dependabot[bot]
55a17cc3ee
build(deps): bump actions/checkout from 3.5.2 to 3.5.3
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2023-06-12 11:00:10 +00:00
Jussi Kukkonen
61d29b32e9
Merge pull request #2405 from theupdateframework/dependabot/github_actions/github/codeql-action-2.3.6
...
build(deps): bump github/codeql-action from 2.3.3 to 2.3.6
2023-06-02 15:21:27 +03:00
Jussi Kukkonen
4dabbd0b38
Merge pull request #2403 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-3.0.6
...
build(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6
2023-06-02 14:13:47 +03:00
dependabot[bot]
1359485a67
build(deps): bump github/codeql-action from 2.3.3 to 2.3.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.3 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29b1f65c5e...83f0fe6c49
2023-06-02 10:58:18 +00:00
dependabot[bot]
bedbeb0002
build(deps): bump actions/dependency-review-action from 3.0.4 to 3.0.6
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.4 to 3.0.6.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](f46c48ed6d...1360a344cc
2023-06-01 10:59:23 +00:00
dependabot[bot]
4f3ff9fa12
build(deps): bump actions/setup-python from 4.6.0 to 4.6.1
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](57ded4d7d5...bd6b4b6205
2023-05-25 10:58:36 +00:00
Jussi Kukkonen
ffc904906c
github: Fix issue with draft releases
...
Commit 707dc49
2023-05-10 14:06:55 +03:00
dependabot[bot]
a6ea12754d
build(deps): bump pypa/gh-action-pypi-publish from 1.8.5 to 1.8.6
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.8.5 to 1.8.6.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](0bf742be3e...a56da0b891
2023-05-08 14:14:07 +00:00
Lukas Pühringer
209f87275a
Merge pull request #2371 from jku/trusted-publisher
...
release: Use PyPI Trusted Publishing
2023-05-08 16:04:26 +02:00
dependabot[bot]
224ce8ec8c
build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.2 to 2.3.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f3feb00acb...29b1f65c5e
2023-05-05 10:58:24 +00:00
dependabot[bot]
ac419451cc
build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.0 to 2.3.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2c19fb9a2...f3feb00acb
2023-04-28 10:58:26 +00:00
Jussi Kukkonen
53c280680b
release: Use PyPI Trusted Publishing
...
Instead of using the secret stored in environment secrets, allow the
publish action to use the OIDC identity to authenticate to pypi.org.
This repository/workflow/environment has been marked as a "Trusted
Publisher" in pypi.org: this means PyPI should give the publish action a
short lived token to use for publishing.
This enables #2370 : but the secret should still be removed before
closing the issue (maybe after one successful release with Trusted
Publishing).
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2023-04-27 15:42:55 +03:00
dependabot[bot]
28ea174245
build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.12 to 2.3.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7df0ce3489...b2c19fb9a2
2023-04-24 11:00:22 +00:00
dependabot[bot]
964c30c2dd
build(deps): bump actions/setup-python from 4.5.0 to 4.6.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d27e3f3d7c...57ded4d7d5
2023-04-21 10:58:33 +00:00
dependabot[bot]
25cbdcaf32
build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.11 to 2.2.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d186a2a36c...7df0ce3489
2023-04-17 11:22:23 +00:00
dependabot[bot]
308c9874b7
build(deps): bump actions/checkout from 3.5.0 to 3.5.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8f4b7f8486...8e5e7e5ab8
2023-04-14 10:58:57 +00:00
Lukas Pühringer
fe3fa79bf8
Merge pull request #2355 from theupdateframework/dependabot/github_actions/actions/github-script-6.4.1
...
build(deps): bump actions/github-script from 6.4.0 to 6.4.1
2023-04-11 12:53:14 +02:00
dependabot[bot]
63da19d127
build(deps): bump actions/github-script from 6.4.0 to 6.4.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.4.0 to 6.4.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](98814c53be...d7906e4ad0
2023-04-07 10:58:44 +00:00
dependabot[bot]
64816c40f8
build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...d186a2a36c
2023-04-07 10:58:40 +00:00
dependabot[bot]
b52c7dbcfc
build(deps): bump pypa/gh-action-pypi-publish from 1.8.3 to 1.8.5
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.8.3 to 1.8.5.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](48b317d84d...0bf742be3e
2023-04-04 11:00:18 +00:00
dependabot[bot]
904f956d4c
build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e38b1902ae...80e868c13c
2023-03-30 10:58:48 +00:00
dependabot[bot]
d68cd71fcd
build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](67a35a0858...04df1262e6
2023-03-28 10:59:06 +00:00
dependabot[bot]
f86f656d3c
build(deps): bump actions/checkout from 3.4.0 to 3.5.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](24cb908017...8f4b7f8486
2023-03-28 07:44:51 +00:00
Lukas Pühringer
d55b5df4e9
Merge pull request #2341 from theupdateframework/dependabot/github_actions/github/codeql-action-2.2.8
...
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
2023-03-28 09:44:11 +02:00
Lukas Pühringer
cc6a4efd8c
Merge pull request #2340 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.3
...
build(deps): bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3
2023-03-28 09:43:43 +02:00
dependabot[bot]
8eaa8dc377
build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](168b99b3c2...67a35a0858
2023-03-23 10:59:10 +00:00
dependabot[bot]
f98f94b46b
build(deps): bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.8.1 to 1.8.3.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](a3a3bafbb3...48b317d84d
2023-03-23 10:59:06 +00:00
dependabot[bot]
12266d8fc6
build(deps): bump actions/dependency-review-action from 3.0.3 to 3.0.4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](c090f4e553...f46c48ed6d
2023-03-20 11:00:23 +00:00
Jussi Kukkonen
db027027ce
Merge pull request #2334 from theupdateframework/dependabot/github_actions/actions/checkout-3.4.0
...
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
2023-03-20 10:40:11 +02:00
Jussi Kukkonen
73dae65e23
Merge pull request #2333 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.1
...
build(deps): bump pypa/gh-action-pypi-publish from 1.7.1 to 1.8.1
2023-03-20 10:22:49 +02:00
dependabot[bot]
a673ac3df5
build(deps): bump actions/checkout from 3.3.0 to 3.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...24cb908017
2023-03-20 08:21:35 +00:00
dependabot[bot]
b930e5328a
build(deps): bump github/codeql-action from 2.2.6 to 2.2.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.6 to 2.2.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](16964e90ba...168b99b3c2
2023-03-16 10:22:59 +00:00
dependabot[bot]
21d87de04a
build(deps): bump pypa/gh-action-pypi-publish from 1.7.1 to 1.8.1
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.7.1 to 1.8.1.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](22b4d1f125...a3a3bafbb3
2023-03-16 10:22:42 +00:00
Lukas Pühringer
6df1146092
Merge pull request #2330 from theupdateframework/dependabot/github_actions/pypa/gh-action-pypi-publish-1.7.1
...
build(deps): bump pypa/gh-action-pypi-publish from 1.6.4 to 1.7.1
2023-03-15 13:10:08 +01:00
dependabot[bot]
8890b087cd
build(deps): bump github/codeql-action from 2.2.5 to 2.2.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](32dc499307...16964e90ba
2023-03-13 11:01:00 +00:00
dependabot[bot]
a65568bfef
build(deps): bump pypa/gh-action-pypi-publish from 1.6.4 to 1.7.1
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.6.4 to 1.7.1.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](c7f29f7ade...22b4d1f125
2023-03-13 11:00:55 +00:00
Shabeeb Khalid
b618394c5b
Removed unwanted variable from matrix
...
Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com>
Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>
2023-03-03 10:33:20 -08:00
Shabeeb Khalid
f06fa9d015
Removed unwanted variable from matrix
...
Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com>
Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>
2023-03-03 10:33:10 -08:00
Shabeeb Khalid
ccaa98a643
Refactor
...
Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com>
Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>
2023-03-03 10:31:57 -08:00
Shabeeb Khalid
ce14451bdc
Pass tox environment via command line
...
Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com>
Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>
2023-03-03 10:30:36 -08:00
Shabeeb Khalid
55c8fe0c9d
Removed unwanted env variable
...
Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com>
Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>
2023-03-03 10:30:02 -08:00
Shabeeb Khalid
95226edacb
Revert comment
...
Co-authored-by: Lukas Pühringer <luk.puehringer@gmail.com>
Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>
2023-03-03 10:29:12 -08:00
Shabeeb Khalid
2329e33c9c
Fix: exporting the correct toxenv in lint job
...
Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>
2023-03-03 00:47:08 -08:00
Shabeeb Khalid
482802d030
Moved lint to seperate job. Some refactor as well.
...
Signed-off-by: Shabeeb Khalid <convey2shabeeb@gmail.com>
2023-03-02 11:02:02 -08:00
Lukas Puehringer
951ce045cd
Adopt securesystemslib branch rename master-> main
...
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2023-03-02 09:35:14 +01:00
dependabot[bot]
3fd56facb0
build(deps): bump github/codeql-action from 2.2.4 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17573ee1cc...32dc499307
2023-02-27 11:02:26 +00:00
dependabot[bot]
ed05a2c66c
build(deps): bump github/codeql-action from 2.2.3 to 2.2.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.3 to 2.2.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8775e86802...17573ee1cc
2023-02-13 11:05:51 +00:00
dependabot[bot]
15c0b40dce
build(deps): bump github/codeql-action from 2.2.2 to 2.2.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](39d8d7e78f...8775e86802
2023-02-09 10:03:50 +00:00
dependabot[bot]
932d72db3a
build(deps): bump github/codeql-action from 2.2.1 to 2.2.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ebbd71c74...39d8d7e78f
2023-02-07 10:03:56 +00:00
Jussi Kukkonen
b15af9573a
Merge pull request #2290 from jku/release-refactor
...
build: Handle GH release manually
2023-02-06 15:09:25 +02:00
