sigstore/sigstore-python issues and pull requests

#762 - build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, github_actions

#761 - Client libraries should verify after signing

Issue - State: open - Opened by znewman01 10 months ago - 1 comment
Labels: bug

#760 - build(deps): bump actions/checkout from 3.6.0 to 4.0.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, github_actions

#759 - Allow -v/--verbose anywhere in command line

Pull Request - State: closed - Opened by jku 10 months ago - 5 comments

#758 - build(deps-dev): update ruff requirement from <0.0.287 to <0.0.288

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 1 comment
Labels: dependencies, python

#757 - Pydantic fixes

Pull Request - State: closed - Opened by jku 10 months ago - 1 comment

#756 - Re-enable DCO check as required

Issue - State: closed - Opened by di 10 months ago - 1 comment
Labels: chore

#755 - Update pinned requirements for v1.1.2

Pull Request - State: closed - Opened by github-actions[bot] 10 months ago - 1 comment

#754 - Update pinned requirements for v2.0.0rc2

Pull Request - State: closed - Opened by github-actions[bot] 10 months ago - 1 comment

#753 - pin-requirements: explicitly fetch tags

Pull Request - State: closed - Opened by woodruffw 10 months ago - 1 comment
Labels: component:cicd

#752 - Update pin-requirements.yml

Pull Request - State: closed - Opened by di 10 months ago

#751 - Update pin-requirements.yml

Pull Request - State: closed - Opened by di 10 months ago

#750 - Update pin-requirements.yml

Pull Request - State: closed - Opened by di 10 months ago

#749 - Update `pin-requirements.yml`

Pull Request - State: closed - Opened by di 10 months ago
Labels: chore

#748 - Update `pin-requirements.yml` to use latest tag as default

Pull Request - State: closed - Opened by di 10 months ago

#747 - CHANGELOG: record #745

Pull Request - State: closed - Opened by woodruffw 10 months ago
Labels: chore

#746 - Update securityscorecards.dev URL

Pull Request - State: closed - Opened by di 10 months ago
Labels: chore

#745 - Drop support for Python 3.7

Pull Request - State: closed - Opened by di 10 months ago - 1 comment
Labels: dependencies

#744 - Pass `--upgrade` to pip-compile in `pin-requirements.yml`

Pull Request - State: closed - Opened by di 10 months ago - 1 comment

#743 - Revert "Try separate config for /install directory (#742)"

Pull Request - State: closed - Opened by di 10 months ago

#743 - Revert "Try separate config for /install directory (#742)"

Pull Request - State: closed - Opened by di 10 months ago

#742 - Try separate config for /install directory

Pull Request - State: closed - Opened by di 10 months ago - 2 comments

#742 - Try separate config for /install directory

Pull Request - State: closed - Opened by di 10 months ago - 2 comments

#741 - pydantic deprecation warnings

Issue - State: closed - Opened by jku 10 months ago - 4 comments
Labels: enhancement, dependencies

#740 - build(deps-dev): update ruff requirement from <0.0.286 to <0.0.287

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 3 comments
Labels: dependencies, python

#739 - build(deps-dev): bump id from 1.0.0 to 1.1.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 11 comments
Labels: dependencies, python

#739 - build(deps-dev): bump id from 1.0.0 to 1.1.0

Pull Request - State: closed - Opened by dependabot[bot] 10 months ago - 10 comments
Labels: dependencies, python

#738 - Unclear error message "GCP: OIDC token request failed (code=404)"

Issue - State: closed - Opened by laurentsimon 11 months ago - 2 comments
Labels: enhancement

#737 - build(deps): bump actions/checkout from 3.5.3 to 3.6.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, github_actions

#736 - build(deps): bump slsa-framework/slsa-github-generator from 1.8.0 to 1.9.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 3 comments
Labels: dependencies, github_actions

#735 - Add SECURITY.md file

Pull Request - State: closed - Opened by david-a-wheeler 11 months ago - 2 comments

#734 - Error: "Clone succeeded, but checkout failed"

Issue - State: closed - Opened by lmmx 11 months ago - 9 comments
Labels: bug

#733 - build(deps-dev): update ruff requirement from <0.0.284 to <0.0.286

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, python

#732 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.9 to 1.8.10

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, github_actions

#731 - build(deps): bump actions/deploy-pages from 2.0.3 to 2.0.4

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, github_actions

#730 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.9

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 2 comments
Labels: dependencies, github_actions

#729 - build(deps-dev): update ruff requirement from <0.0.284 to <0.0.285

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 2 comments
Labels: dependencies, python

#728 - build(deps-dev): update ruff requirement from <0.0.283 to <0.0.284

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, python

#727 - build(deps): bump slsa-framework/slsa-github-generator from 1.7.0 to 1.8.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, github_actions

#726 - build(deps): bump sigstore/sigstore-conformance from 0.0.5 to 0.0.6

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 2 comments
Labels: dependencies, github_actions

#725 - build(deps-dev): update ruff requirement from <0.0.282 to <0.0.283

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, python

#724 - Rethink our approach to handling old bundle versions

Issue - State: closed - Opened by woodruffw 11 months ago - 1 comment
Labels: enhancement, component:verification

#723 - models: require checkpoint in embedded inclusion proof

Pull Request - State: closed - Opened by woodruffw 11 months ago
Labels: component:verification

#722 - build(deps-dev): update ruff requirement from <0.0.281 to <0.0.282

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 1 comment
Labels: dependencies, python

#721 - doc: README document the (now default) `.sigstore` bundles

Pull Request - State: closed - Opened by jleightcap 11 months ago - 2 comments

#720 - conformance: bump runner

Pull Request - State: closed - Opened by jleightcap 11 months ago
Labels: component:tests

#719 - Add VerificationMaterials.to_bundle()

Pull Request - State: closed - Opened by sethmlarson 11 months ago - 10 comments

#718 - CLI: Provide a subcommand for creating bundles from detached materials?

Issue - State: open - Opened by sethmlarson 11 months ago - 3 comments
Labels: enhancement, component:cli

#717 - Update comments

Pull Request - State: closed - Opened by woodruffw 11 months ago
Labels: chore

#716 - build(deps): bump certifi from 2022.12.7 to 2023.7.22 in /install

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies, python

#715 - policy: initial new extension OIDs

Pull Request - State: closed - Opened by woodruffw 12 months ago - 3 comments
Labels: component:verification, component:api

#714 - build(deps-dev): update ruff requirement from <0.0.279 to <0.0.281

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies, python

#713 - sigstore: 2.0.0rc2

Pull Request - State: closed - Opened by woodruffw 12 months ago
Labels: chore

#712 - build(deps-dev): bump pyjwt from 2.7.0 to 2.8.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 3 comments
Labels: dependencies, python

#711 - Allow --verbose flag to be passed in sub-commands

Issue - State: closed - Opened by sethmlarson 12 months ago - 3 comments
Labels: bug, component:cli

#710 - build(deps-dev): bump pydantic from 1.10.6 to 2.0.3

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, python

#709 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.7 to 1.8.8

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies, github_actions

#708 - build(deps): bump actions/setup-python from 4.6.1 to 4.7.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, github_actions

#707 - build(deps-dev): bump sigstore-protobuf-specs from 0.1.0 to 0.2.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, python

#706 - build(deps-dev): update ruff requirement from <0.0.278 to <0.0.279

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies, python

#705 - pyproject: bump sigstore-protobuf-specs

Pull Request - State: closed - Opened by woodruffw 12 months ago - 8 comments

#704 - build(deps): bump actions/upload-pages-artifact from 1.0.9 to 2.0.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, github_actions

#703 - build(deps): bump actions/deploy-pages from 2.0.2 to 2.0.3

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 1 comment
Labels: dependencies, github_actions

#702 - Fixing documentation message about the sign API

Pull Request - State: closed - Opened by perone 12 months ago - 6 comments

#701 - Add timezone (utc) info into the cert not_valid_after field

Pull Request - State: closed - Opened by perone almost 1 year ago - 4 comments
Labels: component:signing, component:api

#700 - Certificate timestamp issue when checking for validity datetime

Issue - State: closed - Opened by perone almost 1 year ago - 1 comment
Labels: bug

#699 - build(deps-dev): bump pydantic from 1.10.6 to 2.0.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 4 comments
Labels: dependencies, python

#698 - build(deps-dev): update ruff requirement from <0.0.277 to <0.0.278

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#697 - build(deps-dev): bump pydantic from 1.10.6 to 2.0.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#696 - build(deps-dev): update ruff requirement from <0.0.276 to <0.0.277

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#695 - build(deps-dev): bump pydantic from 1.10.6 to 2.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#694 - don't parse error messages as json

Pull Request - State: closed - Opened by bobcallaway about 1 year ago - 3 comments
Labels: component:api

#693 - build(deps): bump sigstore/sigstore-conformance from 0.0.4 to 0.0.5

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 3 comments
Labels: dependencies, github_actions

#692 - Make `VerificationError` available in the verification API

Pull Request - State: closed - Opened by mayaCostantini about 1 year ago - 1 comment

#691 - Make `VerificationError` available in the API

Issue - State: closed - Opened by mayaCostantini about 1 year ago - 6 comments
Labels: enhancement

#690 - build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#689 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.6 to 1.8.7

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, github_actions

#688 - build(deps): bump requests from 2.28.2 to 2.31.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 3 comments
Labels: dependencies, python

#687 - python.org Sigstore documentation doesn't have example for .sigstore bundles

Issue - State: closed - Opened by sethmlarson about 1 year ago - 1 comment
Labels: bug

#686 - build(deps-dev): update ruff requirement from <0.0.275 to <0.0.276

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#685 - sigstore: 2.0.0rc1

Pull Request - State: closed - Opened by tetsuo-cpp about 1 year ago - 2 comments

#684 - Bump `sigstore-conformance` to 0.0.5

Pull Request - State: closed - Opened by tetsuo-cpp about 1 year ago - 5 comments

#683 - build(deps-dev): update ruff requirement from <0.0.273 to <0.0.275

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#682 - Fix missing SigningContext import in sign example

Pull Request - State: closed - Opened by mayaCostantini about 1 year ago - 3 comments

#681 - build(deps): bump actions/upload-pages-artifact from 1.0.8 to 1.0.9

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#680 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] about 1 year ago - 1 comment
Labels: bug, component:cicd, component:tests

#679 - build(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#678 - build(deps): bump actions/deploy-pages from 2.0.1 to 2.0.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#677 - build(deps): bump actions/checkout from 3.5.2 to 3.5.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#676 - build(deps): bump github/codeql-action from 2.3.6 to 2.13.4

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#675 - build(deps-dev): update ruff requirement from <0.0.272 to <0.0.273

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 3 comments
Labels: dependencies, python

#674 - Handle the case of missing EKU in _is_preissuer

Pull Request - State: closed - Opened by ccordoui about 1 year ago - 13 comments
Labels: component:signing

#673 - sign: switch another keysite to P-256

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: component:signing, component:api

#672 - build(deps-dev): bump pydantic from 1.10.6 to 1.10.9

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#671 - build(deps-dev): update ruff requirement from <0.0.271 to <0.0.272

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#670 - build(deps): bump slsa-framework/slsa-github-generator from 1.6.0 to 1.7.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, github_actions

#669 - workflows: debug staging-tests

Pull Request - State: closed - Opened by woodruffw about 1 year ago - 3 comments
Labels: component:signing, component:api, component:tests

#668 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] about 1 year ago - 2 comments
Labels: bug, component:cicd, component:tests

#667 - feat: Add `--oauth-force-oob` CLI option

Pull Request - State: closed - Opened by laurentsimon about 1 year ago - 19 comments
Labels: component:cli, component:signing, component:api

#666 - Provide API that take in a hash instead of io bytes

Issue - State: closed - Opened by laurentsimon about 1 year ago - 24 comments
Labels: enhancement

GitHub / sigstore/sigstore-python issues and pull requests