Dustin Ingram
|
41c10ee223
|
Add link to configuration docs for Trusted Publishing
|
2023-08-11 11:23:40 -04:00 |
Sviatoslav Sydorenko
|
b7f401de30
|
Merge PR #177 into unstable/v1
|
2023-08-10 22:58:37 +02:00 |
William Woodruff
|
ba3ecc9355
|
oidc-exchange: fix padding
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-08-10 16:08:35 -04:00 |
Sviatoslav Sydorenko
|
ade57f54dc
|
Merge PRs #174 #175 and #172 into unstable/v1
|
2023-08-10 18:57:00 +02:00 |
William Woodruff
|
637917e5f2
|
README: re-add "pro tip" language
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-08-09 18:01:51 -04:00 |
William Woodruff
|
4864f13c38
|
README: use semantic callouts
See: https://github.com/orgs/community/discussions/16925
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-08-09 17:58:56 -04:00 |
William Woodruff
|
326f9ad1e1
|
oidc-exchange: add-trailing-comma
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-08-09 15:17:18 -04:00 |
William Woodruff
|
e5f0690e91
|
oidc-exchange: ignore a nested function
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-08-09 15:12:44 -04:00 |
William Woodruff
|
8bdd0cc2a0
|
oidc-exchange: lintage
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-08-09 15:10:56 -04:00 |
William Woodruff
|
71a0032909
|
oidc-exchange: render claims if exchange fails
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-08-09 15:08:47 -04:00 |
dependabot[bot]
|
adef75a5a6
|
Bump cryptography from 41.0.2 to 41.0.3 in /requirements
Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.2 to 41.0.3.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/41.0.2...41.0.3)
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-08-02 02:15:59 +00:00 |
Sviatoslav Sydorenko
|
413a8d5d62
|
Merge pull request #171 from pypa/dependabot/pip/requirements/certifi-2023.7.22
Bump certifi from 2023.5.7 to 2023.7.22 in /requirements
|
2023-07-26 11:43:53 +02:00 |
dependabot[bot]
|
c185b8ee4e
|
Bump certifi from 2023.5.7 to 2023.7.22 in /requirements
Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.5.7 to 2023.7.22.
- [Commits](https://github.com/certifi/python-certifi/compare/2023.05.07...2023.07.22)
---
updated-dependencies:
- dependency-name: certifi
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-07-25 23:36:57 +00:00 |
Sviatoslav Sydorenko
|
2a939dd49b
|
🎨📝 Link SHA pinning encouragement @ README
This article [[1]] describes security flows of using branches and
tags as an end-user. The commit is intended to educate them but not
force doing so if they don't want to.
[1]: https://julienrenaux.fr/2019/12/20/github-actions-security-risk/
|
2023-07-13 16:44:47 +02:00 |
Sviatoslav Sydorenko
|
f8c70e705f
|
Merge pull request #168 from pquentin/bump-dependencies
|
2023-07-12 02:46:40 +02:00 |
Sviatoslav Sydorenko
|
68276eb3e4
|
Merge pull request #167 from trail-of-forks/tob-nudge
|
2023-07-12 02:43:50 +02:00 |
Quentin Pradet
|
a5d57af63c
|
Bump runtime dependencies
|
2023-07-11 09:31:13 +04:00 |
William Woodruff
|
e90e853e89
|
twine-upload: only nudge on PyPI-looking domains
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-07-10 12:11:56 -04:00 |
William Woodruff
|
be695966b0
|
twine-upload: add a nudge for trusted publishing
Closes #164.
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-07-10 11:44:56 -04:00 |
Sviatoslav Sydorenko
|
54d67ed3c5
|
Merge pull request #165 from pypa/pre-commit-ci-update-config
|
2023-07-09 14:55:23 +02:00 |
Sviatoslav Sydorenko
|
d32e2fab32
|
Revert flake8 to v4.0.1
|
2023-07-09 14:53:38 +02:00 |
pre-commit-ci[bot]
|
a8d92e9876
|
[pre-commit.ci] pre-commit autoupdate
updates:
- [github.com/asottile/add-trailing-comma.git: v2.4.0 → v3.0.0](https://github.com/asottile/add-trailing-comma.git/compare/v2.4.0...v3.0.0)
- [github.com/python-jsonschema/check-jsonschema.git: 0.22.0 → 0.23.2](https://github.com/python-jsonschema/check-jsonschema.git/compare/0.22.0...0.23.2)
- [github.com/codespell-project/codespell: v2.2.4 → v2.2.5](https://github.com/codespell-project/codespell/compare/v2.2.4...v2.2.5)
- [github.com/adrienverge/yamllint.git: v1.30.0 → v1.32.0](https://github.com/adrienverge/yamllint.git/compare/v1.30.0...v1.32.0)
- [github.com/PyCQA/flake8.git: 4.0.1 → 6.0.0](https://github.com/PyCQA/flake8.git/compare/4.0.1...6.0.0)
|
2023-07-03 22:49:42 +00:00 |
Sviatoslav Sydorenko
|
f5622bde02
|
Merge PRs #159 and #160 into unstable/v1
|
2023-06-26 18:18:24 +02:00 |
Sviatoslav Sydorenko
|
3be882c473
|
Merge pull request #161 from jaap3/jaap3-patch-1
This patch remove extraneous trailing `}` from the annotation note.
|
2023-06-08 16:22:18 +02:00 |
Jaap Roes
|
775be49481
|
Remove extraneous }
|
2023-06-08 14:56:32 +02:00 |
dependabot[bot]
|
5684530096
|
Bump cryptography from 39.0.1 to 41.0.0 in /requirements
Bumps [cryptography](https://github.com/pyca/cryptography) from 39.0.1 to 41.0.0.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/39.0.1...41.0.0)
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-06-02 20:16:33 +00:00 |
Hugo van Kemenade
|
135d0d5353
|
Ignore pip's root user warning
|
2023-05-29 13:42:14 +03:00 |
Sviatoslav Sydorenko
|
110f54a387
|
Merge pull request #157 from pypa/dependabot/pip/requirements/requests-2.31.0
Bump requests from 2.28.1 to 2.31.0 in /requirements
|
2023-05-23 07:41:59 +02:00 |
dependabot[bot]
|
c803c91ef0
|
Bump requests from 2.28.1 to 2.31.0 in /requirements
Bumps [requests](https://github.com/psf/requests) from 2.28.1 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.28.1...v2.31.0)
---
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-05-23 05:16:54 +00:00 |
Sviatoslav Sydorenko
|
f9ed8ba9ad
|
Merge pull request #156 from trail-of-forks/tob-fix-annotation
|
2023-05-17 02:02:16 +02:00 |
William Woodruff
|
30639668ca
|
oidc-exchange: "fix" multiline annotations
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-05-12 11:04:38 -04:00 |
Sviatoslav Sydorenko
|
a56da0b891
|
Merge pull request #151 from asherf/trusted
|
2023-05-02 22:30:51 +02:00 |
Asher Foa
|
e4b9031741
|
password input is no longer required, since not specifying it implies trusted publishing
Signed-off-by: Asher Foa <1268088+asherf@users.noreply.github.com>
|
2023-04-27 11:31:44 -04:00 |
Sviatoslav Sydorenko
|
5a085bf49e
|
Merge pull request #150 from trail-of-forks/tob-doc-tweaks
|
2023-04-24 22:34:21 -06:00 |
William Woodruff
|
0811f991bd
|
README: small doc tweaks
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-04-24 09:30:35 -06:00 |
Sviatoslav Sydorenko
|
f47b34707f
|
📝🎨 Put OIDC on pedestal @ README
This patch makes sure that the new users would go for the secretless
publishing when integrating the action, from the beginning.
|
2023-04-24 07:26:17 +02:00 |
Sviatoslav Sydorenko
|
7a1a355fb5
|
🎨 Show GH environments use in README examples
It is a useful protection feature giving the end-users more control
over the release flow and trust.
|
2023-04-24 07:07:39 +02:00 |
Sviatoslav Sydorenko
|
3b6670b0bd
|
Merge pull request #147 from trail-of-forks/tob-stabilize-oidc
README, oidc-exchange: remove beta references
|
2023-04-22 18:56:18 -06:00 |
William Woodruff
|
c008c2f40a
|
README: re-add OIDC note
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-04-22 07:27:01 -06:00 |
William Woodruff
|
fe431ff9ad
|
README, oidc-exchange: remove beta references
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-04-21 16:09:58 -06:00 |
Sviatoslav Sydorenko
|
c542b72dc6
|
Bump WPS flake8 plugin set to v0.17.0
|
2023-04-04 03:22:09 +02:00 |
Sviatoslav Sydorenko
|
f437f577c3
|
Merge pull request #145 from pypa/pre-commit-ci-update-config
[pre-commit.ci] pre-commit autoupdate
|
2023-04-04 02:33:37 +02:00 |
Sviatoslav Sydorenko
|
ba7045370c
|
Revert WPS flake8 hook version to 4.0.1
|
2023-04-04 01:28:01 +02:00 |
pre-commit-ci[bot]
|
6cbdb5439a
|
[pre-commit.ci] pre-commit autoupdate
updates:
- [github.com/Lucas-C/pre-commit-hooks.git: v1.3.1 → v1.5.1](https://github.com/Lucas-C/pre-commit-hooks.git/compare/v1.3.1...v1.5.1)
- [github.com/python-jsonschema/check-jsonschema.git: 0.19.2 → 0.22.0](https://github.com/python-jsonschema/check-jsonschema.git/compare/0.19.2...0.22.0)
- [github.com/codespell-project/codespell: v2.2.2 → v2.2.4](https://github.com/codespell-project/codespell/compare/v2.2.2...v2.2.4)
- [github.com/adrienverge/yamllint.git: v1.28.0 → v1.30.0](https://github.com/adrienverge/yamllint.git/compare/v1.28.0...v1.30.0)
- [github.com/PyCQA/flake8.git: 4.0.1 → 6.0.0](https://github.com/PyCQA/flake8.git/compare/4.0.1...6.0.0)
- [github.com/PyCQA/pylint.git: v2.15.9 → v3.0.0a6](https://github.com/PyCQA/pylint.git/compare/v2.15.9...v3.0.0a6)
|
2023-04-03 23:10:34 +00:00 |
Sviatoslav Sydorenko
|
82695c57c9
|
📝 Link the announcement discussions from README
This patch encourages the end-users to share feedback using GitHub
Discussions instead of issues.
|
2023-04-03 18:19:33 +02:00 |
Sviatoslav Sydorenko
|
0bf742be3e
|
Merge pull request #143 from trail-of-forks/tob-rewrite-oidc-refs
This patch updates the user-facing OIDC mentions with the new "Trusted Publishing" term
to make it cohesive with how the PyPI docs names things now.
|
2023-04-03 17:56:36 +02:00 |
William Woodruff
|
30c382209e
|
oidc-exchange: another link
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-04-03 23:39:43 +09:00 |
William Woodruff
|
89ddbeae04
|
README: retitle, add note
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-04-03 23:37:32 +09:00 |
William Woodruff
|
a0f29a5690
|
Apply suggestions from code review
Co-authored-by: Sviatoslav Sydorenko <wk.cvs.github@sydorenko.org.ua>
|
2023-04-03 23:14:57 +09:00 |
William Woodruff
|
0b567d5b01
|
oidc-exchange, twine-upload: remove more OIDC refs
...but not all, since some make sense in a debugging
context.
Signed-off-by: William Woodruff <william@trailofbits.com>
|
2023-04-03 21:32:49 +09:00 |