search

MatthiasValvekens / pyHanko

pyHanko: sign and stamp PDF files
MIT License
483 stars 71 forks source link

Update pyhanko-certvalidator requirement from ==0.24.* to >=0.24,<0.26 #328

Closed dependabot[bot] closed 11 months ago

dependabot[bot] commented 11 months ago

Updates the requirements on pyhanko-certvalidator to permit the latest version.

Release notes

Sourced from pyhanko-certvalidator's releases.

pyhanko-certvalidator

The release artifacts have been published to PyPI.

Change log

The release notes for the 0.25.0 release have been included in the changelog file

Changelog

Sourced from pyhanko-certvalidator's changelog.

0.25.0

  • Introduce a more precise error type to signal stale revocation information (see PR #11)

0.24.1

  • Ignore content types altogether when fetching certificates and the response payload is PEM (see PR #9)

0.24.0

  • Further increase leniency regarding content types when fetching certificates on-the-fly
  • Add SLSA provenance data to releases
  • Various updates in test dependencies and CI workflow dependencies.

0.23.0

  • Improve processing of OCSP responses without nextUpdate
  • Some more package metadata & release flow tweaks

0.22.0

  • No implementation changes compared to 0.21.2
  • Renamed async_http dependency group to async-http.
  • Move towards automated GitHub Actions-based release flow as a move towards better process standardisation.
  • Sign release artifacts with Sigstore.

0.21.2

  • Fix a typing issue caused by a typo in the requests cert fetcher.
  • Removed a piece of misbehaving and duplicative logic in the revocation freshness checker.

0.21.1

  • Fix DisallowedAlgorithmError parameters.
  • Preserve timestamp info in expiration-related errors.
  • Disable algo enforcement in prima facie past validation checks.
  • Correct a misunderstanding in the interaction between the AdES code and the old "retroactive revinfo" setting.

0.21.0

  • Switch to pyproject.toml to manage project metadata.
  • Path validation errors now carry information about the paths that triggered them.
  • InvalidCertificateError is no longer a subclass of PathValidationError, only of

... (truncated)

Commits
  • 2b98b0a 0.25.0 release
  • 5f7c50e Merge pull request #11 from MatthiasValvekens/feature/better-error-stale-revinfo
  • 7cdfb06 Unify some code from CRLs and deltas
  • aca268c Throw more precise error on stale revinfo
  • 2aeea5b Bump minor version
  • 9ea5612 Fix non-discoverable OCSP tests
  • 913cb24 Merge pull request #10 from MatthiasValvekens/dependabot/github_actions/sigst...
  • a180978 Bump sigstore/gh-action-sigstore-python from 2.0.1 to 2.1.0
  • d16aba1 Bump version number
  • 17e4a92 0.24.1 release
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 11 months ago

Codecov Report

All modified lines are covered by tests :white_check_mark:

Comparison is base (90330ce) 98.76% compared to head (b4da549) 98.76%.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #328 +/- ## ======================================= Coverage 98.76% 98.76% ======================================= Files 104 104 Lines 14734 14734 ======================================= Hits 14552 14552 Misses 182 182 ``` | [Flag](https://app.codecov.io/gh/MatthiasValvekens/pyHanko/pull/328/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Matthias+Valvekens) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/MatthiasValvekens/pyHanko/pull/328/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Matthias+Valvekens) | `98.76% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Matthias+Valvekens#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.