Securesystemslib API is now considered stable. The core functionality is
provided in the Signer interface and the half a dozen integrated Signer
implementations that can be found in the signer module. Smaller helper
modules dsse, formats, hash and storage are also part of the API.
Several legacy modules have been removed.
Added
Signer: add public_key attribute to interface (#756)
VaultSigner: Signer implementation for HashiCorp Vault (#800)
CryptoSigner: support ecdsa keytype that is no longer in spec (#711)
This release, most notably, marks stable securesystemslib v1.0.0 as minimum
requirement. The update causes a minor break in the new DSSE API (see below)
and affects users who also directly depend on securesystemslib. See the securesystemslib release
notes
and the updated python-tuf examples (#2617) for details. ngclient API remains
backwards-compatible.
Changed
DSSE API: change SimpleEnvelope.signatures type to dict, remove
SimpleEnvelope.signatures_dict (#2617)
ngclient: support app-specific user-agents (#2612)
Various build, test and lint improvements
v4.0.0
This release is a small API change for Metadata API users (see below).
ngclient API is compatible but optional DSSE support has been added.
Added
Added optional DSSE support to Metadata API and ngclient (#2436)
Changed
Metadata API: Improved verification functionality for repository users (#2551):
This is an API change for Metadata API users (
Root.get_verification_result() and Targets.get_verification_result()
specifically)
Root.get_root_verification_result() has been added to handle the special
case of root verification
Started using UTC datetimes instead of naive datetimes internally (#2573)
Constrain securesystemslib dependency to <0.32.0 in preparation for future
securesystemslib API changes
This release, most notably, marks stable securesystemslib v1.0.0 as minimum
requirement. The update causes a minor break in the new DSSE API (see below)
and affects users who also directly depend on securesystemslib. See the securesystemslib release
notes
and the updated python-tuf examples (#2617) for details. ngclient API remains
backwards-compatible.
Changed
DSSE API: change SimpleEnvelope.signatures type to dict, remove
SimpleEnvelope.signatures_dict (#2617)
ngclient: support app-specific user-agents (#2612)
Various build, test and lint improvements
v4.0.0
This release is a small API change for Metadata API users (see below).
ngclient API is compatible but optional DSSE support has been added.
Added
Added optional DSSE support to Metadata API and ngclient (#2436)
Changed
Metadata API: Improved verification functionality for repository users (#2551):
This is an API change for Metadata API users (
Root.get_verification_result() and Targets.get_verification_result()
specifically)
Root.get_root_verification_result() has been added to handle the special
case of root verification
Started using UTC datetimes instead of naive datetimes internally (#2573)
Constrain securesystemslib dependency to <0.32.0 in preparation for future
securesystemslib API changes
Various build, test and lint improvements
Commits
1b0c9f7 Merge pull request #2630 from lukpueh/release-v5
We’ve just uploaded mypy 1.10 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:
python3 -m pip install -U mypy
You can read the full documentation for this release on Read the Docs.
Support TypeIs (PEP 742)
Mypy now supports TypeIs (PEP 742), which allows
functions to narrow the type of a value, similar to isinstance(). Unlike TypeGuard,
TypeIs can narrow in both the if and else branches of an if statement:
api-change:connect: [botocore] Amazon Connect provides enhanced search capabilities for flows & flow modules on the Connect admin website and programmatically using APIs. You can search for flows and flow modules by name, description, type, status, and tags, to filter and identify a specific flow in your Connect instances.
api-change:s3: [botocore] Updated a few x-id in the http uri traits
api-change:connect: Amazon Connect provides enhanced search capabilities for flows & flow modules on the Connect admin website and programmatically using APIs. You can search for flows and flow modules by name, description, type, status, and tags, to filter and identify a specific flow in your Connect instances.
api-change:s3: Updated a few x-id in the http uri traits
Securesystemslib API is now considered stable. The core functionality is
provided in the Signer interface and the half a dozen integrated Signer
implementations that can be found in the signer module. Smaller helper
modules dsse, formats, hash and storage are also part of the API.
Several legacy modules have been removed.
Added
Signer: add public_key attribute to interface (#756)
VaultSigner: Signer implementation for HashiCorp Vault (#800)
CryptoSigner: support ecdsa keytype that is no longer in spec (#711)
This release, most notably, marks stable securesystemslib v1.0.0 as minimum
requirement. The update causes a minor break in the new DSSE API (see below)
and affects users who also directly depend on securesystemslib. See the securesystemslib release
notes
and the updated python-tuf examples (#2617) for details. ngclient API remains
backwards-compatible.
Changed
DSSE API: change SimpleEnvelope.signatures type to dict, remove
SimpleEnvelope.signatures_dict (#2617)
ngclient: support app-specific user-agents (#2612)
Various build, test and lint improvements
v4.0.0
This release is a small API change for Metadata API users (see below).
ngclient API is compatible but optional DSSE support has been added.
Added
Added optional DSSE support to Metadata API and ngclient (#2436)
Changed
Metadata API: Improved verification functionality for repository users (#2551):
This is an API change for Metadata API users (
Root.get_verification_result() and Targets.get_verification_result()
specifically)
Root.get_root_verification_result() has been added to handle the special
case of root verification
Started using UTC datetimes instead of naive datetimes internally (#2573)
Constrain securesystemslib dependency to <0.32.0 in preparation for future
securesystemslib API changes
This release, most notably, marks stable securesystemslib v1.0.0 as minimum
requirement. The update causes a minor break in the new DSSE API (see below)
and affects users who also directly depend on securesystemslib. See the securesystemslib release
notes
and the updated python-tuf examples (#2617) for details. ngclient API remains
backwards-compatible.
Changed
DSSE API: change SimpleEnvelope.signatures type to dict, remove
SimpleEnvelope.signatures_dict (#2617)
ngclient: support app-specific user-agents (#2612)
Various build, test and lint improvements
v4.0.0
This release is a small API change for Metadata API users (see below).
ngclient API is compatible but optional DSSE support has been added.
Added
Added optional DSSE support to Metadata API and ngclient (#2436)
Changed
Metadata API: Improved verification functionality for repository users (#2551):
This is an API change for Metadata API users (
Root.get_verification_result() and Targets.get_verification_result()
specifically)
Root.get_root_verification_result() has been added to handle the special
case of root verification
Started using UTC datetimes instead of naive datetimes internally (#2573)
Constrain securesystemslib dependency to <0.32.0 in preparation for future
securesystemslib API changes
Various build, test and lint improvements
Commits
1b0c9f7 Merge pull request #2630 from lukpueh/release-v5
We’ve just uploaded mypy 1.10 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:
python3 -m pip install -U mypy
You can read the full documentation for this release on Read the Docs.
Support TypeIs (PEP 742)
Mypy now supports TypeIs (PEP 742), which allows
functions to narrow the type of a value, similar to isinstance(). Unlike TypeGuard,
TypeIs can narrow in both the if and else branches of an if statement:
Updates the requirements on securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore], tuf, mypy, ruff, boto3, botocore, grpcio-status, protobuf, securesystemslib, sigstore-rekor-types and securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore] to permit the latest version. Updates
securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]
to 1.0.0Release notes
Sourced from securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]'s releases.
Changelog
Sourced from securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]'s changelog.
... (truncated)
Commits
1092ac6
Merge pull request #807 from lukpueh/release-1.0.0fe34bac
Update v1.0.0 entry in CHANGELOGc682259
Release 1.0.05789578
Merge pull request #800 from lukpueh/vault-signeracae70a
Add VaultSigner and tests66a56cb
Merge pull request #804 from secure-systems-lab/dependabot/pip/dependencies-9...c48a451
Merge pull request #803 from secure-systems-lab/dependabot/pip/test-and-lint-...557378e
Merge pull request #806 from lukpueh/rm-stray-globals6975b81
Remove 3 stray global key type constants402c898
Merge pull request #802 from lukpueh/rm-stability-disclaimersUpdates
tuf
from 3.1.1 to 5.0.0Release notes
Sourced from tuf's releases.
Changelog
Sourced from tuf's changelog.
Commits
1b0c9f7
Merge pull request #2630 from lukpueh/release-v5d3d2ac1
Update docs/CHANGELOG.mdbce5039
Rlease v5.0.0c890b7e
Merge pull request #2628 from theupdateframework/dependabot/pip/test-and-lint...6e24f4d
Merge pull request #2629 from theupdateframework/dependabot/github_actions/ac...02464e9
build(deps): bump ossf/scorecard-action in the action-dependencies groupa5ba1a1
build(deps): bump ruff in the test-and-lint-dependencies group87e418c
Merge pull request #2627 from jku/finish-ruff-integration419bfe3
linting: Enable all Ruff rulesets by defaultd855d1c
Merge pull request #2626 from theupdateframework/dependabot/pip/test-and-lint...Updates
mypy
from 1.9.0 to 1.10.0Changelog
Sourced from mypy's changelog.
... (truncated)
Commits
3faf0fc
Remove +dev for version for release 1.10a5998d2
Update CHANGELOG.md (#17159)62ea5b0
Various updates to changelog for 1.10 (#17158)2f0864c
Update CHANGELOG.md with draft for release 1.10 (#17150)e1443bb
fix: incorrect returned type of access descriptors on unions of types (#16604)5161ac2
Sync typeshed (#17124)e2fc1f2
Fix crash when expanding invalid Unpack in aCallable
alias (#17028)3ff6e47
Docs: docstrings in checker.py, ast_helpers.py (#16908)732d98e
Fix string formatting for string enums (#16555)8019010
Narrow individual items when matching a tuple to a sequence pattern (#16905)Updates
ruff
from 0.3.5 to 0.4.4Release notes
Sourced from ruff's releases.
... (truncated)
Changelog
Sourced from ruff's changelog.
... (truncated)
Commits
3e8878a
Bump version to v0.4.4 (#11352)b6b4ad9
[red-knot]@override
lint rule (#11282)dd42961
[pylint
] Detectpathlib.Path.open
calls inunspecified-encoding
(`PLW15...c80c171
[red-knot] Vendor typeshed's stdlib (#11340)e2fe177
Revert "Simplify arithmetic operation in logical lines checker (#11346)" (#11...e9d1cdd
Simplify arithmetic operation in logical lines checker (#11346)dfe4291
Improveruff_python_semantic::all::extract_all_names()
(#11335)4541337
[red-knot] Remove\<Db: SemanticDb>
contraints in favor of dynamic dispatch ...8e9ddee
Ignore end-of-line comments when determining blank line rules (#11342)702d2fa
Make B024 and B027 documentation more nuanced (#11341)Updates
boto3
from 1.34.104 to 1.34.105Changelog
Sourced from boto3's changelog.
Commits
85cd67e
Merge branch 'release-1.34.105'8605cd6
Bumping version to 1.34.105e4860db
Add changelog entries from botocore303da52
update s3 download_file example (#4128)bbd1223
Merge branch 'release-1.34.104' into developUpdates
botocore
from 1.34.104 to 1.34.105Changelog
Sourced from botocore's changelog.
Commits
1762181
Merge branch 'release-1.34.105'00fc5a2
Bumping version to 1.34.105684ed3f
Update endpoints model82d49c3
Update to latest models8b29f58
Merge branch 'release-1.34.104' into developUpdates
grpcio-status
from 1.62.2 to 1.63.0Updates
protobuf
from 4.25.3 to 5.26.1Commits
2434ef2
Updating version.json and repo version numbers to: 26.149253b1
Merge pull request #16308 from protocolbuffers/cp-26x-39bf69ec
Fix validateFeatures to be called after resolved features are actually set to...b752bc2
Merge pull request #16307 from protocolbuffers/cp-26x-2f7d2326
Merge pull request #16309 from protocolbuffers/cp-26x-42e51ff6
Cherry-pick required label handling in JRuby field descriptor from https://gi...a2f5303
Update cmake stalenes6a177d2
Merge branch '26.x' into cp-26x-42d3d8ba
Expand cpp_features_proto_srcs visibilitye1092ee
Merge pull request #16294 from protocolbuffers/cp-26xUpdates
securesystemslib
from 0.31.0 to 1.0.0Release notes
Sourced from securesystemslib's releases.
Changelog
Sourced from securesystemslib's changelog.
Commits
1092ac6
Merge pull request #807 from lukpueh/release-1.0.0fe34bac
Update v1.0.0 entry in CHANGELOGc682259
Release 1.0.05789578
Merge pull request #800 from lukpueh/vault-signeracae70a
Add VaultSigner and tests66a56cb
Merge pull request #804 from secure-systems-lab/dependabot/pip/dependencies-9...c48a451
Merge pull request #803 from secure-systems-lab/dependabot/pip/test-and-lint-...557378e
Merge pull request #806 from lukpueh/rm-stray-globals6975b81
Remove 3 stray global key type constants402c898
Merge pull request #802 from lukpueh/rm-stability-disclaimersUpdates
sigstore-rekor-types
from 0.0.11 to 0.0.13Release notes
Sourced from sigstore-rekor-types's releases.
Commits
cb51dc2
rekor_types: 0.0.130bbbec8
bump rekor to 1.3.6 (#26)7637117
build(deps): bump actions/deploy-pages from 4.0.4 to 4.0.5 (#37)86ca37e
build(deps-dev): update ruff requirement from <0.3.4 to <0.3.5 (#38)a1fa8f3
build(deps-dev): update ruff requirement from <0.3.3 to <0.3.4 (#36)734dd39
build(deps-dev): update ruff requirement from <0.3.1 to <0.3.3 (#34)dcd6305
build(deps): bump pypa/gh-action-pypi-publish from 1.8.12 to 1.8.14 (#35)b5391b1
build(deps-dev): update ruff requirement from <0.2.3 to <0.3.1 (#32)8d5a1c2
build(deps): bump pypa/gh-action-pypi-publish from 1.8.11 to 1.8.12 (#33)2ef01cc
build(deps-dev): update ruff requirement from <0.2.2 to <0.2.3 (#31)Updates
tuf
to 5.0.0Release notes
Sourced from tuf's releases.
Changelog
Sourced from tuf's changelog.
Commits
1b0c9f7
Merge pull request #2630 from lukpueh/release-v5d3d2ac1
Update docs/CHANGELOG.mdbce5039
Rlease v5.0.0c890b7e
Merge pull request #2628 from theupdateframework/dependabot/pip/test-and-lint...6e24f4d
Merge pull request #2629 from theupdateframework/dependabot/github_actions/ac...02464e9
build(deps): bump ossf/scorecard-action in the action-dependencies groupa5ba1a1
build(deps): bump ruff in the test-and-lint-dependencies group87e418c
Merge pull request #2627 from jku/finish-ruff-integration419bfe3
linting: Enable all Ruff rulesets by defaultd855d1c
Merge pull request #2626 from theupdateframework/dependabot/pip/test-and-lint...Updates
mypy
from 1.9.0 to 1.10.0Changelog
Sourced from mypy's changelog.
... (truncated)
Commits
3faf0fc
Remove +dev for version for release 1.10see #330
Looks like these dependencies are updatable in another way, so this is no longer needed.