sigstore/sigstore-python issues and pull requests

#855 - dependabot: group GHA updates

Pull Request - State: closed - Opened by woodruffw 6 months ago
Labels: component:cicd, chore

#854 - API: Remove `SigningResult`

Issue - State: closed - Opened by woodruffw 6 months ago - 3 comments
Labels: enhancement, component:api

#853 - build(deps): bump actions/deploy-pages from 4.0.1 to 4.0.2

Pull Request - State: open - Opened by dependabot[bot] 6 months ago
Labels: dependencies, github_actions

#852 - build(deps): bump actions/deploy-pages from 4.0.0 to 4.0.1

Pull Request - State: closed - Opened by dependabot[bot] 6 months ago - 1 comment
Labels: dependencies, github_actions

#851 - build(deps-dev): update ruff requirement from <0.1.9 to <0.1.10

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, python

#850 - Removed support for detached SCTs

Issue - State: open - Opened by woodruffw 7 months ago
Labels: enhancement, component:signing

#849 - Pages deploy fails on main

Issue - State: open - Opened by jku 7 months ago - 3 comments
Labels: bug

#849 - Pages deploy fails on main

Issue - State: closed - Opened by jku 7 months ago - 4 comments
Labels: bug

#848 - build(deps): bump actions/upload-pages-artifact from 2.0.0 to 3.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 3 comments
Labels: dependencies, github_actions

#848 - build(deps): bump actions/upload-pages-artifact from 2.0.0 to 3.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 3 comments
Labels: dependencies, github_actions

#847 - build(deps): bump actions/deploy-pages from 3.0.1 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#847 - build(deps): bump actions/deploy-pages from 3.0.1 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#846 - build(deps): bump actions/download-artifact from 4.0.0 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 3 comments
Labels: dependencies, github_actions

#846 - build(deps): bump actions/download-artifact from 4.0.0 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 3 comments
Labels: dependencies, github_actions

#845 - Support url-per-key in Keyring

Issue - State: open - Opened by jku 7 months ago - 2 comments
Labels: enhancement

#844 - Separate TUF and trusted root management code

Pull Request - State: closed - Opened by jku 7 months ago - 1 comment
Labels: enhancement, component:tuf

#843 - Refactor upload-coverage action

Pull Request - State: closed - Opened by jku 7 months ago - 1 comment

#842 - support upload-artifact / download-artifact 4.x

Issue - State: closed - Opened by jku 7 months ago
Labels: enhancement

#841 - build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 in /.github/actions/upload-coverage

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 7 comments
Labels: dependencies, github_actions

#840 - dependabot: Manage the internal action as well

Pull Request - State: closed - Opened by jku 7 months ago

#839 - Upgrade actions/upload-artifact & actions/download-artifact

Pull Request - State: closed - Opened by jku 7 months ago - 1 comment

#838 - Standardize hashes and version comments in workflows

Pull Request - State: closed - Opened by kurtmckee 7 months ago - 3 comments

#837 - Actions inconsistently use hashes, and have incorrect version comment

Issue - State: closed - Opened by kurtmckee 7 months ago
Labels: bug

#836 - build(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 5 comments
Labels: dependencies, github_actions

#835 - build(deps): bump actions/download-artifact from 3.0.2 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 7 comments
Labels: dependencies, github_actions

#834 - build(deps-dev): update ruff requirement from <0.1.8 to <0.1.9

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, python

#833 - Update pinned requirements for v2.1.0

Pull Request - State: closed - Opened by github-actions[bot] 7 months ago - 1 comment

#832 - Prep 2.1.0

Pull Request - State: closed - Opened by tetsuo-cpp 7 months ago

#831 - pyproject: sigstore-rekor-types==0.0.11

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: dependencies

#830 - pyproject: bump `sigstore-rekor-types`

Pull Request - State: closed - Opened by tetsuo-cpp 7 months ago - 5 comments

#829 - workflows/release: fix build provenance job

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: component:cicd, chore

#828 - build(deps-dev): bump id from 1.1.0 to 1.2.1

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, python

#826 - build(deps): bump actions/setup-python from 4.8.0 to 5.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#825 - build(deps): bump sigstore/sigstore-conformance from 0.0.8 to 0.0.9

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 4 comments
Labels: blocked, dependencies, github_actions

#824 - _cli: use rich's logging handler

Pull Request - State: closed - Opened by woodruffw 7 months ago - 1 comment
Labels: enhancement, component:cli

#823 - build(deps-dev): update ruff requirement from <0.1.7 to <0.1.8

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 7 comments
Labels: dependencies, python

#822 - build(deps): bump actions/setup-python from 4.7.1 to 4.8.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#821 - Conformance: sigstore-python's conformance runner should support `--trusted-root`

Issue - State: open - Opened by woodruffw 7 months ago - 11 comments
Labels: enhancement, component:tests

#820 - cli: search for `{input}.sigstore.json` by default

Pull Request - State: open - Opened by woodruffw 7 months ago - 1 comment
Labels: component:cli

#819 - build(deps): bump actions/deploy-pages from 2.0.5 to 3.0.0

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#818 - build(deps): bump actions/deploy-pages from 2.0.4 to 2.0.5

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#817 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.10 to 1.8.11

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, github_actions

#816 - build(deps-dev): bump cryptography from 41.0.4 to 41.0.7

Pull Request - State: closed - Opened by dependabot[bot] 7 months ago - 1 comment
Labels: dependencies, python

#815 - build(deps-dev): update ruff requirement from <0.1.6 to <0.1.7

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, python

#814 - Support `{input}.sigstore.json`

Issue - State: closed - Opened by woodruffw 8 months ago - 2 comments
Labels: enhancement, component:cli

#813 - build(deps-dev): update ruff requirement from <0.1.5 to <0.1.6

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, python

#812 - build(deps-dev): update ruff requirement from <0.1.4 to <0.1.5

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, python

#811 - treewide: switch to `ruff format`

Pull Request - State: closed - Opened by woodruffw 8 months ago
Labels: qa

#810 - build(deps-dev): update ruff requirement from <0.1.2 to <0.1.4

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 3 comments
Labels: dependencies, python

#809 - build(deps-dev): bump pyopenssl from 23.2.0 to 23.3.0

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, python

#808 - build(deps-dev): bump cryptography from 41.0.4 to 41.0.5

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, python

#807 - build(deps-dev): update ruff requirement from <0.1.2 to <0.1.3

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, python

#806 - build(deps): bump ossf/scorecard-action from 2.3.0 to 2.3.1

Pull Request - State: closed - Opened by dependabot[bot] 8 months ago - 1 comment
Labels: dependencies, github_actions

#805 - build(deps-dev): update ruff requirement from <0.1.1 to <0.1.2

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, python

#804 - API-level DSSE signing support

Pull Request - State: closed - Opened by woodruffw 9 months ago - 10 comments
Labels: component:signing, component:api, upstream, blocked

#803 - build(deps-dev): bump sigstore-protobuf-specs from 0.2.1 to 0.2.2

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, python

#802 - build(deps): bump urllib3 from 2.0.6 to 2.0.7 in /install

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 3 comments
Labels: dependencies, python

#801 - ci: add Python 3.12

Pull Request - State: closed - Opened by woodruffw 9 months ago - 3 comments
Labels: component:cicd, chore

#800 - Update pinned requirements for v2.0.1

Pull Request - State: closed - Opened by github-actions[bot] 9 months ago - 1 comment

#799 - build(deps): bump actions/checkout from 4.1.0 to 4.1.1

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 3 comments
Labels: dependencies, github_actions

#798 - build(deps-dev): update ruff requirement from <0.0.293 to <0.1.1

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, python

#797 - prep 2.0.1

Pull Request - State: closed - Opened by woodruffw 9 months ago
Labels: chore

#796 - Read Fulcio certificate chain as bytes in verify command

Pull Request - State: closed - Opened by mayaCostantini 9 months ago - 6 comments

#795 - Fulcio certificate chain should be opened as bytes in verify command

Issue - State: closed - Opened by mayaCostantini 9 months ago - 1 comment
Labels: bug

#794 - build(deps-dev): bump tuf from 3.0.0 to 3.1.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, python

#793 - Fix some mypy linting failures

Pull Request - State: closed - Opened by di 9 months ago

#792 - build(deps): bump sigstore/sigstore-conformance from 0.0.6 to 0.0.8

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 3 comments
Labels: dependencies, github_actions

#791 - Tweak some ignore-hints to make mypy 1.6 happy

Pull Request - State: closed - Opened by jku 9 months ago - 3 comments

#790 - build(deps): bump sigstore/sigstore-conformance from 0.0.6 to 0.0.7

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 6 comments
Labels: dependencies, github_actions

#789 - build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, github_actions

#788 - rekor: use sigstore_rekor_types for models

Pull Request - State: closed - Opened by woodruffw 9 months ago - 1 comment
Labels: enhancement, component:signing, component:verification

#787 - build(deps): bump urllib3 from 2.0.5 to 2.0.6 in /install

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, python

#786 - build(deps-dev): update ruff requirement from <0.0.292 to <0.0.293

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: dependencies, python

#785 - build(deps): bump actions/setup-python from 4.7.0 to 4.7.1

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 2 comments
Labels: dependencies, github_actions

#784 - Update pinned requirements for v2.0.0

Pull Request - State: closed - Opened by github-actions[bot] 9 months ago - 3 comments

#783 - build(deps): bump sigstore from 1.1.2 to 2.0.0

Pull Request - State: closed - Opened by dependabot[bot] 9 months ago - 1 comment
Labels: invalid, dependencies, python

#782 - CI: `update-pinned-requirements` is a little too fast

Issue - State: open - Opened by woodruffw 9 months ago
Labels: bug, component:cicd

#781 - Update pinned requirements for v2.0.0

Pull Request - State: closed - Opened by github-actions[bot] 9 months ago - 3 comments

#780 - `--cert-identity` should be optional on `sigstore verify github`

Issue - State: closed - Opened by woodruffw 9 months ago - 3 comments
Labels: enhancement, component:cli

#779 - Allow users to override the trust root with `--trusted-root`

Issue - State: closed - Opened by woodruffw 9 months ago - 1 comment
Labels: enhancement, component:cli

#778 - Prep 2.0.0

Pull Request - State: closed - Opened by woodruffw 9 months ago - 1 comment
Labels: chore

#777 - build(deps-dev): update ruff requirement from <0.0.291 to <0.0.292

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, python

#776 - build(deps): bump actions/checkout from 4.0.0 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 2 comments
Labels: dependencies, github_actions

#775 - build(deps): bump cryptography from 41.0.3 to 41.0.4 in /install

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, python

#774 - build(deps-dev): bump cryptography from 41.0.3 to 41.0.4

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 4 comments
Labels: dependencies, python

#773 - build(deps-dev): update ruff requirement from <0.0.290 to <0.0.291

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, python

#772 - build(deps-dev): update ruff requirement from <0.0.289 to <0.0.290

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, python

#771 - Ergonomic way to request certificate/signature files for multiple input files in v2

Issue - State: open - Opened by sethmlarson 10 months ago - 5 comments
Labels: enhancement

#770 - Produce a pure-Python verification API

Issue - State: open - Opened by di 10 months ago - 6 comments
Labels: enhancement

#769 - build(deps-dev): update ruff requirement from <0.0.288 to <0.0.289

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, python

#768 - sigstore: 2.0.0rc3

Pull Request - State: closed - Opened by woodruffw 10 months ago
Labels: chore

#767 - pyproject: bump id

Pull Request - State: closed - Opened by woodruffw 10 months ago

#766 - Plans for 2.0 release

Issue - State: closed - Opened by di 10 months ago - 4 comments
Labels: chore

#765 - sign: Make SigningResult._to_bundle() public

Pull Request - State: closed - Opened by jku 10 months ago - 3 comments

#764 - Remove security policy

Pull Request - State: closed - Opened by haydentherapper 10 months ago - 1 comment

#763 - make SigningResult._to_bundle() public

Issue - State: closed - Opened by jku 10 months ago - 1 comment
Labels: enhancement

#762 - build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, github_actions

#761 - Client libraries should verify after signing

Issue - State: open - Opened by znewman01 10 months ago - 1 comment
Labels: bug

#760 - build(deps): bump actions/checkout from 3.6.0 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, github_actions

#759 - Allow -v/--verbose anywhere in command line

Pull Request - State: closed - Opened by jku 10 months ago - 5 comments

GitHub / sigstore/sigstore-python issues and pull requests