sigstore/sigstore-python issues and pull requests

#749 - Update `pin-requirements.yml`

Pull Request - State: closed - Opened by di about 1 year ago
Labels: chore

#748 - Update `pin-requirements.yml` to use latest tag as default

Pull Request - State: closed - Opened by di about 1 year ago

#747 - CHANGELOG: record #745

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: chore

#746 - Update securityscorecards.dev URL

Pull Request - State: closed - Opened by di about 1 year ago
Labels: chore

#745 - Drop support for Python 3.7

Pull Request - State: closed - Opened by di about 1 year ago - 1 comment
Labels: dependencies

#744 - Pass `--upgrade` to pip-compile in `pin-requirements.yml`

Pull Request - State: closed - Opened by di about 1 year ago - 1 comment

#743 - Revert "Try separate config for /install directory (#742)"

Pull Request - State: closed - Opened by di about 1 year ago

#743 - Revert "Try separate config for /install directory (#742)"

Pull Request - State: closed - Opened by di about 1 year ago

#742 - Try separate config for /install directory

Pull Request - State: closed - Opened by di about 1 year ago - 2 comments

#742 - Try separate config for /install directory

Pull Request - State: closed - Opened by di about 1 year ago - 2 comments

#741 - pydantic deprecation warnings

Issue - State: closed - Opened by jku about 1 year ago - 4 comments
Labels: enhancement, dependencies

#740 - build(deps-dev): update ruff requirement from <0.0.286 to <0.0.287

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 3 comments
Labels: dependencies, python

#739 - build(deps-dev): bump id from 1.0.0 to 1.1.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 10 comments
Labels: dependencies, python

#739 - build(deps-dev): bump id from 1.0.0 to 1.1.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 11 comments
Labels: dependencies, python

#738 - Unclear error message "GCP: OIDC token request failed (code=404)"

Issue - State: closed - Opened by laurentsimon about 1 year ago - 2 comments
Labels: enhancement

#737 - build(deps): bump actions/checkout from 3.5.3 to 3.6.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#736 - build(deps): bump slsa-framework/slsa-github-generator from 1.8.0 to 1.9.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 3 comments
Labels: dependencies, github_actions

#735 - Add SECURITY.md file

Pull Request - State: closed - Opened by david-a-wheeler about 1 year ago - 2 comments

#734 - Error: "Clone succeeded, but checkout failed"

Issue - State: closed - Opened by lmmx about 1 year ago - 9 comments
Labels: bug

#733 - build(deps-dev): update ruff requirement from <0.0.284 to <0.0.286

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#732 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.9 to 1.8.10

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#731 - build(deps): bump actions/deploy-pages from 2.0.3 to 2.0.4

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#730 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.9

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, github_actions

#729 - build(deps-dev): update ruff requirement from <0.0.284 to <0.0.285

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, python

#728 - build(deps-dev): update ruff requirement from <0.0.283 to <0.0.284

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#727 - build(deps): bump slsa-framework/slsa-github-generator from 1.7.0 to 1.8.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#726 - build(deps): bump sigstore/sigstore-conformance from 0.0.5 to 0.0.6

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, github_actions

#725 - build(deps-dev): update ruff requirement from <0.0.282 to <0.0.283

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#724 - Rethink our approach to handling old bundle versions

Issue - State: closed - Opened by woodruffw about 1 year ago - 1 comment
Labels: enhancement, component:verification

#723 - models: require checkpoint in embedded inclusion proof

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: component:verification

#722 - build(deps-dev): update ruff requirement from <0.0.281 to <0.0.282

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#721 - doc: README document the (now default) `.sigstore` bundles

Pull Request - State: closed - Opened by jleightcap about 1 year ago - 2 comments

#720 - conformance: bump runner

Pull Request - State: closed - Opened by jleightcap about 1 year ago
Labels: component:tests

#719 - Add VerificationMaterials.to_bundle()

Pull Request - State: closed - Opened by sethmlarson about 1 year ago - 10 comments

#718 - CLI: Provide a subcommand for creating bundles from detached materials?

Issue - State: open - Opened by sethmlarson about 1 year ago - 3 comments
Labels: enhancement, component:cli

#717 - Update comments

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: chore

#716 - build(deps): bump certifi from 2022.12.7 to 2023.7.22 in /install

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#715 - policy: initial new extension OIDs

Pull Request - State: closed - Opened by woodruffw about 1 year ago - 3 comments
Labels: component:verification, component:api

#714 - build(deps-dev): update ruff requirement from <0.0.279 to <0.0.281

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#713 - sigstore: 2.0.0rc2

Pull Request - State: closed - Opened by woodruffw about 1 year ago
Labels: chore

#712 - build(deps-dev): bump pyjwt from 2.7.0 to 2.8.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 3 comments
Labels: dependencies, python

#711 - Allow --verbose flag to be passed in sub-commands

Issue - State: closed - Opened by sethmlarson about 1 year ago - 3 comments
Labels: bug, component:cli

#710 - build(deps-dev): bump pydantic from 1.10.6 to 2.0.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, python

#709 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.7 to 1.8.8

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#708 - build(deps): bump actions/setup-python from 4.6.1 to 4.7.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, github_actions

#707 - build(deps-dev): bump sigstore-protobuf-specs from 0.1.0 to 0.2.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, python

#706 - build(deps-dev): update ruff requirement from <0.0.278 to <0.0.279

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#705 - pyproject: bump sigstore-protobuf-specs

Pull Request - State: closed - Opened by woodruffw about 1 year ago - 8 comments

#704 - build(deps): bump actions/upload-pages-artifact from 1.0.9 to 2.0.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, github_actions

#703 - build(deps): bump actions/deploy-pages from 2.0.2 to 2.0.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#702 - Fixing documentation message about the sign API

Pull Request - State: closed - Opened by perone about 1 year ago - 6 comments

#701 - Add timezone (utc) info into the cert not_valid_after field

Pull Request - State: closed - Opened by perone about 1 year ago - 4 comments
Labels: component:signing, component:api

#700 - Certificate timestamp issue when checking for validity datetime

Issue - State: closed - Opened by perone about 1 year ago - 1 comment
Labels: bug

#699 - build(deps-dev): bump pydantic from 1.10.6 to 2.0.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 4 comments
Labels: dependencies, python

#698 - build(deps-dev): update ruff requirement from <0.0.277 to <0.0.278

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#697 - build(deps-dev): bump pydantic from 1.10.6 to 2.0.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, python

#696 - build(deps-dev): update ruff requirement from <0.0.276 to <0.0.277

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#695 - build(deps-dev): bump pydantic from 1.10.6 to 2.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#694 - don't parse error messages as json

Pull Request - State: closed - Opened by bobcallaway over 1 year ago - 3 comments
Labels: component:api

#693 - build(deps): bump sigstore/sigstore-conformance from 0.0.4 to 0.0.5

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 3 comments
Labels: dependencies, github_actions

#692 - Make `VerificationError` available in the verification API

Pull Request - State: closed - Opened by mayaCostantini over 1 year ago - 1 comment

#691 - Make `VerificationError` available in the API

Issue - State: closed - Opened by mayaCostantini over 1 year ago - 6 comments
Labels: enhancement

#690 - build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#689 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.6 to 1.8.7

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, github_actions

#688 - build(deps): bump requests from 2.28.2 to 2.31.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 3 comments
Labels: dependencies, python

#687 - python.org Sigstore documentation doesn't have example for .sigstore bundles

Issue - State: closed - Opened by sethmlarson over 1 year ago - 1 comment
Labels: bug

#686 - build(deps-dev): update ruff requirement from <0.0.275 to <0.0.276

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#685 - sigstore: 2.0.0rc1

Pull Request - State: closed - Opened by tetsuo-cpp over 1 year ago - 2 comments

#684 - Bump `sigstore-conformance` to 0.0.5

Pull Request - State: closed - Opened by tetsuo-cpp over 1 year ago - 5 comments

#683 - build(deps-dev): update ruff requirement from <0.0.273 to <0.0.275

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#682 - Fix missing SigningContext import in sign example

Pull Request - State: closed - Opened by mayaCostantini over 1 year ago - 3 comments

#681 - build(deps): bump actions/upload-pages-artifact from 1.0.8 to 1.0.9

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#680 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] over 1 year ago - 1 comment
Labels: bug, component:cicd, component:tests

#679 - build(deps): bump peter-evans/create-pull-request from 5.0.1 to 5.0.2

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#678 - build(deps): bump actions/deploy-pages from 2.0.1 to 2.0.2

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#677 - build(deps): bump actions/checkout from 3.5.2 to 3.5.3

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#676 - build(deps): bump github/codeql-action from 2.3.6 to 2.13.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions

#675 - build(deps-dev): update ruff requirement from <0.0.272 to <0.0.273

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 3 comments
Labels: dependencies, python

#674 - Handle the case of missing EKU in _is_preissuer

Pull Request - State: closed - Opened by ccordoui over 1 year ago - 13 comments
Labels: component:signing

#673 - sign: switch another keysite to P-256

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: component:signing, component:api

#672 - build(deps-dev): bump pydantic from 1.10.6 to 1.10.9

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#671 - build(deps-dev): update ruff requirement from <0.0.271 to <0.0.272

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#670 - build(deps): bump slsa-framework/slsa-github-generator from 1.6.0 to 1.7.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, github_actions

#669 - workflows: debug staging-tests

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 3 comments
Labels: component:signing, component:api, component:tests

#668 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] over 1 year ago - 2 comments
Labels: bug, component:cicd, component:tests

#667 - feat: Add `--oauth-force-oob` CLI option

Pull Request - State: closed - Opened by laurentsimon over 1 year ago - 19 comments
Labels: component:cli, component:signing, component:api

#666 - Provide API that take in a hash instead of io bytes

Issue - State: closed - Opened by laurentsimon over 1 year ago - 24 comments
Labels: enhancement

#665 - Consolidate the sign API

Issue - State: closed - Opened by laurentsimon over 1 year ago - 5 comments
Labels: enhancement, component:signing, component:api

#664 - build(deps): bump github/codeql-action from 2.3.5 to 2.3.6

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#663 - build(deps-dev): bump pyopenssl from 23.0.0 to 23.2.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, python

#662 - sign: switch to P-256

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 1 comment
Labels: component:signing

#661 - CLI-based browser cannot complete OAuth flow

Issue - State: closed - Opened by laurentsimon over 1 year ago - 5 comments
Labels: bug

#660 - build(deps-dev): update ruff requirement from <0.0.270 to <0.0.271

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#659 - build(deps): bump github/codeql-action from 2.3.3 to 2.3.5

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#658 - Fail to sign artifacts when `ExtendedKeyUsage` claim is absent from issuer certificate

Issue - State: closed - Opened by mayaCostantini over 1 year ago - 7 comments
Labels: bug

#657 - build(deps): bump actions/setup-python from 4.6.0 to 4.6.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#656 - build(deps-dev): bump pydantic from 1.10.6 to 1.10.8

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#655 - build(deps-dev): update ruff requirement from <0.0.266 to <0.0.270

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#654 - Verification: Switch to new-style claim extensions

Issue - State: closed - Opened by woodruffw over 1 year ago - 3 comments
Labels: duplicate, enhancement, component:verification

#653 - build(deps-dev): update ruff requirement from <0.0.266 to <0.0.268

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, python

GitHub / sigstore/sigstore-python issues and pull requests