python-tuf

mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00

Author	SHA1	Message	Date
dependabot[bot]	44dbf4bc02	build(deps): bump actions/setup-python from 4.6.1 to 4.7.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.1 to 4.7.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](`bd6b4b6205...61a6322f88`) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-07-14 10:23:57 +00:00
dependabot[bot]	55a17cc3ee	build(deps): bump actions/checkout from 3.5.2 to 3.5.3 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`8e5e7e5ab8...c85c95e3d7`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-06-12 11:00:10 +00:00
dependabot[bot]	4f3ff9fa12	build(deps): bump actions/setup-python from 4.6.0 to 4.6.1 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.0 to 4.6.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](`57ded4d7d5...bd6b4b6205`) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-05-25 10:58:36 +00:00
dependabot[bot]	964c30c2dd	build(deps): bump actions/setup-python from 4.5.0 to 4.6.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.5.0 to 4.6.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](`d27e3f3d7c...57ded4d7d5`) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-04-21 10:58:33 +00:00
dependabot[bot]	308c9874b7	build(deps): bump actions/checkout from 3.5.0 to 3.5.2 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`8f4b7f8486...8e5e7e5ab8`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-04-14 10:58:57 +00:00
dependabot[bot]	f86f656d3c	build(deps): bump actions/checkout from 3.4.0 to 3.5.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`24cb908017...8f4b7f8486`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-28 07:44:51 +00:00
dependabot[bot]	a673ac3df5	build(deps): bump actions/checkout from 3.3.0 to 3.4.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`ac59398561...24cb908017`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-20 08:21:35 +00:00
dependabot[bot]	4c3df14a50	build(deps): bump actions/setup-python from 4.4.0 to 4.5.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.4.0 to 4.5.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](`5ccb29d877...d27e3f3d7c`) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-01-13 10:50:28 +00:00
dependabot[bot]	bfbfb55444	build(deps): bump actions/checkout from 3.2.0 to 3.3.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`755da8c3cf...ac59398561`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-01-13 10:32:56 +00:00
dependabot[bot]	681c134e09	build(deps): bump actions/setup-python from 4.3.1 to 4.4.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.3.1 to 4.4.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](`2c3dd9e7e2...5ccb29d877`) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-23 10:22:10 +00:00
dependabot[bot]	98991d8f50	build(deps): bump actions/checkout from 3.1.0 to 3.2.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`93ea575cb5...755da8c3cf`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-13 10:04:50 +00:00
dependabot[bot]	205769d9bf	build(deps): bump actions/setup-python from 4.3.0 to 4.3.1 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.3.0 to 4.3.1. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](`13ae5bb136...2c3dd9e7e2`) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-09 17:50:35 +00:00
Jussi Kukkonen	b6c3b66ca6	build: Change build dependency pinning strategy * don't autoupgrade pip: let's consider pip to be part of platform? * pin build and tox in new requirements-build.txt: this mostly prevents tox from going to 4.x before we're ready * use requirements-build.txt as constraint when installing tox or build during CI & CD * use requirements-build.txt in requiremenets-dev.txt Note that coveralls is not pinned, not sure if it should be. Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2022-12-09 18:10:03 +02:00
Jussi Kukkonen	53521bfda0	workflows: Set top-level permissions This changes very little but it does mean any jobs added in future have to be explicit about the permissions they need. This also makes OSSF scorecard happier. Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2022-10-30 12:56:22 +02:00
Miles Liu	0a79245c43	ci: migrate deprecating set-output commands Signed-off-by: Miles Liu <miles@bung.cc>	2022-10-24 15:46:44 +08:00
dependabot[bot]	76c0d6cec0	build(deps): bump actions/setup-python from 4.2.0 to 4.3.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.2.0 to 4.3.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](`b55428b188...13ae5bb136`) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-10-11 10:29:56 +00:00
dependabot[bot]	9907d4d38a	build(deps): bump actions/checkout from 3.0.2 to 3.1.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`2541b1294d...93ea575cb5`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-10-04 10:45:28 +00:00
Lukas Puehringer	b83c738373	chore: fix error in spec version check workflow Use `--upgrade` option to upgrade pip with pip in workflow, instead of non-existing `-u` option (-U would also be possible). Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>	2022-08-30 14:19:12 +02:00
Lukas Puehringer	7baf1d3376	chore: misc setup-python changes in spec check job 1. update action/setup-python to latest version 2. pin major version to be used to 3.x 3. upgrade pip before using it 1 and 2 were suggested in #2089 Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>	2022-08-30 09:44:19 +02:00
Radoslav Dimitrov	53f1611b74	chore: limit the permissions for the job calling the version check workflow Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>	2022-08-30 09:37:01 +02:00
Radoslav Dimitrov	0e6b928d9a	chore: update the workflow responsible for notifying of new TUF spec release Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>	2022-08-30 09:36:59 +02:00

21 commits