Commit graph

6260 commits

Author SHA1 Message Date
dependabot[bot]
d35cce1445
build(deps): bump the dependencies group with 2 updates (#2699)
Bumps the dependencies group with 2 updates: [cffi](https://github.com/python-cffi/cffi) and [cryptography](https://github.com/pyca/cryptography).


Updates `cffi` from 1.17.0 to 1.17.1
- [Release notes](https://github.com/python-cffi/cffi/releases)
- [Commits](https://github.com/python-cffi/cffi/compare/v1.17.0...v1.17.1)

Updates `cryptography` from 43.0.0 to 43.0.1
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/43.0.0...43.0.1)

---
updated-dependencies:
- dependency-name: cffi
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-10 10:11:04 +03:00
dependabot[bot]
1b15b4944a
build(deps): bump certifi in the dependencies group (#2695)
Bumps the dependencies group with 1 update: [certifi](https://github.com/certifi/python-certifi).


Updates `certifi` from 2024.7.4 to 2024.8.30
- [Commits](https://github.com/certifi/python-certifi/compare/2024.07.04...2024.08.30)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-03 09:21:28 +03:00
dependabot[bot]
edb12d0e3b
build(deps): bump ruff in the test-and-lint-dependencies group (#2694)
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.6.2 to 0.6.3
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.2...0.6.3)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-03 09:20:33 +03:00
Jussi Kukkonen
9bb0be913a
Merge pull request #2693 from theupdateframework/dependabot/github_actions/action-dependencies-1916bf8524
build(deps): bump the action-dependencies group with 3 updates
2024-09-03 09:18:56 +03:00
dependabot[bot]
dc004e7d2b
build(deps): bump the action-dependencies group with 3 updates
Bumps the action-dependencies group with 3 updates: [actions/setup-python](https://github.com/actions/setup-python), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish).


Updates `actions/setup-python` from 5.1.1 to 5.2.0
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](39cd14951b...f677139bbe)

Updates `actions/upload-artifact` from 4.3.6 to 4.4.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](834a144ee9...50769540e7)

Updates `pypa/gh-action-pypi-publish` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](ec4db0b4dd...8a08d61689)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-02 21:33:56 +00:00
Jussi Kukkonen
4323460a96
Merge pull request #2691 from theupdateframework/dependabot/pip/test-and-lint-dependencies-864197ade3
build(deps): bump the test-and-lint-dependencies group with 2 updates
2024-08-27 09:48:10 +03:00
Jussi Kukkonen
3a14fe0d0f
Merge pull request #2692 from theupdateframework/dependabot/pip/dependencies-0a84ad121f
build(deps): bump idna from 3.7 to 3.8 in the dependencies group
2024-08-27 09:47:51 +03:00
dependabot[bot]
9cec5da218
build(deps): bump idna from 3.7 to 3.8 in the dependencies group
Bumps the dependencies group with 1 update: [idna](https://github.com/kjd/idna).


Updates `idna` from 3.7 to 3.8
- [Release notes](https://github.com/kjd/idna/releases)
- [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst)
- [Commits](https://github.com/kjd/idna/compare/v3.7...v3.8)

---
updated-dependencies:
- dependency-name: idna
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 21:15:56 +00:00
dependabot[bot]
bc3a51ae74
build(deps): bump the test-and-lint-dependencies group with 2 updates
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff) and [mypy](https://github.com/python/mypy).


Updates `ruff` from 0.6.1 to 0.6.2
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.6.1...0.6.2)

Updates `mypy` from 1.11.1 to 1.11.2
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.11.1...v1.11.2)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 21:14:50 +00:00
Jussi Kukkonen
92f8e16e98
Merge pull request #2690 from theupdateframework/dependabot/pip/test-and-lint-dependencies-37a0b79e71
build(deps): bump ruff from 0.5.7 to 0.6.1 in the test-and-lint-dependencies group
2024-08-22 15:31:16 +03:00
dependabot[bot]
7353d53ce8
build(deps): bump ruff in the test-and-lint-dependencies group
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.5.7 to 0.6.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.7...0.6.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-19 21:39:41 +00:00
Jussi Kukkonen
cc153d71dc
Merge pull request #2685 from theupdateframework/dependabot/pip/test-and-lint-dependencies-355f7870a1
build(deps): bump ruff from 0.5.6 to 0.5.7 in the test-and-lint-dependencies group
2024-08-13 10:33:52 +03:00
Jussi Kukkonen
07ae055bca
Merge pull request #2686 from theupdateframework/dependabot/pip/dependencies-3dee5f3149
build(deps): bump cffi from 1.16.0 to 1.17.0 in the dependencies group
2024-08-13 10:33:21 +03:00
Jussi Kukkonen
f013ea37f9
Merge pull request #2687 from theupdateframework/dependabot/github_actions/action-dependencies-720c8da8de
build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 in the action-dependencies group
2024-08-13 10:32:56 +03:00
dependabot[bot]
7a47f23872
build(deps): bump actions/upload-artifact
Bumps the action-dependencies group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/upload-artifact` from 4.3.5 to 4.3.6
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](89ef406dd8...834a144ee9)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 21:52:40 +00:00
dependabot[bot]
0caadbce1d
build(deps): bump cffi from 1.16.0 to 1.17.0 in the dependencies group
Bumps the dependencies group with 1 update: [cffi](https://github.com/python-cffi/cffi).


Updates `cffi` from 1.16.0 to 1.17.0
- [Release notes](https://github.com/python-cffi/cffi/releases)
- [Commits](https://github.com/python-cffi/cffi/compare/v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: cffi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 21:18:30 +00:00
dependabot[bot]
2a8d68bb27
build(deps): bump ruff in the test-and-lint-dependencies group
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.5.6 to 0.5.7
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.6...0.5.7)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-12 21:17:21 +00:00
Jussi Kukkonen
972894251a
Merge pull request #2682 from theupdateframework/dependabot/pip/test-and-lint-dependencies-2786207ea8
build(deps): bump the test-and-lint-dependencies group with 3 updates
2024-08-06 09:32:10 +03:00
Jussi Kukkonen
945a523710
Merge pull request #2683 from theupdateframework/dependabot/github_actions/action-dependencies-7dc25245c6
build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 in the action-dependencies group
2024-08-06 09:31:46 +03:00
dependabot[bot]
e74205280d
build(deps): bump actions/upload-artifact
Bumps the action-dependencies group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `actions/upload-artifact` from 4.3.4 to 4.3.5
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](0b2256b8c0...89ef406dd8)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-05 21:51:28 +00:00
dependabot[bot]
54261a8c90
build(deps): bump the test-and-lint-dependencies group with 3 updates
Bumps the test-and-lint-dependencies group with 3 updates: [ruff](https://github.com/astral-sh/ruff), [mypy](https://github.com/python/mypy) and [coverage](https://github.com/nedbat/coveragepy).


Updates `ruff` from 0.5.5 to 0.5.6
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.5...0.5.6)

Updates `mypy` from 1.11.0 to 1.11.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.11...v1.11.1)

Updates `coverage` from 7.6.0 to 7.6.1
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.6.0...7.6.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: coverage
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-05 21:44:13 +00:00
Jussi Kukkonen
f8deca31cc
Merge pull request #2680 from theupdateframework/dependabot/github_actions/action-dependencies-9c3969af14 2024-07-30 09:12:09 +03:00
Jussi Kukkonen
f642db84ed
Merge pull request #2681 from theupdateframework/dependabot/pip/test-and-lint-dependencies-61899484f5 2024-07-30 09:09:17 +03:00
dependabot[bot]
3e5dbdd31e
build(deps): bump ruff in the test-and-lint-dependencies group
Bumps the test-and-lint-dependencies group with 1 update: [ruff](https://github.com/astral-sh/ruff).


Updates `ruff` from 0.5.4 to 0.5.5
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.4...0.5.5)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-29 21:18:18 +00:00
dependabot[bot]
ad69f71181
build(deps): bump ossf/scorecard-action in the action-dependencies group
Bumps the action-dependencies group with 1 update: [ossf/scorecard-action](https://github.com/ossf/scorecard-action).


Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](dc50aa9510...62b2cac7ed)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-29 21:04:16 +00:00
Jussi Kukkonen
34fd9141f3
Merge pull request #2677 from theupdateframework/dependabot/pip/test-and-lint-dependencies-fd734e5e0e
build(deps): bump the test-and-lint-dependencies group with 2 updates
2024-07-29 11:31:21 +03:00
Jussi Kukkonen
40a6b8a6dc
Merge pull request #2678 from theupdateframework/dependabot/pip/dependencies-90ddb4d091
build(deps): bump cryptography from 42.0.8 to 43.0.0 in the dependencies group
2024-07-29 11:31:12 +03:00
Justin Cappos
345c3781b6
Merge pull request #2679 from theupdateframework/trishankatdatadog-patch-1
Update MAINTAINERS.txt
2024-07-24 16:45:24 -04:00
Trishank Karthik Kuppusamy
bcfefce5c3
Update MAINTAINERS.txt
Removing myself because, just like with go-tuf, I unfortunately do not have the bandwidth for active maintenance, and do not wish to be in the way. I thank you all very much for the opportunity, and your continued service.

Signed-off-by: Trishank Karthik Kuppusamy <trishank.kuppusamy@datadoghq.com>
2024-07-24 13:23:43 -04:00
dependabot[bot]
1f0ba33798
build(deps): bump cryptography in the dependencies group
Bumps the dependencies group with 1 update: [cryptography](https://github.com/pyca/cryptography).


Updates `cryptography` from 42.0.8 to 43.0.0
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/42.0.8...43.0.0)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-22 21:04:01 +00:00
dependabot[bot]
772b099288
build(deps): bump the test-and-lint-dependencies group with 2 updates
Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff) and [mypy](https://github.com/python/mypy).


Updates `ruff` from 0.5.2 to 0.5.4
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.2...0.5.4)

Updates `mypy` from 1.10.1 to 1.11.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.10.1...v1.11)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-22 21:02:51 +00:00
Jussi Kukkonen
4d2ff8d37d
Merge pull request #2675 from jku/bump-max-root-rotations
ngclient: Increase default max_root_rotations
2024-07-17 13:34:36 +03:00
Jussi Kukkonen
6eaf405bd5 ngclient: Increase default max_root_rotations
this configuration variable controls how many root versions
the client will upgrade in a single refresh(). The idea is to prevent
a malicious repository from filling the disk with root versions.

We want a number that is high enough that a repository should not have
made that many roots in the time that clients take to update the "embedded"
root that the client shipped with ship with.

32 is small enough that a repository could reach it while clients with
v1 embedded in them are still in use. Let's bump to 256: this should be
plenty.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-17 11:50:43 +03:00
Jussi Kukkonen
cb9694efa0
Merge pull request #2674 from theupdateframework/dependabot/github_actions/action-dependencies-1145a91e6d
build(deps): bump actions/setup-python from 5.1.0 to 5.1.1 in the action-dependencies group
2024-07-16 10:27:18 +03:00
Jussi Kukkonen
19343a83a5
Merge pull request #2673 from theupdateframework/dependabot/pip/test-and-lint-dependencies-7ff274b1a5
build(deps): bump the test-and-lint-dependencies group with 2 updates
2024-07-16 10:26:57 +03:00
dependabot[bot]
ab6dbf790b
build(deps): bump actions/setup-python in the action-dependencies group
Bumps the action-dependencies group with 1 update: [actions/setup-python](https://github.com/actions/setup-python).


Updates `actions/setup-python` from 5.1.0 to 5.1.1
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](82c7e631bb...39cd14951b)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-15 21:42:17 +00:00
dependabot[bot]
6fed28d563
build(deps): bump the test-and-lint-dependencies group with 2 updates
Bumps the test-and-lint-dependencies group with 2 updates: [coverage](https://github.com/nedbat/coveragepy) and [ruff](https://github.com/astral-sh/ruff).


Updates `coverage` from 7.5.4 to 7.6.0
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.5.4...7.6.0)

Updates `ruff` from 0.5.1 to 0.5.2
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/0.5.1...0.5.2)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-15 21:07:18 +00:00
Jussi Kukkonen
981e678bd9
Merge pull request #2671 from jku/tweak-workflow-name
workflows: Change conformance workflow name
2024-07-11 18:48:51 +03:00
Jussi Kukkonen
40f72b1f14 workflows: Change conformance workflow name
Otherwise you can't tell them apart in the UI...

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-11 18:41:32 +03:00
Jussi Kukkonen
cb550d29ef
Merge pull request #2670 from jku/add-conformance-workflow
Add a conformance test workflow
2024-07-11 18:39:11 +03:00
Jussi Kukkonen
b14452dac6 workflows: Tweak conformance step name
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-11 18:26:58 +03:00
Jussi Kukkonen
0b85ed570d Add a conformance test workflow
* The conformance test suite is likely to still change quite a bit so
  the workflow is not enabled on PRs yet
* The actual conformance client is copied from the tuf-conformance project
* This is mostly a test to see how things should work out, and a
  demonstration of how the tuf-conformance project should be used

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-10 16:15:36 +03:00
Jussi Kukkonen
3947033974
Merge pull request #2665 from harshitasao/scorecard-badge-link
changed the scorecard badge link to the standard format
2024-07-09 17:15:39 +03:00
Jussi Kukkonen
cde61e82c5 README: Fix scorecard image url as well
scorecard.dev is the "correct" domain.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2024-07-09 09:27:25 +03:00
dependabot[bot]
970dd075f1
build(deps): bump the action-dependencies group with 2 updates (#2666)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: action-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 09:21:13 +03:00
dependabot[bot]
3f9bcd2ac9
build(deps): bump the test-and-lint-dependencies group across 1 directory with 2 updates (#2667)
Bumps the test-and-lint-dependencies group with 2 updates in the / directory: [ruff](https://github.com/astral-sh/ruff) and [mypy](https://github.com/python/mypy).


Updates `ruff` from 0.4.10 to 0.5.1
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.10...0.5.1)

Updates `mypy` from 1.10.0 to 1.10.1
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.10.0...v1.10.1)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: test-and-lint-dependencies
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 09:20:23 +03:00
dependabot[bot]
74667373aa
build(deps): bump certifi in the dependencies group (#2668)
Bumps the dependencies group with 1 update: [certifi](https://github.com/certifi/python-certifi).


Updates `certifi` from 2024.6.2 to 2024.7.4
- [Commits](https://github.com/certifi/python-certifi/compare/2024.06.02...2024.07.04)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-09 09:16:12 +03:00
harshitasao
621ec86954 changed the scorecard badge link to the standard format
Signed-off-by: harshitasao <harshitasao@gmail.com>
2024-07-05 02:02:11 +05:30
dependabot[bot]
aa2b7547d6
build(deps): bump the test-and-lint-dependencies group with 2 updates (#2663)
Bumps the test-and-lint-dependencies group with 2 updates: [coverage](https://github.com/nedbat/coveragepy) and [ruff](https://github.com/astral-sh/ruff).


Updates `coverage` from 7.5.3 to 7.5.4
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/7.5.3...7.5.4)

Updates `ruff` from 0.4.9 to 0.4.10
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](https://github.com/astral-sh/ruff/compare/v0.4.9...v0.4.10)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: test-and-lint-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-25 09:40:26 +03:00
dependabot[bot]
e84be5e138
build(deps): bump hatchling in the build-and-release-dependencies group (#2662)
Bumps the build-and-release-dependencies group with 1 update: [hatchling](https://github.com/pypa/hatch).


Updates `hatchling` from 1.24.2 to 1.25.0
- [Release notes](https://github.com/pypa/hatch/releases)
- [Commits](https://github.com/pypa/hatch/compare/hatchling-v1.24.2...hatchling-v1.25.0)

---
updated-dependencies:
- dependency-name: hatchling
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-and-release-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-25 09:38:50 +03:00