Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / sigstore/sigstore-python issues and pull requests
#652 - build(deps): bump slsa-framework/slsa-github-generator from 1.5.0 to 1.6.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 5 comments
Labels: dependencies, github_actions
#651 - build(deps-dev): bump pyjwt from 2.6.0 to 2.7.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#650 - build(deps-dev): bump tuf from 2.1.0 to 3.0.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 2 comments
Labels: dependencies, python
#649 - build(deps-dev): update ruff requirement from <0.0.265 to <0.0.266
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#648 - build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.2
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#647 - build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#646 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.5 to 1.8.6
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#645 - Add option to sign multiple artifacts with the same key and certificate
Pull Request -
State: closed - Opened by mayaCostantini over 1 year ago
- 39 comments
#644 - build(deps-dev): update ruff requirement from <0.0.264 to <0.0.265
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#643 - build(deps): bump peter-evans/create-pull-request from 5.0.0 to 5.0.1
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#642 - cli: Remove default subcommand hack
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
- 2 comments
Labels: component:cli, refactoring, chore
#641 - sigstore: fix `detect_credential` signature
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
- 2 comments
Labels: component:api
#640 - build(deps): bump github/codeql-action from 2.3.0 to 2.3.2
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#639 - conformance: remove old id-token permission
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
Labels: component:cicd, chore
#638 - workflows: Remove `id-token: write` permission
Pull Request -
State: closed - Opened by tetsuo-cpp over 1 year ago
#637 - workflows: bump sigstore-conformance
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
- 1 comment
Labels: component:cicd
#636 - Remove deprecated `sigstore verify -> sigstore verify identity` alias
Issue -
State: closed - Opened by woodruffw over 1 year ago
- 2 comments
Labels: enhancement
#635 - sigstore: refactor, use IdentityToken everywhere
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
- 10 comments
Labels: component:signing, refactoring
#634 - Root hash signature verification v2
Pull Request -
State: closed - Opened by tnytown over 1 year ago
- 4 comments
Labels: enhancement, component:verification, component:api
#633 - verify: fix timerange inclusion check
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
#632 - sigstore: ratchet down the bundle certs
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
- 6 comments
#631 - build(deps-dev): update ruff requirement from <0.0.263 to <0.0.264
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#630 - Bundle: check and generate the certificate chain more aggressively
Issue -
State: closed - Opened by woodruffw over 1 year ago
Labels: enhancement, component:signing, component:verification
#629 - CLI: Verification should support complex policies via a policy file input
Issue -
State: open - Opened by woodruffw over 1 year ago
- 2 comments
Labels: enhancement, component:cli, blocked
#628 - Support DSSE-style enveloped signatures
Issue -
State: closed - Opened by woodruffw over 1 year ago
- 37 comments
Labels: enhancement
#627 - _cli: implement `--output-directory`
Pull Request -
State: closed - Opened by tnytown over 1 year ago
Labels: enhancement, component:cli
#626 - tuf: remove non-trusted-root handling paths
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
Labels: refactoring, component:tuf
#625 - _cli: allow named pipes as inputs
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
- 3 comments
Labels: component:cli, blocked
#624 - Update pinned requirements for v1.1.2
Pull Request -
State: closed - Opened by github-actions[bot] over 1 year ago
- 2 comments
#623 - build(deps): bump sigstore from 1.1.1 to 1.1.2
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 2 comments
Labels: dependencies, python
#622 - CHANGELOG: fix link
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
Labels: chore
#621 - release: prep 1.1.2
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
Labels: chore
#620 - `sigstore sign`: `--output-directory` or similar option for writing all outputs to a single directory?
Issue -
State: closed - Opened by woodruffw over 1 year ago
- 3 comments
Labels: enhancement, component:cli
#619 - build(deps): bump github/codeql-action from 2.2.11 to 2.3.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#618 - build(deps-dev): update ruff requirement from <0.0.262 to <0.0.263
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#617 - build(deps): bump actions/setup-python from 4.5.0 to 4.6.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#616 - [BUG] Named pipes do not work as `sigstore sign` inputs
Issue -
State: closed - Opened by woodruffw over 1 year ago
Labels: bug, component:cli
#615 - build(deps): bump actions/deploy-pages from 2.0.0 to 2.0.1
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#614 - _cli: emit only sigstore bundle by default
Pull Request -
State: closed - Opened by tnytown over 1 year ago
Labels: enhancement, component:cli
#613 - build(deps): bump actions/checkout from 3.5.1 to 3.5.2
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#612 - build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#611 - tuf: embed trusted root target
Pull Request -
State: closed - Opened by tnytown over 1 year ago
- 1 comment
Labels: enhancement, component:tuf
#610 - build(deps): bump actions/checkout from 3.5.0 to 3.5.1
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#609 - swap over to using CDN to fetch TUF roots
Pull Request -
State: closed - Opened by bobcallaway over 1 year ago
Labels: component:tuf
#608 - Embed TUF targets to minimize downloads
Issue -
State: closed - Opened by haydentherapper over 1 year ago
- 8 comments
Labels: enhancement, component:tuf
#606 - build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#605 - build(deps-dev): update ruff requirement from <0.0.261 to <0.0.262
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#604 - build(deps): bump peter-evans/create-pull-request from 4.2.4 to 5.0.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#603 - build(deps): bump github/codeql-action from 2.2.9 to 2.2.10
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#602 - Update `staging-root.json` and test assets
Pull Request -
State: closed - Opened by tnytown over 1 year ago
Labels: component:tuf
#601 - [CI] Integration failure: staging instance
Issue -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
Labels: bug, component:cicd, component:tests
#600 - Incorrect information in `https://www.python.org/download/sigstore/`
Issue -
State: closed - Opened by ned-deily over 1 year ago
- 28 comments
Labels: bug
#599 - [CI] Integration failure: staging instance
Issue -
State: closed - Opened by github-actions[bot] over 1 year ago
Labels: bug, component:cicd, component:tests
#598 - [CI] Integration failure: staging instance
Issue -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
Labels: bug, component:cicd, component:tests
#597 - [CI] Integration failure: staging instance
Issue -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
Labels: bug, component:cicd, component:tests
#596 - [CI] Integration failure: staging instance
Issue -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
Labels: bug, component:cicd, component:tests
#595 - [CI] Integration failure: staging instance
Issue -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
Labels: bug, component:cicd, component:tests
#594 - Update staging-root.json
Pull Request -
State: closed - Opened by haydentherapper over 1 year ago
- 14 comments
Labels: component:tuf
#593 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.3 to 1.8.5
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#592 - CLI: stop emitting `.sig` and `.crt` signing outputs
Issue -
State: closed - Opened by tnytown over 1 year ago
- 1 comment
Labels: enhancement, component:cli
#591 - Unit testing for bundled trust root getters
Pull Request -
State: closed - Opened by tnytown over 1 year ago
- 1 comment
Labels: component:tests, component:tuf
#590 - build(deps-dev): update ruff requirement from <0.0.260 to <0.0.261
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#589 - build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#588 - build(deps-dev): update ruff requirement from <0.0.257 to <0.0.260
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#587 - Aggregate offline and online test coverage.
Pull Request -
State: closed - Opened by jleightcap over 1 year ago
- 1 comment
#586 - build(deps-dev): bump pyopenssl from 23.0.0 to 23.1.1
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 3 comments
Labels: dependencies, python
#585 - build(deps): bump github/codeql-action from 2.2.8 to 2.2.9
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#584 - TUF: Remove support for non-bundled roots of trust
Issue -
State: closed - Opened by woodruffw over 1 year ago
- 1 comment
Labels: enhancement, component:tuf
#583 - build(deps-dev): bump pyopenssl from 23.0.0 to 23.1.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 5 comments
Labels: dependencies, python
#582 - build(deps): bump actions/checkout from 3.4.0 to 3.5.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#581 - build(deps): bump actions/upload-pages-artifact from 1.0.7 to 1.0.8
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#580 - More unit testing for bundled trust root changes
Issue -
State: closed - Opened by tnytown over 1 year ago
Labels: enhancement, component:tuf
#579 - build(deps-dev): bump pydantic from 1.10.6 to 1.10.7
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, python
#578 - build(deps): bump github/codeql-action from 2.2.7 to 2.2.8
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#577 - build(deps): bump pypa/gh-action-pypi-publish from 1.8.1 to 1.8.3
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 2 comments
Labels: dependencies, github_actions
#576 - Adapt ambient OIDC tests to support interactive flow for local testing
Pull Request -
State: closed - Opened by tnytown over 1 year ago
- 1 comment
Labels: component:tests
#575 - build(deps): bump actions/deploy-pages from 1.2.7 to 2.0.0
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#574 - Update pinned requirements for v1.1.2rc1
Pull Request -
State: closed - Opened by github-actions[bot] over 1 year ago
#573 - workflows/pin-requirements: fix job name
Pull Request -
State: closed - Opened by tnytown over 1 year ago
Labels: component:cicd, github_actions
#572 - `pin-requirements` workflow self-test
Pull Request -
State: closed - Opened by tnytown over 1 year ago
Labels: component:cicd
#571 - sigstore, test: reflow, fix
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
Labels: component:tests
#570 - Reduce our dependency on ambient OIDC tests for error cases
Issue -
State: closed - Opened by woodruffw over 1 year ago
Labels: enhancement
#569 - build(deps): bump actions/deploy-pages from 1.2.6 to 1.2.7
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#568 - build(deps): bump pypa/gh-action-pypi-publish from 1.7.1 to 1.8.1
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#567 - Signing should support issuer and identity arguments too
Issue -
State: closed - Opened by jku over 1 year ago
- 6 comments
Labels: enhancement
#566 - workflows/release: use OIDC for publishing
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
- 2 comments
Labels: component:cicd, chore
#565 - Update pinned requirements for v1.1.2rc1
Pull Request -
State: closed - Opened by github-actions[bot] over 1 year ago
#564 - confusing debug output in sign
Issue -
State: closed - Opened by jku over 1 year ago
- 1 comment
Labels: good first issue, qa
#563 - The `pin-requirements.yml` workflow should test itself
Issue -
State: closed - Opened by woodruffw over 1 year ago
Labels: component:cicd
#562 - pin-requirements: fix wheel URL
Pull Request -
State: closed - Opened by woodruffw over 1 year ago
Labels: component:cicd
#561 - Update pinned requirements for v1.1.2rc1
Pull Request -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
#560 - workflows/pin-requirements: fix interpolation
Pull Request -
State: closed - Opened by tnytown over 1 year ago
Labels: github_actions
#559 - Update pinned requirements for ${SIGSTORE_RELEASE_TAG}
Pull Request -
State: closed - Opened by github-actions[bot] over 1 year ago
- 1 comment
#558 - workflows/pin-requirements: typo
Pull Request -
State: closed - Opened by tnytown over 1 year ago
Labels: github_actions
#557 - sigstore: 1.1.2rc1
Pull Request -
State: closed - Opened by tnytown over 1 year ago
Labels: chore
#556 - build(deps): bump peter-evans/create-pull-request from 4.2.3 to 4.2.4
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions
#555 - sct, keyring: specialize errors
Pull Request -
State: closed - Opened by tnytown over 1 year ago
- 1 comment
Labels: component:api
#554 - build(deps-dev): update ruff requirement from <0.0.256 to <0.0.257
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 3 comments
Labels: dependencies, python
#553 - build(deps): bump actions/deploy-pages from 1.2.4 to 1.2.6
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, github_actions
#552 - build(deps): bump github/codeql-action from 2.2.5 to 2.2.7
Pull Request -
State: closed - Opened by dependabot[bot] over 1 year ago
- 1 comment
Labels: dependencies, github_actions