Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / sethmlarson/secure-python-package-template issues and pull requests
#125 - [wishlist] gitlab example
Issue -
State: open - Opened by hydrargyrum 3 months ago
#124 - Bump cryptography from 41.0.3 to 41.0.6 in /requirements
Pull Request -
State: open - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python
#123 - Bump actions/checkout from 3.2.0 to 4.1.1 in /.github/workflows
Pull Request -
State: open - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions
#122 - Bump actions/checkout from 3.2.0 to 4.1.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, github_actions
#121 - Bump cryptography from 41.0.3 to 41.0.4 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, python
#120 - Bump build from 0.9.0 to 1.0.3 in /requirements
Pull Request -
State: open - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#119 - Bump actions/checkout from 3.2.0 to 4.0.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, github_actions
#118 - Bump build from 0.9.0 to 1.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, python
#117 - Bump anyio from 3.6.2 to 4.0.0 in /requirements
Pull Request -
State: open - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#116 - Bump more-itertools from 9.0.0 to 10.1.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, python
#115 - Bump cryptography from 41.0.2 to 41.0.3 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#114 - Bump certifi from 2023.5.7 to 2023.7.22 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#113 - Bump more-itertools from 9.0.0 to 10.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, python
#112 - Bump pygments from 2.13.0 to 2.15.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#111 - Bump cryptography from 41.0.0 to 41.0.2 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#110 - Bump keyring from 23.11.0 to 24.2.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#109 - Bump keyring from 23.11.0 to 24.1.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#108 - Bump keyring from 23.11.0 to 24.0.1 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#107 - Bump keyring from 23.11.0 to 24.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#106 - Bump cryptography from 40.0.1 to 41.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#105 - Add instructions for Secret Scanning
Pull Request -
State: closed - Opened by sethmlarson over 1 year ago
#104 - Bump certifi from 2022.9.24 to 2023.5.7 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#103 - Add Python 3.11 and 3.12 testing
Pull Request -
State: closed - Opened by sethmlarson over 1 year ago
#102 - Release 0.7.1
Pull Request -
State: closed - Opened by sethmlarson over 1 year ago
#101 - Change build.outputs.hashes to use the GITHUB_OUTPUT method
Pull Request -
State: closed - Opened by sethmlarson over 1 year ago
#100 - Release 0.7.0
Pull Request -
State: closed - Opened by sethmlarson over 1 year ago
#99 - Add instructions on trusted publishers
Pull Request -
State: closed - Opened by sethmlarson over 1 year ago
#98 - Bump attrs from 22.1.0 to 23.1.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#97 - Bump cryptography from 39.0.1 to 40.0.1 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#96 - Bump markdown-it-py from 2.1.0 to 2.2.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#95 - Bump cryptography from 39.0.0 to 39.0.1 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#94 - Bump iniconfig from 1.1.1 to 2.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#93 - Bump rich from 12.6.0 to 13.3.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 3 comments
Labels: dependencies, python
#92 - Bump importlib-metadata from 5.1.0 to 6.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#91 - Bump cryptography from 38.0.3 to 39.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#90 - Bump packaging from 22.0 to 23.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#89 - Bump rich from 12.6.0 to 13.2.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, python
#88 - Bump rich from 12.6.0 to 13.1.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#87 - Bump actions/setup-python from 4.3.1 to 4.5.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#86 - Add support for binary wheels via cibuildwheel
Issue -
State: open - Opened by sethmlarson over 1 year ago
#85 - Change release process to only require on GitHub Environment approval
Pull Request -
State: closed - Opened by sethmlarson over 1 year ago
#84 - Bump rich from 12.6.0 to 13.0.1 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#83 - Bump actions/upload-artifact from 3.1.1 to 3.1.2 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#82 - Bump actions/download-artifact from 3.0.1 to 3.0.2 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#81 - Bump actions/checkout from 3.2.0 to 3.3.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#80 - Bump rich from 12.6.0 to 13.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#79 - Bump httpcore from 0.16.2 to 0.16.3 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#78 - Bump filelock from 3.8.2 to 3.9.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#77 - Bump attrs from 22.1.0 to 22.2.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#76 - Bump platformdirs from 2.6.0 to 2.6.2 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#75 - Configure Dependabot to only create PRs for security fixes and major versions
Pull Request -
State: closed - Opened by sethmlarson almost 2 years ago
#74 - Bump actions/setup-python from 4.3.1 to 4.4.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#73 - Bump ossf/scorecard-action from 2.0.6 to 2.1.2 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#72 - Bump ossf/scorecard-action from 2.0.6 to 2.1.1 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#71 - Bump importlib-metadata from 5.1.0 to 5.2.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#70 - Bump keyring from 23.11.0 to 23.13.1 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#69 - Add instructions for enabling secret scanning
Issue -
State: closed - Opened by sethmlarson almost 2 years ago
#68 - Remove dollar sign for command without output
Pull Request -
State: closed - Opened by kianmeng almost 2 years ago
- 2 comments
#67 - Bump ossf/scorecard-action from 2.0.6 to 2.1.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#66 - Bump certifi from 2022.9.24 to 2022.12.7 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#65 - Bump pytest from 7.1.2 to 7.2.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#64 - Bump cryptography from 38.0.3 to 38.0.4 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#63 - Bump actions/checkout from 3.0.2 to 3.2.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions
#62 - Bump actions/setup-python from 4.3.0 to 4.3.1 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions
#61 - Bump actions/checkout from 3.0.2 to 3.1.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#60 - Bump pathspec from 0.10.2 to 0.10.3 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, python
#59 - Bump build from 0.8.0 to 0.9.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, python
#58 - Bump packaging from 21.3 to 22.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, python
#57 - Add instructions for configuring private vulnerability reports
Issue -
State: closed - Opened by sethmlarson almost 2 years ago
- 1 comment
#56 - Instructions for CII Best Practices
Issue -
State: open - Opened by sethmlarson almost 2 years ago
#55 - Bump cryptography from 37.0.4 to 38.0.3 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, python
#54 - Bump certifi from 2022.9.24 to 2022.12.7 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 13 comments
Labels: dependencies, python
#53 - Bump pypa/gh-action-pypi-publish from 1.5.1 to 1.6.4 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 7 comments
Labels: dependencies, github_actions
#52 - Switch from Flit to Hatch, provide some documentation on pure-Python and binary wheels
Issue -
State: closed - Opened by sethmlarson almost 2 years ago
- 1 comment
#51 - Bump pypa/gh-action-pypi-publish from 1.5.1 to 1.6.3 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#50 - Require signed tags to be used for releases
Issue -
State: closed - Opened by sethmlarson almost 2 years ago
- 1 comment
#49 - Bump pypa/gh-action-pypi-publish from 1.5.1 to 1.6.1 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#48 - Bump pypa/gh-action-pypi-publish from 1.5.1 to 1.5.2 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#47 - Bump securesystemslib from 0.23.0 to 0.25.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 11 comments
Labels: dependencies, python
#46 - Bump typing-extensions from 4.3.0 to 4.4.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 9 comments
Labels: dependencies, python
#45 - Bump cryptography from 37.0.4 to 38.0.4 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 9 comments
Labels: dependencies, python
#44 - Bump github/codeql-action from d8c9c723a57c026c525f404cf42aa0575f3f0bd8 to 2.1.34 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 6 comments
Labels: dependencies, github_actions
#43 - Bump actions/upload-artifact from 3.1.0 to 3.1.1 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 6 comments
Labels: dependencies, github_actions
#42 - Bump github/codeql-action from d8c9c723a57c026c525f404cf42aa0575f3f0bd8 to 2.1.33 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, github_actions
#41 - Bump actions/download-artifact from 3.0.0 to 3.0.1 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 5 comments
Labels: dependencies, github_actions
#40 - Bump ossf/scorecard-action from 1.1.1 to 2.0.6 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 10 comments
Labels: dependencies, github_actions
#39 - Bump actions/setup-python from 4.0.0 to 4.3.0 in /.github/workflows
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
Labels: dependencies, github_actions
#38 - Bump cryptography from 37.0.4 to 38.0.3 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#37 - Bump pytest from 7.1.2 to 7.2.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 10 comments
Labels: dependencies, python
#36 - Bump cryptography from 37.0.4 to 38.0.2 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] almost 2 years ago
- 1 comment
Labels: dependencies, python
#35 - Bump certifi from 2022.6.15 to 2022.9.24 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
Labels: dependencies, python
#34 - Bump certifi from 2022.6.15 to 2022.9.14 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies, python
#33 - Bump certifi from 2022.6.15 to 2022.6.15.2 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies, python
#32 - Bump idna from 3.3 to 3.4 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
Labels: dependencies, python
#31 - Bump certifi from 2022.6.15 to 2022.6.15.1 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies, python
#30 - Bump cryptography from 37.0.4 to 38.0.1 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies, python
#29 - Bump cryptography from 37.0.4 to 38.0.0 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies, python
#28 - Bump pydantic from 1.9.2 to 1.10.2 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 9 comments
Labels: dependencies, python
#27 - Bump pytest from 7.1.2 to 7.1.3 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies, python
#26 - Bump pydantic from 1.9.2 to 1.10.1 in /requirements
Pull Request -
State: closed - Opened by dependabot[bot] about 2 years ago
- 1 comment
Labels: dependencies, python