From 1545e96dcbd4dfda3304df772fdf2b616046d32c Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Tue, 22 Oct 2024 12:40:04 -0400 Subject: [PATCH 1/2] requirements: bump sigstore, pypi-attestations Signed-off-by: William Woodruff --- requirements/runtime.in | 4 ++-- requirements/runtime.txt | 8 +++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/requirements/runtime.in b/requirements/runtime.in index 3758e3a..b0a0aaa 100644 --- a/requirements/runtime.in +++ b/requirements/runtime.in @@ -10,8 +10,8 @@ id ~= 1.0 requests # NOTE: Used to generate attestations. -pypi-attestations ~= 0.0.12 -sigstore ~= 3.2.0 +pypi-attestations ~= 0.0.13 +sigstore ~= 3.4.0 # NOTE: Used to detect the PyPI package name from the distribution files packaging diff --git a/requirements/runtime.txt b/requirements/runtime.txt index 5ff03bb..162eb95 100644 --- a/requirements/runtime.txt +++ b/requirements/runtime.txt @@ -72,7 +72,9 @@ pkginfo==1.10.0 platformdirs==4.2.2 # via sigstore pyasn1==0.6.0 - # via sigstore + # via + # pypi-attestations + # sigstore pycparser==2.22 # via cffi pydantic==2.7.1 @@ -91,7 +93,7 @@ pyjwt==2.8.0 # via sigstore pyopenssl==24.1.0 # via sigstore -pypi-attestations==0.0.12 +pypi-attestations==0.0.13 # via -r runtime.in python-dateutil==2.9.0.post0 # via betterproto @@ -117,7 +119,7 @@ rich==13.7.1 # twine securesystemslib==1.0.0 # via tuf -sigstore==3.2.0 +sigstore==3.4.0 # via # -r runtime.in # pypi-attestations From 335e8b00ae050a2b9c5938415e7203ca6732f0d5 Mon Sep 17 00:00:00 2001 From: William Woodruff Date: Mon, 28 Oct 2024 14:29:41 -0400 Subject: [PATCH 2/2] bump sigstore==3.5.1 Signed-off-by: William Woodruff --- requirements/runtime.in | 2 +- requirements/runtime.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements/runtime.in b/requirements/runtime.in index b0a0aaa..0868f81 100644 --- a/requirements/runtime.in +++ b/requirements/runtime.in @@ -11,7 +11,7 @@ requests # NOTE: Used to generate attestations. pypi-attestations ~= 0.0.13 -sigstore ~= 3.4.0 +sigstore ~= 3.5.1 # NOTE: Used to detect the PyPI package name from the distribution files packaging diff --git a/requirements/runtime.txt b/requirements/runtime.txt index 162eb95..13b5f7c 100644 --- a/requirements/runtime.txt +++ b/requirements/runtime.txt @@ -119,7 +119,7 @@ rich==13.7.1 # twine securesystemslib==1.0.0 # via tuf -sigstore==3.4.0 +sigstore==3.5.1 # via # -r runtime.in # pypi-attestations