dependabot[bot]
f26e2b24c9
build(deps): bump pylint from 2.17.7 to 3.0.1
...
Bumps [pylint](https://github.com/pylint-dev/pylint ) from 2.17.7 to 3.0.1.
- [Release notes](https://github.com/pylint-dev/pylint/releases )
- [Commits](https://github.com/pylint-dev/pylint/compare/v2.17.7...v3.0.1 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-06 10:48:03 +00:00
Jussi Kukkonen
4ba5436a50
Merge pull request #2485 from theupdateframework/dependabot/pip/securesystemslib-cryptopynacl--0.30.0
...
build(deps): bump securesystemslib[crypto,pynacl] from 0.29.0 to 0.30.0
2023-10-04 13:51:51 +03:00
dependabot[bot]
2e9321e3bd
build(deps): bump securesystemslib[crypto,pynacl] from 0.29.0 to 0.30.0
...
Bumps [securesystemslib[crypto,pynacl]](https://github.com/secure-systems-lab/securesystemslib ) from 0.29.0 to 0.30.0.
- [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases )
- [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v0.29.0...v0.30.0 )
---
updated-dependencies:
- dependency-name: securesystemslib[crypto,pynacl]
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-04 10:29:02 +00:00
Lukas Pühringer
e24faf213c
Merge pull request #2481 from lukpueh/signing-status
...
Metadata API: add get_verification_result method
2023-10-04 11:40:54 +02:00
Lukas Puehringer
a55756327b
Metadata API: add get_verification_result method
...
The method returns detailed information about signature verification of
a delegated role metadata.
Its implementation is taken from the verify_delegate method and slightly
updated. verify_delegate now is a thin wrapper on top of
get_verification_result.
fixes #2449
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Co-authored-by: Jussi Kukkonen <jkukkonen@google.com>
2023-10-03 12:05:39 +02:00
Jussi Kukkonen
87f9f9134e
Merge pull request #2480 from theupdateframework/dependabot/pip/requirements/urllib3-2.0.6
...
build(deps): bump urllib3 from 2.0.5 to 2.0.6 in /requirements
2023-10-03 09:55:04 +03:00
dependabot[bot]
2549321b96
build(deps): bump urllib3 from 2.0.5 to 2.0.6 in /requirements
...
Bumps [urllib3](https://github.com/urllib3/urllib3 ) from 2.0.5 to 2.0.6.
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/v2.0.5...2.0.6 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-03 00:23:50 +00:00
Jussi Kukkonen
1856ff980f
Merge pull request #2476 from theupdateframework/dependabot/pip/cffi-1.16.0
...
build(deps): bump cffi from 1.15.1 to 1.16.0
2023-10-02 14:08:43 +03:00
dependabot[bot]
1ed83c9fe3
build(deps): bump cffi from 1.15.1 to 1.16.0
...
Bumps [cffi](https://github.com/python-cffi/cffi ) from 1.15.1 to 1.16.0.
- [Release notes](https://github.com/python-cffi/cffi/releases )
- [Commits](https://github.com/python-cffi/cffi/compare/v1.15.1...v1.16.0 )
---
updated-dependencies:
- dependency-name: cffi
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 11:01:33 +00:00
Jussi Kukkonen
4a4128190f
Merge pull request #2477 from theupdateframework/dependabot/pip/charset-normalizer-3.3.0
...
build(deps): bump charset-normalizer from 3.2.0 to 3.3.0
2023-10-02 14:00:07 +03:00
Jussi Kukkonen
3c1cf659b6
Merge pull request #2478 from theupdateframework/dependabot/pip/pylint-2.17.7
...
build(deps): bump pylint from 2.17.6 to 2.17.7
2023-10-02 13:59:05 +03:00
dependabot[bot]
e359d21066
build(deps): bump pylint from 2.17.6 to 2.17.7
...
Bumps [pylint](https://github.com/pylint-dev/pylint ) from 2.17.6 to 2.17.7.
- [Release notes](https://github.com/pylint-dev/pylint/releases )
- [Commits](https://github.com/pylint-dev/pylint/compare/v2.17.6...v2.17.7 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 10:47:23 +00:00
dependabot[bot]
0c569eb3ae
build(deps): bump charset-normalizer from 3.2.0 to 3.3.0
...
Bumps [charset-normalizer](https://github.com/Ousret/charset_normalizer ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/Ousret/charset_normalizer/releases )
- [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Ousret/charset_normalizer/compare/3.2.0...3.3.0 )
---
updated-dependencies:
- dependency-name: charset-normalizer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-02 10:47:08 +00:00
Jussi Kukkonen
ba1f322559
Merge pull request #2474 from lukpueh/rm-obsolete-comments
...
Remove obsolete comments from Python 2.7 times
2023-09-28 13:36:27 +03:00
Lukas Pühringer
1d8b57ba71
Merge pull request #2458 from theupdateframework/dependabot/pip/coverage-7.3.1
...
build(deps): bump coverage from 7.2.7 to 7.3.1
2023-09-28 11:43:38 +02:00
Lukas Puehringer
9894d735a9
Remove obsolete comments from Python 2.7 times
...
We longer run 2.7 tests (_test.yml) and we no longer need per-version
requirements files (main.txt).
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2023-09-28 11:40:29 +02:00
dependabot[bot]
81487170f3
build(deps): bump coverage from 7.2.7 to 7.3.1
...
Bumps [coverage](https://github.com/nedbat/coveragepy ) from 7.2.7 to 7.3.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/7.2.7...7.3.1 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-28 09:29:42 +00:00
Lukas Pühringer
ad1bbe65df
Merge pull request #2460 from jku/drop-3.7-support
...
Drop support for Python 3.7
2023-09-28 11:28:13 +02:00
Jussi Kukkonen
74f2cfe54b
Merge pull request #2470 from theupdateframework/dependabot/pip/pylint-2.17.6
...
build(deps): bump pylint from 2.17.5 to 2.17.6
2023-09-26 13:55:57 +03:00
dependabot[bot]
65efc693c3
build(deps): bump pylint from 2.17.5 to 2.17.6
...
Bumps [pylint](https://github.com/pylint-dev/pylint ) from 2.17.5 to 2.17.6.
- [Release notes](https://github.com/pylint-dev/pylint/releases )
- [Commits](https://github.com/pylint-dev/pylint/compare/v2.17.5...v2.17.6 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-26 10:49:01 +00:00
Jussi Kukkonen
b7c956cd01
Merge pull request #2469 from theupdateframework/dependabot/github_actions/actions/checkout-4.1.0
...
build(deps): bump actions/checkout from 4.0.0 to 4.1.0
2023-09-26 12:00:53 +03:00
dependabot[bot]
aaea6c29ab
build(deps): bump actions/checkout from 4.0.0 to 4.1.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](3df4ab11eb...8ade135a41
2023-09-25 10:56:33 +00:00
Jussi Kukkonen
cf7489491d
Merge pull request #2465 from theupdateframework/dependabot/github_actions/github/codeql-action-2.21.8
...
build(deps): bump github/codeql-action from 2.21.7 to 2.21.8
2023-09-25 13:50:06 +03:00
Jussi Kukkonen
457f046afa
Merge pull request #2467 from theupdateframework/dependabot/pip/urllib3-2.0.5
...
build(deps): bump urllib3 from 2.0.4 to 2.0.5
2023-09-25 13:49:31 +03:00
Jussi Kukkonen
bd4470b911
Merge pull request #2466 from theupdateframework/dependabot/pip/cryptography-41.0.4
...
build(deps): bump cryptography from 41.0.3 to 41.0.4
2023-09-25 13:48:32 +03:00
dependabot[bot]
f3e7461d2f
build(deps): bump urllib3 from 2.0.4 to 2.0.5
...
Bumps [urllib3](https://github.com/urllib3/urllib3 ) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/2.0.4...v2.0.5 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-20 10:11:08 +00:00
dependabot[bot]
2213107bb5
build(deps): bump cryptography from 41.0.3 to 41.0.4
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 41.0.3 to 41.0.4.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/41.0.3...41.0.4 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-20 10:11:02 +00:00
dependabot[bot]
c672dfb7eb
build(deps): bump github/codeql-action from 2.21.7 to 2.21.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.7 to 2.21.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04daf014b5...6a28655e3d
2023-09-19 10:32:26 +00:00
Jussi Kukkonen
c78d3bc182
Merge pull request #2464 from theupdateframework/dependabot/github_actions/github/codeql-action-2.21.7
...
build(deps): bump github/codeql-action from 2.21.5 to 2.21.7
2023-09-18 10:48:20 +03:00
dependabot[bot]
dcf81b8748
build(deps): bump github/codeql-action from 2.21.5 to 2.21.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.21.5 to 2.21.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](00e563ead9...04daf014b5
2023-09-15 10:30:45 +00:00
Jussi Kukkonen
e4a9ae6181
Merge pull request #2462 from theupdateframework/dependabot/pip/black-23.9.1
...
build(deps): bump black from 23.7.0 to 23.9.1
2023-09-12 14:33:16 +03:00
dependabot[bot]
cafd3f4ad6
build(deps): bump black from 23.7.0 to 23.9.1
...
Bumps [black](https://github.com/psf/black ) from 23.7.0 to 23.9.1.
- [Release notes](https://github.com/psf/black/releases )
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md )
- [Commits](https://github.com/psf/black/compare/23.7.0...23.9.1 )
---
updated-dependencies:
- dependency-name: black
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-11 10:34:21 +00:00
Jussi Kukkonen
3bf8f5faed
Merge pull request #2461 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-3.1.0
...
build(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0
2023-09-08 16:37:53 +03:00
dependabot[bot]
325defd06d
build(deps): bump actions/dependency-review-action from 3.0.8 to 3.1.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](f6fff72a32...6c5ccdad46
2023-09-08 10:34:37 +00:00
Jussi Kukkonen
c645e186dd
Merge pull request #2455 from theupdateframework/dependabot/github_actions/actions/checkout-4.0.0
...
build(deps): bump actions/checkout from 3.6.0 to 4.0.0
2023-09-07 16:03:17 +03:00
Jussi Kukkonen
63effe1f4c
Merge pull request #2457 from theupdateframework/dependabot/pip/build-1.0.3
...
build(deps): bump build from 1.0.0 to 1.0.3
2023-09-07 16:02:30 +03:00
Jussi Kukkonen
e87a3d0fbc
Merge pull request #2459 from theupdateframework/dependabot/github_actions/actions/upload-artifact-3.1.3
...
build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3
2023-09-07 16:02:03 +03:00
Jussi Kukkonen
e37769e252
Drop support for Python 3.7
...
* Python 3.7 is EOL.
* Our runtime dependencies are still ok with 3.7
* Testing dependencies have started requiring 3.8
Stop supporting and testing Python 3.7.
We could just stop testing Python 3.7 (while claiming to still support
it) but that seems like it'll lead to trouble: we will inevitably use
some 3.8 feature and then won't notice because we don't test 3.7 any
more.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2023-09-07 15:52:36 +03:00
dependabot[bot]
811bf02fb0
build(deps): bump actions/checkout from 3.6.0 to 4.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](f43a0e5ff2...3df4ab11eb
2023-09-07 12:36:36 +00:00
dependabot[bot]
1c0c95f5f8
build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](0b7f8abb15...a8a3f3ad30
2023-09-07 12:36:34 +00:00
Jussi Kukkonen
b84434afaa
Merge pull request #2453 from sumanth8495/develop
...
workflows: Includes version comments in GH action uses-lines
2023-09-07 15:35:58 +03:00
dependabot[bot]
d11e6872b9
build(deps): bump build from 1.0.0 to 1.0.3
...
Bumps [build](https://github.com/pypa/build ) from 1.0.0 to 1.0.3.
- [Release notes](https://github.com/pypa/build/releases )
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pypa/build/compare/1.0.0...1.0.3 )
---
updated-dependencies:
- dependency-name: build
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-07 10:34:09 +00:00
sumanth8495
ade02cfb17
Missing version numbers are given, mentioned bugs are resolved.
...
Signed-off-by: sumanth8495 <msgupthamurukuri123@gmail.com>
2023-09-06 19:04:23 +05:30
Jussi Kukkonen
2e7da65c6b
Merge pull request #2456 from theupdateframework/dependabot/pip/securesystemslib-cryptopynacl--0.29.0
...
build(deps): bump securesystemslib[crypto,pynacl] from 0.28.0 to 0.29.0
2023-09-06 15:12:22 +03:00
dependabot[bot]
b906393af8
build(deps): bump securesystemslib[crypto,pynacl] from 0.28.0 to 0.29.0
...
Bumps [securesystemslib[crypto,pynacl]](https://github.com/secure-systems-lab/securesystemslib ) from 0.28.0 to 0.29.0.
- [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases )
- [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md )
- [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v0.28.0...v0.29.0 )
---
updated-dependencies:
- dependency-name: securesystemslib[crypto,pynacl]
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-06 12:01:46 +00:00
Jussi Kukkonen
a7bb129757
Merge pull request #2454 from theupdateframework/dependabot/pip/build-1.0.0
...
build(deps): bump build from 0.10.0 to 1.0.0
2023-09-06 14:24:16 +03:00
sumanth8495
1f676a8e34
version numbers are commented respectively
...
Signed-off-by: sumanth8495 <msgupthamurukuri123@gmail.com>
2023-09-06 13:10:40 +05:30
dependabot[bot]
40b610d2f4
build(deps): bump build from 0.10.0 to 1.0.0
...
Bumps [build](https://github.com/pypa/build ) from 0.10.0 to 1.0.0.
- [Release notes](https://github.com/pypa/build/releases )
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pypa/build/compare/0.10.0...1.0.0 )
---
updated-dependencies:
- dependency-name: build
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-04 10:54:31 +00:00
sumanth8495
e3772c7082
workflows: Includes version comments in GH action uses-lines
...
Signed-off-by: sumanth8495 <msgupthamurukuri123@gmail.com>
2023-09-02 18:44:15 +05:30
Jussi Kukkonen
dd2de41dde
Merge pull request #2450 from theupdateframework/dependabot/github_actions/actions/checkout-3.6.0
...
build(deps): bump actions/checkout from 3.5.3 to 3.6.0
2023-08-31 14:03:09 +03:00
