Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump the pyproject-dependencies group across 2 directories with 12 updates #306

Closed
wants to merge 2 commits into from
Closed

build(deps): bump the pyproject-dependencies group across 2 directories with 12 updates #306

wants to merge 2 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 6, 2024
edited
Loading

Updates the requirements on securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore], tuf, mypy, ruff, boto3, botocore, cryptography, grpcio-status, protobuf, securesystemslib, sigstore-rekor-types and securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore] to permit the latest version.
Updates securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore] to 1.0.0

Release notes

Sourced from securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]'s releases.

v1.0.0

See CHANGELOG.md for details.

Changelog

Sourced from securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]'s changelog.

securesystemslib v1.0.0

Securesystemslib API is now considered stable. The core functionality is provided in the Signer interface and the half a dozen integrated Signer implementations that can be found in the signer module. Smaller helper modules dsse, formats, hash and storage are also part of the API. Several legacy modules have been removed.

Added

  • Signer: add public_key attribute to interface (#756)
  • VaultSigner: Signer implementation for HashiCorp Vault (#800)
  • CryptoSigner: support ecdsa keytype that is no longer in spec (#711)
  • CryptoSigner: add private_bytes property (#799)
  • CryptoSigner: add "file2" signer uri (#759)
  • test: use localstack to test AWSSigner (#777)

Removed

  • CryptoSigner: remove "file" signer uri (#759)
  • migration script for legacy keys (#770)
  • SSlibSigner class and *_securesystemslib_key methods (#771)
  • legacy key key*, interface, util and schema modules (#772, #773, #776)
  • unused functions in hash, and formats module (#774, #776)
  • unused global key constants (#806)

Changed

  • SSlibKey: strengthen input validation (#780, #795)
  • AWSSigner: support default scheme and add stronger input validation (#724, #778)
  • dsse: change Envelope.signatures type to dict (#743)
  • vendor: update ed25519 copy (#793)
  • docs: improve user and contributor docs (#744, #745, #746, #749, #759, #796)
  • test: improve and temporarily disable SigstoreSigner test (#779, #785)
  • ci: use dependabot groups, update weekly (#735)
  • ci: test macOS and Windows on latest Python only (#797)
  • Make securessystemslib.gpg internal (#792)

Fixed

  • Fix check-upstream-ed25519 workflow permission (#706)
  • SSlibKey: fix default scheme and test for ecdsa nistp384 key (#763 #794)

securesystemslib v0.31.0

Added

  • CryptoSigner: create from cryptography private key with new constructor (#675)
  • SSlibKey: create from cryptography public key with new from_crypto method (#678)
  • Release: auto-release with PyPI Trusted Publishing (#683)
  • Docs to migrate legacy key files (#658)

Removed

  • Removed SSlibKey.from_pem factory method in favor of from_crypto (#678)

... (truncated)

Commits
  • 1092ac6 Merge pull request #807 from lukpueh/release-1.0.0
  • fe34bac Update v1.0.0 entry in CHANGELOG
  • c682259 Release 1.0.0
  • 5789578 Merge pull request #800 from lukpueh/vault-signer
  • acae70a Add VaultSigner and tests
  • 66a56cb Merge pull request #804 from secure-systems-lab/dependabot/pip/dependencies-9...
  • c48a451 Merge pull request #803 from secure-systems-lab/dependabot/pip/test-and-lint-...
  • 557378e Merge pull request #806 from lukpueh/rm-stray-globals
  • 6975b81 Remove 3 stray global key type constants
  • 402c898 Merge pull request #802 from lukpueh/rm-stability-disclaimers
  • Additional commits viewable in compare view

Updates tuf from 3.1.1 to 4.0.0

Release notes

Sourced from tuf's releases.

v4.0.0

This release is a small API change for Metadata API users (see below). ngclient API is compatible but optional DSSE support has been added.

Added

  • Added optional DSSE support to Metadata API and ngclient (#2436)

Changed

  • Metadata API: Improved verification functionality for repository users (#2551):
    • This is an API change for Metadata API users ( Root.get_verification_result() and Targets.get_verification_result() specifically)
    • Root.get_root_verification_result() has been added to handle the special case of root verification
  • Started using UTC datetimes instead of naive datetimes internally (#2573)
  • Constrain securesystemslib dependency to <0.32.0 in preparation for future securesystemslib API changes
  • Various build, test and lint improvements
Changelog

Sourced from tuf's changelog.

v4.0.0

This release is a small API change for Metadata API users (see below). ngclient API is compatible but optional DSSE support has been added.

Added

  • Added optional DSSE support to Metadata API and ngclient (#2436)

Changed

  • Metadata API: Improved verification functionality for repository users (#2551):
    • This is an API change for Metadata API users ( Root.get_verification_result() and Targets.get_verification_result() specifically)
    • Root.get_root_verification_result() has been added to handle the special case of root verification
  • Started using UTC datetimes instead of naive datetimes internally (#2573)
  • Constrain securesystemslib dependency to <0.32.0 in preparation for future securesystemslib API changes
  • Various build, test and lint improvements
Commits
  • 2d6fc74 Merge pull request #2601 from jku/release-v4
  • 928702a Release v4.0.0
  • 892c789 Merge pull request #2600 from lukpueh/set-max-sslib-version
  • bc3ebd8 Constrain securesystemslib dependency to <0.32.0
  • 5947bd0 Merge pull request #2594 from theupdateframework/dependabot/pip/build-and-rel...
  • afa4619 Merge pull request #2596 from theupdateframework/dependabot/github_actions/ac...
  • 7c5cae3 Merge pull request #2595 from theupdateframework/dependabot/pip/test-and-lint...
  • ad2c98a Merge pull request #2593 from theupdateframework/dependabot/pip/dependencies-...
  • 6cd2d22 build(deps): bump the dependencies group with 1 update
  • 9f4906b build(deps): bump the test-and-lint-dependencies group with 1 update
  • Additional commits viewable in compare view

Updates mypy from 1.9.0 to 1.10.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.10

We’ve just uploaded mypy 1.10 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support TypeIs (PEP 742)

Mypy now supports TypeIs (PEP 742), which allows functions to narrow the type of a value, similar to isinstance(). Unlike TypeGuard, TypeIs can narrow in both the if and else branches of an if statement:

from typing_extensions import TypeIs
def is_str(s: object) -> TypeIs[str]:
return isinstance(s, str)
def f(o: str | int) -> None:
if is_str(o):
# Type of o is 'str'
...
else:
# Type of o is 'int'
...

TypeIs will be added to the typing module in Python 3.13, but it can be used on earlier Python versions by importing it from typing_extensions.

This feature was contributed by Jelle Zijlstra (PR 16898).

Support TypeVar Defaults (PEP 696)

PEP 696 adds support for type parameter defaults. Example:

from typing import Generic
from typing_extensions import TypeVar
</tr></table>

... (truncated)

Commits

Updates ruff from 0.3.5 to 0.4.3

Release notes

Sourced from ruff's releases.

v0.4.3

Changes

Enhancements

  • Add support for PEP 696 syntax (#11120)

Preview features

  • [refurb] Use function range for reimplemented-operator diagnostics (#11271)
  • [refurb] Ignore methods in reimplemented-operator (FURB118) (#11270)
  • [refurb] Implement fstring-number-format (FURB116) (#10921)
  • [ruff] Implement redirected-noqa (RUF101) (#11052)
  • [pyflakes] Distinguish between first-party and third-party imports for fix suggestions (#11168)

Rule changes

  • [flake8-bugbear] Ignore non-abstract class attributes when enforcing B024 (#11210)
  • [flake8-logging] Include inline instantiations when detecting loggers (#11154)
  • [pylint] Also emit PLR0206 for properties with variadic parameters (#11200)
  • [ruff] Detect duplicate codes as part of unused-noqa (RUF100) (#10850)

Formatter

  • Avoid multiline expression if format specifier is present (#11123)

LSP

  • Write ruff server setup guide for Helix (#11183)
  • ruff server no longer hangs after shutdown (#11222)
  • ruff server reads from a configuration TOML file in the user configuration directory if no local configuration exists (#11225)
  • ruff server respects per-file-ignores configuration (#11224)
  • ruff server: Support a custom TOML configuration file (#11140)
  • ruff server: Support setting to prioritize project configuration over editor configuration (#11086)

Bug fixes

  • Avoid debug assertion around NFKC renames (#11249)
  • [pyflakes] Prioritize redefined-while-unused over unused-import (#11173)
  • [ruff] Respect async expressions in comprehension bodies (#11219)
  • [pygrep_hooks] Fix blanket-noqa panic when last line has noqa with no newline (PGH004) (#11108)
  • [perflint] Ignore list-copy recommendations for async for loops (#11250)
  • [pyflakes] Improve invalid-print-syntax documentation (#11171)

Performance

  • Avoid allocations for isort module names (#11251)
  • Build a separate ARM wheel for macOS (#11149)

Contributors

... (truncated)

Changelog

Sourced from ruff's changelog.

0.4.3

Enhancements

  • Add support for PEP 696 syntax (#11120)

Preview features

  • [refurb] Use function range for reimplemented-operator diagnostics (#11271)
  • [refurb] Ignore methods in reimplemented-operator (FURB118) (#11270)
  • [refurb] Implement fstring-number-format (FURB116) (#10921)
  • [ruff] Implement redirected-noqa (RUF101) (#11052)
  • [pyflakes] Distinguish between first-party and third-party imports for fix suggestions (#11168)

Rule changes

  • [flake8-bugbear] Ignore non-abstract class attributes when enforcing B024 (#11210)
  • [flake8-logging] Include inline instantiations when detecting loggers (#11154)
  • [pylint] Also emit PLR0206 for properties with variadic parameters (#11200)
  • [ruff] Detect duplicate codes as part of unused-noqa (RUF100) (#10850)

Formatter

  • Avoid multiline expression if format specifier is present (#11123)

LSP

  • Write ruff server setup guide for Helix (#11183)
  • ruff server no longer hangs after shutdown (#11222)
  • ruff server reads from a configuration TOML file in the user configuration directory if no local configuration exists (#11225)
  • ruff server respects per-file-ignores configuration (#11224)
  • ruff server: Support a custom TOML configuration file (#11140)
  • ruff server: Support setting to prioritize project configuration over editor configuration (#11086)

Bug fixes

  • Avoid debug assertion around NFKC renames (#11249)
  • [pyflakes] Prioritize redefined-while-unused over unused-import (#11173)
  • [ruff] Respect async expressions in comprehension bodies (#11219)
  • [pygrep_hooks] Fix blanket-noqa panic when last line has noqa with no newline (PGH004) (#11108)
  • [perflint] Ignore list-copy recommendations for async for loops (#11250)
  • [pyflakes] Improve invalid-print-syntax documentation (#11171)

Performance

  • Avoid allocations for isort module names (#11251)
  • Build a separate ARM wheel for macOS (#11149)

0.4.2

... (truncated)

Commits

Updates boto3 from 1.34.98 to 1.34.99

Changelog

Sourced from boto3's changelog.

1.34.99

  • api-change:medialive: [botocore] AWS Elemental MediaLive now supports configuring how SCTE 35 passthrough triggers segment breaks in HLS and MediaPackage output groups. Previously, messages triggered breaks in all these output groups. The new option is to trigger segment breaks only in groups that have SCTE 35 passthrough enabled.
Commits
  • 4897613 Merge branch 'release-1.34.99'
  • 1b78aed Bumping version to 1.34.99
  • c8a5b57 Add changelog entries from botocore
  • 9213bfe Merge branch 'release-1.34.98' into develop
  • See full diff in compare view

Updates botocore from 1.34.98 to 1.34.99

Changelog

Sourced from botocore's changelog.

1.34.99

  • api-change:medialive: AWS Elemental MediaLive now supports configuring how SCTE 35 passthrough triggers segment breaks in HLS and MediaPackage output groups. Previously, messages triggered breaks in all these output groups. The new option is to trigger segment breaks only in groups that have SCTE 35 passthrough enabled.
Commits

Updates cryptography from 42.0.6 to 42.0.7

Changelog

Sourced from cryptography's changelog.

42.0.7 - 2024-05-06


* Restored Windows 7 compatibility for our pre-built wheels. Note that we do
  not test on Windows 7 and wheels for our next release will not support it.
  Microsoft no longer provides support for Windows 7 and users are encouraged
  to upgrade.

.. _v42-0-6:

Commits

Updates grpcio-status from 1.62.2 to 1.63.0

Updates protobuf from 4.25.3 to 5.26.1

Commits
  • 2434ef2 Updating version.json and repo version numbers to: 26.1
  • 49253b1 Merge pull request #16308 from protocolbuffers/cp-26x-3
  • 9bf69ec Fix validateFeatures to be called after resolved features are actually set to...
  • b752bc2 Merge pull request #16307 from protocolbuffers/cp-26x-2
  • f7d2326 Merge pull request #16309 from protocolbuffers/cp-26x-4
  • 2e51ff6 Cherry-pick required label handling in JRuby field descriptor from https://gi...
  • a2f5303 Update cmake stalenes
  • 6a177d2 Merge branch '26.x' into cp-26x-4
  • 2d3d8ba Expand cpp_features_proto_srcs visibility
  • e1092ee Merge pull request #16294 from protocolbuffers/cp-26x
  • Additional commits viewable in compare view

Updates securesystemslib from 0.31.0 to 1.0.0

Release notes

Sourced from securesystemslib's releases.

v1.0.0

See CHANGELOG.md for details.

Changelog

Sourced from securesystemslib's changelog.

securesystemslib v1.0.0

Securesystemslib API is now considered stable. The core functionality is provided in the Signer interface and the half a dozen integrated Signer implementations that can be found in the signer module. Smaller helper modules dsse, formats, hash and storage are also part of the API. Several legacy modules have been removed.

Added

  • Signer: add public_key attribute to interface (#756)
  • VaultSigner: Signer implementation for HashiCorp Vault (#800)
  • CryptoSigner: support ecdsa keytype that is no longer in spec (#711)
  • CryptoSigner: add private_bytes property (#799)
  • CryptoSigner: add "file2" signer uri (#759)
  • test: use localstack to test AWSSigner (#777)

Removed

  • CryptoSigner: remove "file" signer uri (#759)
  • migration script for legacy keys (#770)
  • SSlibSigner class and *_securesystemslib_key methods (#771)
  • legacy key key*, interface, util and schema modules (#772, #773, #776)
  • unused functions in hash, and formats module (#774, #776)
  • unused global key constants (#806)

Changed

  • SSlibKey: strengthen input validation (#780, #795)
  • AWSSigner: support default scheme and add stronger input validation (#724, #778)
  • dsse: change Envelope.signatures type to dict (#743)
  • vendor: update ed25519 copy (#793)
  • docs: improve user and contributor docs (#744, #745, #746, #749, #759, #796)
  • test: improve and temporarily disable SigstoreSigner test (#779, #785)
  • ci: use dependabot groups, update weekly (#735)
  • ci: test macOS and Windows on latest Python only (#797)
  • Make securessystemslib.gpg internal (#792)

Fixed

  • Fix check-upstream-ed25519 workflow permission (#706)
  • SSlibKey: fix default scheme and test for ecdsa nistp384 key (#763 #794)
Commits
  • 1092ac6 Merge pull request #807 from lukpueh/release-1.0.0
  • fe34bac Update v1.0.0 entry in CHANGELOG
  • c682259 Release 1.0.0
  • 5789578 Merge pull request #800 from lukpueh/vault-signer
  • acae70a Add VaultSigner and tests
  • 66a56cb Merge pull request #804 from secure-systems-lab/dependabot/pip/dependencies-9...
  • c48a451 Merge pull request #803 from secure-systems-lab/dependabot/pip/test-and-lint-...
  • 557378e Merge pull request #806 from lukpueh/rm-stray-globals
  • 6975b81 Remove 3 stray global key type constants
  • 402c898 Merge pull request #802 from lukpueh/rm-stability-disclaimers
  • Additional commits viewable in compare view

Updates sigstore-rekor-types from 0.0.11 to 0.0.13

Release notes

Sourced from sigstore-rekor-types's releases.

v0.0.13

What's Changed

Full Changelog: trailofbits/sigstore-rekor-types@v0.0.12...v0.0.13

v0.0.12

What's Changed

New Contributors

Full Changelog: trailofbits/sigstore-rekor-types@v0.0.11...v0.0.12

Commits
  • cb51dc2 rekor_types: 0.0.13
  • 0bbbec8 bump rekor to 1.3.6 (#26)
  • 7637117 build(deps): bump actions/deploy-pages from 4.0.4 to 4.0.5 (#37)
  • 86ca37e build(deps-dev): update ruff requirement from <0.3.4 to <0.3.5 (#38)
  • a1fa8f3 build(deps-dev): update ruff requirement from <0.3.3 to <0.3.4 (#36)
  • 734dd39 build(deps-dev): update ruff requirement from <0.3.1 to <0.3.3 (#34)
  • dcd6305 build(deps): bump pypa/gh-action-pypi-publish from 1.8.12 to 1.8.14 (#35)
  • b5391b1 build(deps-dev): update ruff requirement from <0.2.3 to <0.3.1 (#32)
  • 8d5a1c2 build(deps): bump pypa/gh-action-pypi-publish from 1.8.11 to 1.8.12 (#33)
  • 2ef01cc build(deps-dev): update ruff requirement from <0.2.2 to <0.2.3 (#31)
  • Additional commits viewable in compare view

Updates tuf to 4.0.0

Release notes

Sourced from tuf's releases.

v4.0.0

This release is a small API change for Metadata API users (see below). ngclient API is compatible but optional DSSE support has been added.

Added

  • Added optional DSSE support to Metadata API and ngclient (#2436)

Changed

  • Metadata API: Improved verification functionality for repository users (#2551):
    • This is an API change for Metadata API users ( Root.get_verification_result() and Targets.get_verification_result() specifically)
    • Root.get_root_verification_result() has been added to handle the special case of root verification
  • Started using UTC datetimes instead of naive datetimes internally (#2573)
  • Constrain securesystemslib dependency to <0.32.0 in preparation for future securesystemslib API changes
  • Various build, test and lint improvements
Changelog

Sourced from tuf's changelog.

v4.0.0

This release is a small API change for Metadata API users (see below). ngclient API is compatible but optional DSSE support has been added.

Added

  • Added optional DSSE support to Metadata API and ngclient (#2436)

Changed

  • Metadata API: Improved verification functionality for repository users (#2551):
    • This is an API change for Metadata API users ( Root.get_verification_result() and Targets.get_verification_result() specifically)
    • Root.get_root_verification_result() has been added to handle the special case of root verification
  • Started using UTC datetimes instead of naive datetimes internally (#2573)
  • Constrain securesystemslib dependency to <0.32.0 in preparation for future securesystemslib API changes
  • Various build, test and lint improvements
Commits
  • 2d6fc74 Merge pull request #2601 from jku/release-v4
  • 928702a Release v4.0.0
  • 892c789 Merge pull request #2600 from lukpueh/set-max-sslib-version
  • bc3ebd8 Constrain securesystemslib dependency to <0.32.0
  • 5947bd0 Merge pull request #2594 from theupdateframework/dependabot/pip/build-and-rel...
  • afa4619 Merge pull request #2596 from theupdateframework/dependabot/github_actions/ac...
  • 7c5cae3 Merge pull request #2595 from theupdateframework/dependabot/pip/test-and-lint...
  • ad2c98a Merge pull request #2593 from theupdateframework/dependabot/pip/dependencies-...
  • 6cd2d22 build(deps): bump the dependencies group with 1 update
  • 9f4906b build(deps): bump the test-and-lint-dependencies group with 1 update
  • Additional commits viewable in compare view

Updates mypy from 1.9.0 to 1.10.0

Changelog

Sourced from mypy's changelog.

Mypy Release Notes

Next release

Mypy 1.10

We’ve just uploaded mypy 1.10 to the Python Package Index (PyPI). Mypy is a static type checker for Python. This release includes new features, performance improvements and bug fixes. You can install it as follows:

python3 -m pip install -U mypy

You can read the full documentation for this release on Read the Docs.

Support TypeIs (PEP 742)

Mypy now supports TypeIs (PEP 742), which allows functions to narrow the type of a value, similar to isinstance(). Unlike TypeGuard, TypeIs can narrow in both the if and else branches of an if statement:

from typing_extensions import TypeIs
def is_str(s: object) -> TypeIs[str]:
return isinstance(s, str)
def f(o: str | int) -> None:
if is_str(o):
# Type of o is 'str'
...
else:
# Type of o is 'int'
...

TypeIs will be added to the typing module in Python 3.13, but it can be used on earlier Python versions by importing it from typing_extensions.

This feature was contributed by Jelle Zijlstra (PR 16898).

Support TypeVar Defaults (PEP 696)

PEP 696 adds support for type parameter defaults. Example:

from typing import Generic
from typing_extensions import TypeVar
</tr></table>

... (truncated)

Commits

Updates ruff from 0.3.5 to 0.4.3

Release notes

Sourced from ruff's releases.

v0.4.3

Changes

Enhancements

  • Add support for PEP 696 syntax (#11120)

Preview features

  • [refurb] Use ...

    Description has been truncated

@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels May 6, 2024
This was referenced May 6, 2024
Closed
Closed
Closed
Closed
jku
jku requested changes May 7, 2024
View reviewed changes
Copy link
Member

@jku jku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this needs a bit of work:

  • repo/install/requirements.txt is not supposed to be managed here
  • we're not ready for tuf 4.0 or securesystemslib 1.0

@jku
Copy link
Member

jku commented May 7, 2024

So currently we have the same requirements in signer and repo (apart from securesystemslib options):

  "securesystemslib[...] ~= 0.31.0",
  "tuf ~= 3.0",

For repo it's offering this upgrade

  "securesystemslib[...] ~= 1.0.0",
  "tuf ~= 4.0",

For signer it's offering this one:

  "securesystemslib[...] >= 0.31,< 1.1",
  "tuf >= 3,< 5",

I'm not impressed by the consistency. I'm sure there is a reason to do completely different things in these two cases but since those reasons are never spelled out... 🤷

dependabot bot and others added 2 commits May 7, 2024 11:15
@dependabot @jku
build(deps): bump the pyproject-dependencies group across 2 directories
94b801a 
Update tuf, mypy and ruff. Also tweak 'packaging' version so that
the "~=" mechanism is used consistently in pyproject.tomls: the hope is that
dependabot will now offer consistently the same upgrades and not
different ones to signer and repo...

Updates `tuf` from 3.0 to 3.1
- [Release notes](https://github.com/theupdateframework/python-tuf/releases)
- [Changelog](https://github.com/theupdateframework/python-tuf/blob/develop/docs/CHANGELOG.md)
- [Commits](theupdateframework/python-tuf@v3.0...v3.1)

Updates `mypy` from 1.9.0 to 1.10.0
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](python/mypy@1.9.0...v1.10.0)

Updates `ruff` from 0.3.5 to 0.4.3
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md)
- [Commits](astral-sh/ruff@v0.3.5...v0.4.3)

---
updated-dependencies:
- dependency-name: tuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pyproject-dependencies
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pyproject-dependencies
- dependency-name: ruff
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: pyproject-dependencies
...
@jku
lint: Remove unused noqa comments
7b626fb
@jku jku force-pushed the dependabot/pip/repo/pyproject-dependencies-0c06bb06ac branch from 52cd936 to 7b626fb Compare May 7, 2024 08:19
@jku jku linked an issue May 7, 2024 that may be closed by this pull request
fix tuf dependency version #300
Closed
@jku
Copy link
Member

jku commented May 7, 2024

I rewrote this one pretty extensively, I think it's fine now.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github May 13, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this May 13, 2024
@dependabot dependabot bot deleted the dependabot/pip/repo/pyproject-dependencies-0c06bb06ac branch May 13, 2024 22:34
@jku
Copy link
Member

jku commented May 14, 2024

wow thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jku jku jku requested changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix tuf dependency version
1 participant
@jku