search

theupdateframework / tuf-on-ci

A TUF repository and signing tool
Other
20 stars 11 forks source link

build(deps): bump the pyproject-dependencies group across 2 directories with 14 updates #318

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Updates the requirements on securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore], tuf, mypy, ruff, boto3, botocore, cryptography, google-cloud-kms, grpcio-status, protobuf, securesystemslib, sigstore-protobuf-specs, sigstore-rekor-types and securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore] to permit the latest version. Updates securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore] to 1.0.0

Release notes

Sourced from securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]'s releases.

v1.0.0

See CHANGELOG.md for details.

Changelog

Sourced from securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]'s changelog.

securesystemslib v1.0.0

Securesystemslib API is now considered stable. The core functionality is provided in the Signer interface and the half a dozen integrated Signer implementations that can be found in the signer module. Smaller helper modules dsse, formats, hash and storage are also part of the API. Several legacy modules have been removed.

Added

  • Signer: add public_key attribute to interface (#756)
  • VaultSigner: Signer implementation for HashiCorp Vault (#800)
  • CryptoSigner: support ecdsa keytype that is no longer in spec (#711)
  • CryptoSigner: add private_bytes property (#799)
  • CryptoSigner: add "file2" signer uri (#759)
  • test: use localstack to test AWSSigner (#777)

Removed

  • CryptoSigner: remove "file" signer uri (#759)
  • migration script for legacy keys (#770)
  • SSlibSigner class and *_securesystemslib_key methods (#771)
  • legacy key key*, interface, util and schema modules (#772, #773, #776)
  • unused functions in hash, and formats module (#774, #776)
  • unused global key constants (#806)

Changed

  • SSlibKey: strengthen input validation (#780, #795)
  • AWSSigner: support default scheme and add stronger input validation (#724, #778)
  • dsse: change Envelope.signatures type to dict (#743)
  • vendor: update ed25519 copy (#793)
  • docs: improve user and contributor docs (#744, #745, #746, #749, #759, #796)
  • test: improve and temporarily disable SigstoreSigner test (#779, #785)
  • ci: use dependabot groups, update weekly (#735)
  • ci: test macOS and Windows on latest Python only (#797)
  • Make securessystemslib.gpg internal (#792)

Fixed

  • Fix check-upstream-ed25519 workflow permission (#706)
  • SSlibKey: fix default scheme and test for ecdsa nistp384 key (#763 #794)

securesystemslib v0.31.0

Added

  • CryptoSigner: create from cryptography private key with new constructor (#675)
  • SSlibKey: create from cryptography public key with new from_crypto method (#678)
  • Release: auto-release with PyPI Trusted Publishing (#683)
  • Docs to migrate legacy key files (#658)

Removed

  • Removed SSlibKey.from_pem factory method in favor of from_crypto (#678)

... (truncated)

Commits
  • 1092ac6 Merge pull request #807 from lukpueh/release-1.0.0
  • fe34bac Update v1.0.0 entry in CHANGELOG
  • c682259 Release 1.0.0
  • 5789578 Merge pull request #800 from lukpueh/vault-signer
  • acae70a Add VaultSigner and tests
  • 66a56cb Merge pull request #804 from secure-systems-lab/dependabot/pip/dependencies-9...
  • c48a451 Merge pull request #803 from secure-systems-lab/dependabot/pip/test-and-lint-...
  • 557378e Merge pull request #806 from lukpueh/rm-stray-globals
  • 6975b81 Remove 3 stray global key type constants
  • 402c898 Merge pull request #802 from lukpueh/rm-stability-disclaimers
  • Additional commits viewable in compare view


Updates tuf from 3.1.1 to 4.0.0

Release notes

Sourced from tuf's releases.

v4.0.0

This release is a small API change for Metadata API users (see below). ngclient API is compatible but optional DSSE support has been added.

Added

  • Added optional DSSE support to Metadata API and ngclient (#2436)

Changed

  • Metadata API: Improved verification functionality for repository users (#2551):
    • This is an API change for Metadata API users ( Root.get_verification_result() and Targets.get_verification_result() specifically)
    • Root.get_root_verification_result() has been added to handle the special case of root verification
  • Started using UTC datetimes instead of naive datetimes internally (#2573)
  • Constrain securesystemslib dependency to <0.32.0 in preparation for future securesystemslib API changes
  • Various build, test and lint improvements
Changelog

Sourced from tuf's changelog.

v4.0.0

This release is a small API change for Metadata API users (see below). ngclient API is compatible but optional DSSE support has been added.

Added

  • Added optional DSSE support to Metadata API and ngclient (#2436)

Changed

  • Metadata API: Improved verification functionality for repository users (#2551):
    • This is an API change for Metadata API users ( Root.get_verification_result() and Targets.get_verification_result() specifically)
    • Root.get_root_verification_result() has been added to handle the special case of root verification
  • Started using UTC datetimes instead of naive datetimes internally (#2573)
  • Constrain securesystemslib dependency to <0.32.0 in preparation for future securesystemslib API changes
  • Various build, test and lint improvements
Commits
  • 2d6fc74 Merge pull request #2601 from jku/release-v4
  • 928702a Release v4.0.0
  • 892c789 Merge pull request #2600 from lukpueh/set-max-sslib-version
  • bc3ebd8 Constrain securesystemslib dependency to <0.32.0
  • 5947bd0 Merge pull request #2594 from theupdateframework/dependabot/pip/build-and-rel...
  • afa4619 Merge pull request #2596 from theupdateframework/dependabot/github_actions/ac...
  • 7c5cae3 Merge pull request #2595 from theupdateframework/dependabot/pip/test-and-lint...
  • ad2c98a Merge pull request #2593 from theupdateframework/dependabot/pip/dependencies-...
  • 6cd2d22 build(deps): bump the dependencies group with 1 update
  • 9f4906b build(deps): bump the test-and-lint-dependencies group with 1 update
  • Additional commits viewable in compare view


Updates mypy from 1.9.0 to 1.10.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.10

We’ve just uploaded mypy 1.10 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support TypeIs (PEP 742)

Mypy now supports TypeIs (PEP 742), which allows functions to narrow the type of a value, similar to isinstance(). Unlike TypeGuard, TypeIs can narrow in both the if and else branches of an if statement:

from typing_extensions import TypeIs

def is_str(s: object) -> TypeIs[str]:
return isinstance(s, str)


def f(o: str | int) -> None:
if is_str(o):
# Type of o is 'str'
...
else:
# Type of o is 'int'
...

TypeIs will be added to the typing module in Python 3.13, but it can be used on earlier Python versions by importing it from typing_extensions.

This feature was contributed by Jelle Zijlstra (PR 16898).

Support TypeVar Defaults (PEP 696)

PEP 696 adds support for type parameter defaults. Example:

from typing import Generic
from typing_extensions import TypeVar

</tr></table>

... (truncated)

Commits


Updates ruff from 0.3.5 to 0.4.4

Release notes

Sourced from ruff's releases.

v0.4.4

Changes

Preview features

  • [pycodestyle] Ignore end-of-line comments when determining blank line rules (#11342)
  • [pylint] Detect pathlib.Path.open calls in unspecified-encoding (PLW1514) (#11288)
  • [flake8-pyi] Implement PYI059 (generic-not-last-base-class) (#11233)
  • [flake8-pyi] Implement PYI062 (duplicate-literal-member) (#11269)

Rule changes

  • [flake8-boolean-trap] Allow passing booleans as positional-only arguments in code such as set(True) (#11287)
  • [flake8-bugbear] Ignore enum classes in cached-instance-method (B019) (#11312)

Server

  • Expand tildes when resolving Ruff server configuration file (#11283)
  • Fix ruff server hanging after Neovim closes (#11291)
  • Editor settings are used by default if no file-based configuration exists (#11266)

Bug fixes

  • [pylint] Consider with statements for too-many-branches (PLR0912) (#11321)
  • [flake8-blind-except, tryceratops] Respect logged and re-raised expressions in nested statements (BLE001, TRY201) (#11301)
  • Recognise assignments such as __all__ = builtins.list(["foo", "bar"]) as valid __all__ definitions (#11335)

Contributors

v0.4.3

Changes

Enhancements

  • Add support for PEP 696 syntax (#11120)

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.4

Preview features

  • [pycodestyle] Ignore end-of-line comments when determining blank line rules (#11342)
  • [pylint] Detect pathlib.Path.open calls in unspecified-encoding (PLW1514) (#11288)
  • [flake8-pyi] Implement PYI059 (generic-not-last-base-class) (#11233)
  • [flake8-pyi] Implement PYI062 (duplicate-literal-member) (#11269)

Rule changes

  • [flake8-boolean-trap] Allow passing booleans as positional-only arguments in code such as set(True) (#11287)
  • [flake8-bugbear] Ignore enum classes in cached-instance-method (B019) (#11312)

Server

  • Expand tildes when resolving Ruff server configuration file (#11283)
  • Fix ruff server hanging after Neovim closes (#11291)
  • Editor settings are used by default if no file-based configuration exists (#11266)

Bug fixes

  • [pylint] Consider with statements for too-many-branches (PLR0912) (#11321)
  • [flake8-blind-except, tryceratops] Respect logged and re-raised expressions in nested statements (BLE001, TRY201) (#11301)
  • Recognise assignments such as __all__ = builtins.list(["foo", "bar"]) as valid __all__ definitions (#11335)

0.4.3

Enhancements

  • Add support for PEP 696 syntax (#11120)

Preview features

  • [refurb] Use function range for reimplemented-operator diagnostics (#11271)
  • [refurb] Ignore methods in reimplemented-operator (FURB118) (#11270)
  • [refurb] Implement fstring-number-format (FURB116) (#10921)
  • [ruff] Implement redirected-noqa (RUF101) (#11052)
  • [pyflakes] Distinguish between first-party and third-party imports for fix suggestions (#11168)

Rule changes

  • [flake8-bugbear] Ignore non-abstract class attributes when enforcing B024 (#11210)
  • [flake8-logging] Include inline instantiations when detecting loggers (#11154)
  • [pylint] Also emit PLR0206 for properties with variadic parameters (#11200)
  • [ruff] Detect duplicate codes as part of unused-noqa (RUF100) (#10850)

Formatter

  • Avoid multiline expression if format specifier is present (#11123)

... (truncated)

Commits
  • 3e8878a Bump version to v0.4.4 (#11352)
  • b6b4ad9 [red-knot] @​override lint rule (#11282)
  • dd42961 [pylint] Detect pathlib.Path.open calls in unspecified-encoding (`PLW15...
  • c80c171 [red-knot] Vendor typeshed's stdlib (#11340)
  • e2fe177 Revert "Simplify arithmetic operation in logical lines checker (#11346)" (#11...
  • e9d1cdd Simplify arithmetic operation in logical lines checker (#11346)
  • dfe4291 Improve ruff_python_semantic::all::extract_all_names() (#11335)
  • 4541337 [red-knot] Remove \<Db: SemanticDb> contraints in favor of dynamic dispatch ...
  • 8e9ddee Ignore end-of-line comments when determining blank line rules (#11342)
  • 702d2fa Make B024 and B027 documentation more nuanced (#11341)
  • Additional commits viewable in compare view


Updates boto3 from 1.34.98 to 1.34.104

Changelog

Sourced from boto3's changelog.

1.34.104

  • api-change:events: [botocore] Amazon EventBridge introduces KMS customer-managed key (CMK) encryption support for custom and partner events published on EventBridge Event Bus (including default bus) and UpdateEventBus API.
  • api-change:vpc-lattice: [botocore] This release adds TLS Passthrough support. It also increases max number of target group per rule to 10.

1.34.103

  • api-change:discovery: [botocore] add v2 smoke tests and smithy smokeTests trait for SDK testing
  • api-change:greengrassv2: [botocore] Mark ComponentVersion in ComponentDeploymentSpecification as required.
  • api-change:sagemaker: [botocore] Introduced support for G6 instance types on Sagemaker Notebook Instances and on SageMaker Studio for JupyterLab and CodeEditor applications.
  • api-change:sso-oidc: [botocore] Updated request parameters for PKCE support.

1.34.102

  • api-change:bedrock-agent-runtime: [botocore] This release adds support to provide guardrail configuration and modify inference parameters that are then used in RetrieveAndGenerate API in Agents for Amazon Bedrock.
  • api-change:pinpoint: [botocore] This release adds support for specifying email message headers for Email Templates, Campaigns, Journeys and Send Messages.
  • api-change:route53resolver: [botocore] Update the DNS Firewall settings to correct a spelling issue.
  • api-change:ssm-sap: [botocore] Added support for application-aware start/stop of SAP applications running on EC2 instances, with SSM for SAP
  • api-change:verifiedpermissions: [botocore] Adds policy effect and actions fields to Policy API's.

1.34.101

  • api-change:cognito-idp: [botocore] Add EXTERNAL_PROVIDER enum value to UserStatusType.
  • api-change:ec2: [botocore] Adding Precision Hardware Clock (PHC) to public API DescribeInstanceTypes
  • api-change:ecr: [botocore] This release adds pull through cache rules support for GitLab container registry in Amazon ECR.
  • api-change:fms: [botocore] The policy scope resource tag is always a string value, either a non-empty string or an empty string.
  • api-change:polly: [botocore] Add new engine - generative - that builds the most expressive conversational voices.
  • api-change:sqs: [botocore] This release adds MessageSystemAttributeNames to ReceiveMessageRequest to replace AttributeNames.

1.34.100

  • api-change:b2bi: [botocore] Documentation update to clarify the MappingTemplate definition.
  • api-change:budgets: [botocore] This release adds tag support for budgets and budget actions.
  • api-change:resiliencehub: [botocore] AWS Resilience Hub has expanded its drift detection capabilities by introducing a new type of drift detection - application resource drift. This new enhancement detects changes, such as the addition or deletion of resources within the application's input sources.
  • api-change:route53profiles: [botocore] Doc only update for Route 53 profiles that fixes some link issues

1.34.99

  • api-change:medialive: [botocore] AWS Elemental MediaLive now supports configuring how SCTE 35 passthrough triggers segment breaks in HLS and MediaPackage output groups. Previously, messages triggered breaks in all these output groups. The new option is to trigger segment breaks only in groups that have SCTE 35 passthrough enabled.
Commits
  • 86fc1aa Merge branch 'release-1.34.104'
  • f0c077a Bumping version to 1.34.104
  • 0351c2c Add changelog entries from botocore
  • fdc599d Merge branch 'release-1.34.103'
  • c1c1619 Merge branch 'release-1.34.103' into develop
  • 75c5d39 Bumping version to 1.34.103
  • 8f943a5 Add changelog entries from botocore
  • 5484552 Merge branch 'release-1.34.102'
  • 2a883a9 Merge branch 'release-1.34.102' into develop
  • 5c86ccc Bumping version to 1.34.102
  • Additional commits viewable in compare view


Updates botocore from 1.34.98 to 1.34.104

Changelog

Sourced from botocore's changelog.

1.34.104

  • api-change:events: Amazon EventBridge introduces KMS customer-managed key (CMK) encryption support for custom and partner events published on EventBridge Event Bus (including default bus) and UpdateEventBus API.
  • api-change:vpc-lattice: This release adds TLS Passthrough support. It also increases max number of target group per rule to 10.

1.34.103

  • api-change:discovery: add v2 smoke tests and smithy smokeTests trait for SDK testing
  • api-change:greengrassv2: Mark ComponentVersion in ComponentDeploymentSpecification as required.
  • api-change:sagemaker: Introduced support for G6 instance types on Sagemaker Notebook Instances and on SageMaker Studio for JupyterLab and CodeEditor applications.
  • api-change:sso-oidc: Updated request parameters for PKCE support.

1.34.102

  • api-change:bedrock-agent-runtime: This release adds support to provide guardrail configuration and modify inference parameters that are then used in RetrieveAndGenerate API in Agents for Amazon Bedrock.
  • api-change:pinpoint: This release adds support for specifying email message headers for Email Templates, Campaigns, Journeys and Send Messages.
  • api-change:route53resolver: Update the DNS Firewall settings to correct a spelling issue.
  • api-change:ssm-sap: Added support for application-aware start/stop of SAP applications running on EC2 instances, with SSM for SAP
  • api-change:verifiedpermissions: Adds policy effect and actions fields to Policy API's.

1.34.101

  • api-change:cognito-idp: Add EXTERNAL_PROVIDER enum value to UserStatusType.
  • api-change:ec2: Adding Precision Hardware Clock (PHC) to public API DescribeInstanceTypes
  • api-change:ecr: This release adds pull through cache rules support for GitLab container registry in Amazon ECR.
  • api-change:fms: The policy scope resource tag is always a string value, either a non-empty string or an empty string.
  • api-change:polly: Add new engine - generative - that builds the most expressive conversational voices.
  • api-change:sqs: This release adds MessageSystemAttributeNames to ReceiveMessageRequest to replace AttributeNames.

1.34.100

  • api-change:b2bi: Documentation update to clarify the MappingTemplate definition.
  • api-change:budgets: This release adds tag support for budgets and budget actions.
  • api-change:resiliencehub: AWS Resilience Hub has expanded its drift detection capabilities by introducing a new type of drift detection - application resource drift. This new enhancement detects changes, such as the addition or deletion of resources within the application's input sources.
  • api-change:route53profiles: Doc only update for Route 53 profiles that fixes some link issues

1.34.99

  • api-change:medialive: AWS Elemental MediaLive now supports configuring how SCTE 35 passthrough triggers segment breaks in HLS and MediaPackage output groups. Previously, messages triggered breaks in all these output groups. The new option is to trigger segment breaks only in groups that have SCTE 35 passthrough enabled.
Commits
  • 7c42a4e Merge branch 'release-1.34.104'
  • e6be0ca Bumping version to 1.34.104
  • 2e4807a Update endpoints model
  • 00cfe99 Update to latest models
  • 52dbc01 Merge branch 'release-1.34.103'
  • fdfb8b0 Merge branch 'release-1.34.103' into develop
  • 5efc7e9 Bumping version to 1.34.103
  • f67d474 Update endpoints model
  • f7032a2 Update to latest models
  • 09da7ab Merge branch 'release-1.34.102'
  • Additional commits viewable in compare view


Updates cryptography from 42.0.6 to 42.0.7

Changelog

Sourced from cryptography's changelog.

42.0.7 - 2024-05-06


* Restored Windows 7 compatibility for our pre-built wheels. Note that we do
  not test on Windows 7 and wheels for our next release will not support it.
  Microsoft no longer provides support for Windows 7 and users are encouraged
  to upgrade.

.. _v42-0-6:

Commits


Updates google-cloud-kms from 2.21.4 to 2.22.0

Release notes

Sourced from google-cloud-kms's releases.

google-cloud-kms: v2.22.0

2.22.0 (2024-05-07)

Features

  • introduce Long-Running Operations (LRO) for KMS (18b3c0d)
Changelog

Sourced from google-cloud-kms's changelog.

2.22.0 (2024-02-01)

Features

  • Allow users to explicitly configure universe domain (#12240) (d51f832)

2.21.1 (2023-12-13)

Documentation

  • [google-cloud-documentai] Clarify Properties documentation (#12118) (35c180e)

2.21.0 (2023-12-07)

Features

  • Add support for python 3.12 (fb6f9db)
  • Introduce compatibility with native namespace packages (fb6f9db)

Bug Fixes

  • Require proto-plus >= 1.22.3 (fb6f9db)
  • Use retry_async instead of retry in async client (fb6f9db)

2.20.2 (2023-11-02)

Documentation

2.20.1 (2023-10-10)

Documentation

2.20.0 (2023-09-25)

Features

  • Added ListDocuments() method for Document AI Workbench training documents (2fb9078)
  • Added SummaryOptions to ProcessOptions for the Summarizer processor (2fb9078)
  • make page_range field public (2fb9078)

... (truncated)

Commits
  • 7dab61a chore: release main (#12633)
  • 88848eb feat: [google-ai-generativelanguage] Add FileState to File (#12660)
  • 94c47b9 chore: [Many APIs] Update gapic-generator-python to v1.17.1 (#12642)
  • dbe7988 docs: [google-cloud-deploy] small corrections to Cloud Deploy API documentati...
  • 40d47d2 chore: [google-cloud-dialogflow-cx] regenerate API index (#12644)
  • ddd1508 fix!: [google-cloud-storage-control] An existing resource pattern value `proj...
  • ae30a4e docs: [google-cloud-batch] Update description on allowed_locations in Locatio...
  • 272fb7d docs: [google-maps-places] update comment of Places API (#12647)
  • 635ee31 feat(parallelstore/v1beta): [google-cloud-parallelstore] add ImportData and E...
  • 0e5f93b feat: [google-shopping-type] add Weight to common types for Shopping APIs t...
  • Additional commits viewable in compare view


Updates grpcio-status from 1.62.2 to 1.63.0

Updates protobuf from 4.25.3 to 5.26.1

Commits
  • 2434ef2 Updating version.json and repo version numbers to: 26.1
  • 49253b1 Merge pull request #16308 from protocolbuffers/cp-26x-3
  • 9bf69ec Fix validateFeatures to be called after resolved features are actually set to...
  • b752bc2 Merge pull request #16307 from protocolbuffers/cp-26x-2
  • f7d2326 Merge pull request #16309 from protocolbuffers/cp-26x-4
  • 2e51ff6 Cherry-pick required label handling in JRuby field descriptor from https://gi...
  • a2f5303 Update cmake stalenes
  • 6a177d2 Merge branch '26.x' into cp-26x-4
  • 2d3d8ba Expand cpp_features_proto_srcs visibility
  • e1092ee Merge pull request #16294 from protocolbuffers/cp-26x
  • Additional commits viewable in compare view


Updates securesystemslib from 0.31.0 to 1.0.0

Release notes

Sourced from securesystemslib's releases.

v1.0.0

See CHANGELOG.md for details.

Changelog

Sourced from securesystemslib's changelog.

securesystemslib v1.0.0

Securesystemslib API is now considered stable. The core functionality is provided in the Signer interface and the half a dozen integrated Signer implementations that can be found in the signer module. Smaller helper modules dsse, formats, hash and storage are also part of the API. Several legacy modules have been removed.

Added

  • Signer: add public_key attribute to interface (#756)
  • VaultSigner: Signer implementation for HashiCorp Vault (#800)
  • CryptoSigner: support ecdsa keytype that is no longer in spec (#711)
  • CryptoSigner: add private_bytes property (#799)
  • CryptoSigner: add "file2" signer uri (#759)
  • test: use localstack to test AWSSigner (#777)

Removed

  • CryptoSigner: remove "file" signer uri (#759)
  • migration script for legacy keys (#770)
  • SSlibSigner class and *_securesystemslib_key methods (#771)
  • legacy key key*, interface, util and schema modules (#772, #773, #776)
  • unused functions in hash, and formats module (#774, #776)
  • unused global key constants (#806)

Changed

  • SSlibKey: strengthen input validation (#780, #795)
  • AWSSigner: support default scheme and add stronger input validation (#724, #778)
  • dsse: change Envelope.signatures type to dict (#743)
  • vendor: update ed25519 copy (#793)
  • docs: improve user and contributor docs (#744, #745, #746, #749, #759, #796)
  • test: improve and temporarily disable SigstoreSigner test (#779, #785)
  • ci: use dependabot groups, update weekly (#735)
  • ci: test macOS and Windows on latest Python only (#797)
  • Make securessystemslib.gpg internal (#792)

Fixed

  • Fix check-upstream-ed25519 workflow permission (#706)
  • SSlibKey: fix default scheme and test for ecdsa nistp384 key (#763 #794)
Commits
  • 1092ac6 Merge pull request #807 from lukpueh/release-1.0.0
  • fe34bac Update v1.0.0 entry in CHANGELOG
  • c682259 Release 1.0.0
  • 5789578 Merge pull request #800 from lukpueh/vault-signer
  • acae70a Add VaultSigner and tests
  • 66a56cb Merge pull request #804 from secure-systems-lab/dependabot/pip/dependencies-9...
  • c48a451 Merge pull request #803 from secure-systems-lab/dependabot/pip/test-and-lint-...
  • 557378e Merge pull request #806 from lukpueh/rm-stray-globals
  • 6975b81 Remove 3 stray global key type constants
  • 402c898 Merge pull request #802 from lukpueh/rm-stability-disclaimers
  • Additional commits viewable in compare view


Updates sigstore-protobuf-specs from 0.3.1 to 0.3.2

Changelog

Sourced from sigstore-protobuf-specs's changelog.

Changelog

All notable changes to protobuf-specs will be documented in this file.

The format is based on Keep a Changelog.

All versions prior to 0.2.0 are untracked.

[Unreleased]

Added

  • Added TransparencyLogInstance.checkpoint_key_id as an optional key identifier for logs that generate checkpoints (#284)

Changed

  • Docs: Clarified DSSE envelope signature cardinality (#318)
  • Docs: Clarifier behavior of key identifiers (#284)
Commits
  • 38622d0 gen: bump JS patch version (#321)
  • fcbe715 gen: bump patch versions (#319)
  • b5b97ec Clairified that a DSSE envelope in a sigstore bundle MUST have exactly one si...
  • 0a028ad build(deps): bump softprops/action... _Description has been truncated_
jku commented 3 months ago

closing: I'll do some of these manually, some were mistakes by broken dependabot config

dependabot[bot] commented 3 months ago

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml