sigstore/sigstore-python issues and pull requests

#956 - sigstore, test: break apart DSSE/artifact sign APIs

Pull Request - State: closed - Opened by woodruffw 3 months ago - 1 comment
Labels: refactoring

#955 - sigstore: rename more logger instances

Pull Request - State: closed - Opened by woodruffw 3 months ago
Labels: chore

#954 - Key ID generation is incorrect for non-ECDSA keys

Issue - State: open - Opened by woodruffw 3 months ago - 2 comments
Labels: bug, component:verification

#953 - sigstore, test: honor PublicKeyDetails when loading Keyrings

Pull Request - State: closed - Opened by woodruffw 3 months ago - 2 comments
Labels: refactoring

#952 - Bump protobuf-specs, handle v3 media types

Pull Request - State: closed - Opened by woodruffw 3 months ago
Labels: enhancement

#951 - build(deps-dev): bump sigstore-protobuf-specs from 0.2.2 to 0.3.1

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 2 comments
Labels: dependencies, python

#950 - build(deps-dev): update ruff requirement from <0.3.5 to <0.3.6

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, python

#949 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#948 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, github_actions

#947 - build(deps-dev): update ruff requirement from <0.3.4 to <0.3.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, python

#947 - build(deps-dev): update ruff requirement from <0.3.4 to <0.3.5

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago - 1 comment
Labels: dependencies, python

#946 - build(deps): bump sigstore from 2.1.2 to 2.1.3

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, python

#945 - sigstore: use rfc8785 for SET canonicalization

Pull Request - State: closed - Opened by woodruffw 4 months ago - 3 comments

#944 - CHANGELOG: backport 2.1.3 CL

Pull Request - State: closed - Opened by woodruffw 4 months ago
Labels: chore

#943 - pyproject: bump protobuf specs

Pull Request - State: closed - Opened by woodruffw 4 months ago

#942 - conformance: support the staging tests

Issue - State: open - Opened by jku 4 months ago
Labels: enhancement, good first issue, component:tests

#941 - build(deps): bump the actions group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#940 - Refactoring ideas

Issue - State: closed - Opened by woodruffw 4 months ago - 4 comments
Labels: refactoring, chore

#939 - build(deps-dev): update ruff requirement from <0.3.3 to <0.3.4

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, python

#938 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, github_actions

#937 - Remove VerificationMaterials (take 2)

Pull Request - State: open - Opened by woodruffw 4 months ago - 3 comments
Labels: component:verification, component:api

#937 - Remove VerificationMaterials (take 2)

Pull Request - State: closed - Opened by woodruffw 4 months ago - 3 comments
Labels: component:verification, component:api

#936 - Key management improvement

Pull Request - State: closed - Opened by javanlacerda 4 months ago - 15 comments
Labels: component:signing, component:verification

#936 - Concentrate keys on trusted root

Pull Request - State: open - Opened by javanlacerda 4 months ago

#935 - sign: fix envelope type

Pull Request - State: closed - Opened by woodruffw 4 months ago - 1 comment

#935 - sign: fix envelope type

Pull Request - State: closed - Opened by woodruffw 4 months ago - 1 comment

#934 - build(deps): bump the actions group with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#933 - build(deps-dev): update ruff requirement from <0.3.2 to <0.3.3

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, python

#932 - build(deps-dev): bump pyopenssl from 24.0.0 to 24.1.0

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 2 comments
Labels: dependencies, python

#931 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, github_actions

#930 - sigstore: use our own Statement type

Pull Request - State: closed - Opened by woodruffw 4 months ago - 1 comment
Labels: component:signing, component:api

#929 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#928 - build(deps-dev): update ruff requirement from <0.3.1 to <0.3.2

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, python

#927 - Improve our internal key management

Issue - State: closed - Opened by woodruffw 4 months ago - 4 comments
Labels: enhancement

#926 - fix: rollback code for returning generator allowing expired keys

Pull Request - State: closed - Opened by javanlacerda 4 months ago - 2 comments

#925 - get_tlog_keys returning list instead of generator

Issue - State: closed - Opened by javanlacerda 4 months ago
Labels: bug

#924 - verifier: set store flags explicitly

Pull Request - State: closed - Opened by woodruffw 4 months ago
Labels: component:verification, component:api

#923 - Verify "long" chains

Issue - State: closed - Opened by woodruffw 4 months ago - 4 comments
Labels: component:verification, component:api

#922 - tests: Add test that verifies using current issuer certificates

Issue - State: open - Opened by jku 4 months ago
Labels: enhancement, good first issue

#921 - sigstore/sign: sign API takes bytes, not I/O

Pull Request - State: closed - Opened by woodruffw 4 months ago
Labels: component:signing, component:api

#920 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, github_actions

#919 - build(deps-dev): update ruff requirement from <0.2.3 to <0.3.1

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 3 comments
Labels: dependencies, chore, python

#916 - Bring your own PKI

Issue - State: closed - Opened by laurentsimon 4 months ago - 15 comments
Labels: enhancement

#911 - build(deps-dev): bump cryptography from 42.0.4 to 42.0.5

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, python

#910 - Adding sct verification for certificates on verify flow

Pull Request - State: closed - Opened by javanlacerda 4 months ago - 23 comments
Labels: component:verification, component:api

#909 - build(deps-dev): bump cryptography from 42.0.3 to 42.0.4

Pull Request - State: closed - Opened by dependabot[bot] 4 months ago - 1 comment
Labels: dependencies, python

#908 - Change `sign(...)` API to take `bytes` instead of `IO[bytes]`

Issue - State: closed - Opened by woodruffw 4 months ago - 1 comment
Labels: enhancement, component:signing, component:api

#907 - build(deps-dev): update ruff requirement from <0.2.2 to <0.2.3

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, python

#906 - build(deps-dev): bump tuf from 3.1.0 to 3.1.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, python

#905 - build(deps-dev): bump cryptography from 42.0.2 to 42.0.3

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, python

#904 - sigstore: prep verify APIs for DSSE

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: component:verification, component:api

#903 - Emit v3 bundles when signing

Issue - State: closed - Opened by woodruffw 5 months ago - 1 comment
Labels: enhancement, component:signing, component:api

#902 - build(deps-dev): bump sigstore-protobuf-specs from 0.2.2 to 0.3.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, python

#901 - sigstore: v3 bundles

Pull Request - State: closed - Opened by woodruffw 5 months ago - 2 comments
Labels: component:api

#900 - Replace appdirs with platformdirs on tuf

Pull Request - State: closed - Opened by javanlacerda 5 months ago - 3 comments

#899 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#898 - build(deps): bump the actions group with 3 updates

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#897 - build(deps-dev): update ruff requirement from <0.2.1 to <0.2.2

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies, python

#896 - build(deps): bump the actions group in /.github/actions/upload-coverage with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies, github_actions

#895 - build(deps): bump sigstore from 2.1.0 to 2.1.2

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, python

#894 - release security improvements

Issue - State: open - Opened by jku 5 months ago - 6 comments
Labels: enhancement

#893 - Merge CLs from 2.1.x series

Pull Request - State: closed - Opened by woodruffw 5 months ago - 3 comments
Labels: chore

#892 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] 5 months ago - 1 comment
Labels: bug, component:cicd, component:tests

#891 - rekor/checkpoint: handle missing ancillary data

Pull Request - State: closed - Opened by woodruffw 5 months ago

#890 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] 5 months ago
Labels: bug, component:cicd, component:tests

#889 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] 5 months ago - 10 comments
Labels: bug, component:cicd, component:tests

#888 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] 5 months ago
Labels: bug, component:cicd, component:tests

#887 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] 5 months ago - 2 comments
Labels: bug, component:cicd, component:tests

#886 - `sigstore.verify` should check signing cert inclusion in the CT log

Issue - State: closed - Opened by tnytown 5 months ago - 4 comments
Labels: enhancement, good first issue, component:verification

#885 - build(deps-dev): update ruff requirement from <0.1.16 to <0.2.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, python

#884 - Fix cryptography deprecations

Pull Request - State: closed - Opened by jku 5 months ago - 1 comment

#884 - Fix cryptography deprecations

Pull Request - State: open - Opened by jku 5 months ago

#883 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago
Labels: dependencies, github_actions

#882 - build(deps-dev): update ruff requirement from <0.1.15 to <0.1.16

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, python

#881 - build(deps-dev): bump cryptography from 42.0.1 to 42.0.2

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, python

#880 - build(deps-dev): bump cryptography from 42.0.0 to 42.0.1

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, python

#879 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, github_actions

#878 - Use of deprecated cryptography properties

Issue - State: closed - Opened by jku 5 months ago
Labels: bug

#877 - verify: Remove a workaround for pre-3.8 Python

Pull Request - State: closed - Opened by jku 5 months ago

#876 - _cli: remove non-bundle inputs

Pull Request - State: closed - Opened by woodruffw 5 months ago - 3 comments
Labels: blocked

#875 - Fix interrogate usage, clean up linting

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: component:cicd, chore

#874 - build(deps-dev): bump cryptography from 41.0.7 to 42.0.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, python

#873 - build(deps): bump the actions group in /.github/actions/upload-coverage with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 3 comments
Labels: dependencies, github_actions

#872 - build(deps-dev): bump pyopenssl from 23.3.0 to 24.0.0

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, python

#871 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 2 comments
Labels: dependencies, github_actions

#870 - build(deps-dev): update ruff requirement from <0.1.14 to <0.1.15

Pull Request - State: closed - Opened by dependabot[bot] 5 months ago - 1 comment
Labels: dependencies, python

#869 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, github_actions

#868 - build(deps): bump the actions group in /.github/actions/upload-coverage with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, github_actions

#867 - switch from appdirs to ???

Issue - State: closed - Opened by jku 6 months ago - 1 comment
Labels: enhancement, good first issue, help wanted, dependencies

#866 - build(deps-dev): bump id from 1.2.1 to 1.3.0

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, python

#865 - build(deps-dev): update ruff requirement from <0.1.11 to <0.1.14

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, python

#864 - build(deps): bump the actions group in /.github/actions/upload-coverage with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, github_actions

#863 - build(deps): bump the actions group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, github_actions

#862 - API: remove SigningResult

Pull Request - State: closed - Opened by woodruffw 6 months ago - 2 comments
Labels: component:signing, component:api

#861 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, github_actions

#860 - feat: Enable signing with pre-computed hash

Pull Request - State: closed - Opened by laurentsimon 6 months ago - 29 comments
Labels: component:signing, component:api

#859 - build(deps): bump the actions group with 1 update

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 2 comments
Labels: dependencies, github_actions

#858 - build(deps-dev): update ruff requirement from <0.1.11 to <0.1.12

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 2 comments
Labels: dependencies, python

#857 - conformance tests hang

Issue - State: closed - Opened by jku 6 months ago - 3 comments
Labels: bug

#856 - build(deps-dev): update ruff requirement from <0.1.10 to <0.1.11

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, python

GitHub / sigstore/sigstore-python issues and pull requests