python-tuf

mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00

Author	SHA1	Message	Date
Lukas Pühringer	d55b5df4e9	Merge pull request #2341 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.8 build(deps): bump github/codeql-action from 2.2.7 to 2.2.8	2023-03-28 09:44:11 +02:00
Lukas Pühringer	cc6a4efd8c	Merge pull request #2340 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.3 build(deps): bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3	2023-03-28 09:43:43 +02:00
Lukas Pühringer	727a08522a	Merge pull request #2337 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-3.0.4 build(deps): bump actions/dependency-review-action from 3.0.3 to 3.0.4	2023-03-28 09:38:32 +02:00
Lukas Pühringer	981347fcb5	Merge pull request #2344 from theupdateframework/dependabot/pip/cryptography-40.0.1 build(deps): bump cryptography from 39.0.2 to 40.0.1	2023-03-28 09:37:13 +02:00
dependabot[bot]	7b516010c4	build(deps): bump cryptography from 39.0.2 to 40.0.1 Bumps [cryptography](https://github.com/pyca/cryptography) from 39.0.2 to 40.0.1. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/39.0.2...40.0.1) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-27 10:57:38 +00:00
dependabot[bot]	8eaa8dc377	build(deps): bump github/codeql-action from 2.2.7 to 2.2.8 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.7 to 2.2.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`168b99b3c2...67a35a0858`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-23 10:59:10 +00:00
dependabot[bot]	f98f94b46b	build(deps): bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3 Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.1 to 1.8.3. - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](`a3a3bafbb3...48b317d84d`) --- updated-dependencies: - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-23 10:59:06 +00:00
dependabot[bot]	12266d8fc6	build(deps): bump actions/dependency-review-action from 3.0.3 to 3.0.4 Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](`c090f4e553...f46c48ed6d`) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-20 11:00:23 +00:00
Jussi Kukkonen	db027027ce	Merge pull request #2334 from theupdateframework/dependabot/github_actions/actions/checkout-3.4.0 build(deps): bump actions/checkout from 3.3.0 to 3.4.0	2023-03-20 10:40:11 +02:00
Jussi Kukkonen	73dae65e23	Merge pull request #2333 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.1 build(deps): bump pypa/gh-action-pypi-publish from 1.7.1 to 1.8.1	2023-03-20 10:22:49 +02:00
dependabot[bot]	a673ac3df5	build(deps): bump actions/checkout from 3.3.0 to 3.4.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`ac59398561...24cb908017`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-20 08:21:35 +00:00
Jussi Kukkonen	839473ce8e	Merge pull request #2335 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.7 build(deps): bump github/codeql-action from 2.2.6 to 2.2.7	2023-03-20 10:20:55 +02:00
Jussi Kukkonen	c5dafe96e5	Merge pull request #2336 from theupdateframework/dependabot/pip/coverage-7.2.2 build(deps): bump coverage from 7.2.1 to 7.2.2	2023-03-20 10:20:30 +02:00
dependabot[bot]	f2ca2d66f9	build(deps): bump coverage from 7.2.1 to 7.2.2 Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.2.1 to 7.2.2. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/7.2.1...7.2.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-17 10:57:37 +00:00
Lukas Pühringer	2145b67234	Merge pull request #2321 from jku/repository-annotations Repository annotations	2023-03-16 12:43:30 +01:00
dependabot[bot]	b930e5328a	build(deps): bump github/codeql-action from 2.2.6 to 2.2.7 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.6 to 2.2.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`16964e90ba...168b99b3c2`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-16 10:22:59 +00:00
dependabot[bot]	21d87de04a	build(deps): bump pypa/gh-action-pypi-publish from 1.7.1 to 1.8.1 Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.7.1 to 1.8.1. - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](`22b4d1f125...a3a3bafbb3`) --- updated-dependencies: - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-16 10:22:42 +00:00
Lukas Pühringer	9d09c427c7	Merge pull request #2332 from theupdateframework/dependabot/pip/securesystemslib-cryptopynacl--0.27.0 build(deps): bump securesystemslib[crypto,pynacl] from 0.26.0 to 0.27.0	2023-03-15 13:15:17 +01:00
Lukas Pühringer	6df1146092	Merge pull request #2330 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.7.1 build(deps): bump pypa/gh-action-pypi-publish from 1.6.4 to 1.7.1	2023-03-15 13:10:08 +01:00
dependabot[bot]	0a3291d8b4	build(deps): bump securesystemslib[crypto,pynacl] from 0.26.0 to 0.27.0 Bumps [securesystemslib[crypto,pynacl]](https://github.com/secure-systems-lab/securesystemslib) from 0.26.0 to 0.27.0. - [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases) - [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md) - [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v0.26.0...v0.27.0) --- updated-dependencies: - dependency-name: securesystemslib[crypto,pynacl] dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-15 12:09:44 +00:00
Lukas Pühringer	f84e6e4aba	Merge pull request #2329 from theupdateframework/dependabot/pip/urllib3-1.26.15 build(deps): bump urllib3 from 1.26.14 to 1.26.15	2023-03-15 13:08:52 +01:00
Lukas Pühringer	5ce13d5ef2	Merge pull request #2328 from theupdateframework/dependabot/pip/bandit-1.7.5 build(deps): bump bandit from 1.7.4 to 1.7.5	2023-03-15 13:07:45 +01:00
Lukas Pühringer	78121565c3	Merge pull request #2327 from theupdateframework/dependabot/pip/pylint-2.17.0 build(deps): bump pylint from 2.16.4 to 2.17.0	2023-03-15 13:07:21 +01:00
Jussi Kukkonen	0c6a72e1e4	Merge pull request #2331 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.6 build(deps): bump github/codeql-action from 2.2.5 to 2.2.6	2023-03-13 17:44:53 +02:00
dependabot[bot]	8890b087cd	build(deps): bump github/codeql-action from 2.2.5 to 2.2.6 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.5 to 2.2.6. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`32dc499307...16964e90ba`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-13 11:01:00 +00:00
dependabot[bot]	a65568bfef	build(deps): bump pypa/gh-action-pypi-publish from 1.6.4 to 1.7.1 Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.6.4 to 1.7.1. - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](`c7f29f7ade...22b4d1f125`) --- updated-dependencies: - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-13 11:00:55 +00:00
dependabot[bot]	65877635e5	build(deps): bump urllib3 from 1.26.14 to 1.26.15 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.14 to 1.26.15. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.14...1.26.15) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-13 10:57:59 +00:00
dependabot[bot]	9a8c3027ea	build(deps): bump bandit from 1.7.4 to 1.7.5 Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.4 to 1.7.5. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](https://github.com/PyCQA/bandit/compare/1.7.4...1.7.5) --- updated-dependencies: - dependency-name: bandit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-10 10:57:38 +00:00
dependabot[bot]	b2b72fb4cf	build(deps): bump pylint from 2.16.4 to 2.17.0 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.16.4 to 2.17.0. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Commits](https://github.com/PyCQA/pylint/compare/v2.16.4...v2.17.0) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-09 10:57:33 +00:00
Jussi Kukkonen	40c0e40691	Merge pull request #2322 from theupdateframework/dependabot/pip/charset-normalizer-3.1.0 build(deps): bump charset-normalizer from 3.0.1 to 3.1.0	2023-03-08 14:57:24 +02:00
Jussi Kukkonen	ba949d950f	examples: Keep mypy happy Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2023-03-08 10:27:43 +02:00
Jussi Kukkonen	122c522137	repository: Use new annotated properties in do_*() This gives us working annotations in do_timestamp() and do_snapshot(). Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2023-03-08 10:27:43 +02:00
Jussi Kukkonen	75ca67ef44	repository: Add default arg for targets() and edit_targets() The default value "targets" makes sense because now the top-level metadata can be accessed in a standard way: root(), timestamp(), snapshot() and targets() and likewise for the edit_X() functions Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2023-03-08 10:27:43 +02:00
Jussi Kukkonen	79eb91d278	Add getter functions for Signed objects These are equivalent to the edit_X() context managers but for cases where user is not interested in creating a new version of the metadata. Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2023-03-08 10:27:43 +02:00
Jussi Kukkonen	c3411dc59e	repository: Rename snapshot()/timestamp() New names: do_snapshot() do_timestamp() This is in preparation of using the old names for another purpose. Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2023-03-08 10:27:43 +02:00
Jussi Kukkonen	0262a8ac49	repository: Add typed edit_*() contextmanagers The advantage here is that code within the context can take advantage of the correct typing. This is already visible in the example code but is even more useful in real applications. Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2023-03-08 10:27:43 +02:00
Jussi Kukkonen	29b14905ba	Merge pull request #2323 from theupdateframework/dependabot/pip/pylint-2.16.4 build(deps): bump pylint from 2.16.3 to 2.16.4	2023-03-08 10:26:45 +02:00
dependabot[bot]	2e2b55a593	build(deps): bump pylint from 2.16.3 to 2.16.4 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.16.3 to 2.16.4. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Commits](https://github.com/PyCQA/pylint/compare/v2.16.3...v2.16.4) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-08 08:20:24 +00:00
Jussi Kukkonen	96a147422e	Merge pull request #2324 from theupdateframework/dependabot/pip/mypy-1.1.1 build(deps): bump mypy from 1.0.1 to 1.1.1	2023-03-08 10:19:46 +02:00
dependabot[bot]	07822fb63e	build(deps): bump mypy from 1.0.1 to 1.1.1 Bumps [mypy](https://github.com/python/mypy) from 1.0.1 to 1.1.1. - [Release notes](https://github.com/python/mypy/releases) - [Commits](https://github.com/python/mypy/compare/v1.0.1...v1.1.1) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-07 10:57:49 +00:00
dependabot[bot]	48f9dd587c	build(deps): bump charset-normalizer from 3.0.1 to 3.1.0 Bumps [charset-normalizer](https://github.com/Ousret/charset_normalizer) from 3.0.1 to 3.1.0. - [Release notes](https://github.com/Ousret/charset_normalizer/releases) - [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md) - [Commits](https://github.com/Ousret/charset_normalizer/compare/3.0.1...3.1.0) --- updated-dependencies: - dependency-name: charset-normalizer dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-06 10:58:00 +00:00
Lukas Pühringer	d1597d74da	Merge pull request #2317 from shabeebk/issue-1248-2 Moved lint to seperate job. Some refactor as well.	2023-03-06 11:26:56 +01:00
Lukas Pühringer	90c9cef9ae	Merge pull request #2320 from theupdateframework/jku-readme-repo README: Update repository mention	2023-03-06 10:42:09 +01:00
Jussi Kukkonen	203b471895	README: Update repository mention Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2023-03-06 11:34:52 +02:00
Jussi Kukkonen	8b3ae17d8b	Merge pull request #2318 from theupdateframework/dependabot/pip/cryptography-39.0.2 build(deps): bump cryptography from 39.0.1 to 39.0.2	2023-03-04 22:24:02 +02:00
Jussi Kukkonen	0099ae99b6	Merge pull request #2319 from theupdateframework/dependabot/pip/pylint-2.16.3 build(deps): bump pylint from 2.16.2 to 2.16.3	2023-03-04 22:23:24 +02:00
Shabeeb Khalid	b618394c5b	Removed unwanted variable from matrix Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com> Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>	2023-03-03 10:33:20 -08:00
Shabeeb Khalid	f06fa9d015	Removed unwanted variable from matrix Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com> Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>	2023-03-03 10:33:10 -08:00
Shabeeb Khalid	ccaa98a643	Refactor Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com> Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>	2023-03-03 10:31:57 -08:00
Shabeeb Khalid	ce14451bdc	Pass tox environment via command line Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com> Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>	2023-03-03 10:30:36 -08:00

1 2 3 4 5 ...

5671 commits