
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.5.6 to 0.5.7
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.6...0.5.7)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 21:17:21 +00:00
Jussi Kukkonen
3a429984bd workflows: Enable tuf-conformance for PRs
tuf-conformance workflow now pins a release tag so we can enable this
on PRs.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-08-08 15:50:14 +03:00
Jussi Kukkonen
ce560215bf Update tuf-conformance action to 1.0
Also update the client-under-test script
(this is a direct copy from tuf-conformance).

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-08-08 15:48:13 +03:00