Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / sigstore/sigstore-python issues and pull requests

#551 - build(deps): bump actions/checkout from 3.3.0 to 3.4.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#550 - build(deps): bump securesystemslib from 0.26.0 to 0.27.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, python

#549 - ResourceWarning in signing API

Issue - State: open - Opened by lukpueh over 1 year ago - 12 comments
Labels: good first issue, qa

#548 - Pin requirements on releases with a workflow

Pull Request - State: closed - Opened by tnytown over 1 year ago - 3 comments
Labels: component:cicd

#547 - Handle different SCT error cases correctly

Issue - State: closed - Opened by woodruffw over 1 year ago - 1 comment
Labels: bug, component:api

#546 - build(deps-dev): update ruff requirement from <0.0.255 to <0.0.256

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, python

#545 - build(deps): bump pypa/gh-action-pypi-publish from 1.6.4 to 1.7.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#544 - build(deps): bump urllib3 from 1.26.14 to 1.26.15 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#543 - sct, test_sign: adjust exception messages

Pull Request - State: closed - Opened by tnytown over 1 year ago

#542 - tuf: use bundled trusted root if available

Pull Request - State: closed - Opened by tnytown over 1 year ago - 3 comments
Labels: component:tuf

#541 - oidc: configure timeouts for `requests`

Pull Request - State: closed - Opened by tnytown over 1 year ago

#540 - build(deps): bump actions/deploy-pages from 1.2.4 to 1.2.5

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#539 - build(deps): bump github/codeql-action from 2.2.5 to 2.2.6

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, github_actions

#538 - build(deps-dev): bump pydantic from 1.10.5 to 1.10.6

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#537 - build(deps): bump pydantic from 1.10.5 to 1.10.6 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#536 - verify: Stop using `pydantic` aliases in constructor to avoid `mypy` plugin bug

Pull Request - State: closed - Opened by tetsuo-cpp over 1 year ago
Labels: component:cicd

#535 - treewide: Replace ambient credential detection with `id`

Pull Request - State: closed - Opened by tetsuo-cpp over 1 year ago
Labels: component:signing, dependencies

#534 - build(deps): bump sigstore from 1.1.0 to 1.1.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#533 - build(deps): bump charset-normalizer from 3.0.1 to 3.1.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, python

#532 - build(deps): bump sigstore from 1.1.0 to 1.1.1 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, python

#531 - Move all error diagnostics to _errors

Pull Request - State: closed - Opened by tnytown over 1 year ago - 3 comments
Labels: refactoring

#530 - MyPy 1.1, fixes

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: qa, chore

#529 - calling Signer.production() raises KeyError for tuf targets metadata

Issue - State: closed - Opened by lukpueh over 1 year ago - 2 comments
Labels: bug

#528 - Replace our ambient credential detection with `id`

Issue - State: closed - Opened by woodruffw over 1 year ago - 3 comments
Labels: refactoring, dependencies, chore

#527 - Root hash signature verification

Pull Request - State: closed - Opened by jleightcap over 1 year ago - 13 comments

#526 - Prep 1.1.1

Pull Request - State: closed - Opened by woodruffw over 1 year ago

#525 - `TrustUpdater` error handling

Pull Request - State: closed - Opened by tnytown over 1 year ago - 15 comments

#524 - sigstore: 1.1.1rc1

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: chore

#523 - sigstore: 1.1.0rc1

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: chore

#522 - Ignore targets missing the `custom` field

Pull Request - State: closed - Opened by di over 1 year ago - 1 comment

#521 - Add CI to test install-ability of `requirements.txt` file

Pull Request - State: closed - Opened by di over 1 year ago - 1 comment

#520 - Python 3.10: pip install -r requirements.txt fails due to unpinned importlib_resources

Issue - State: closed - Opened by salticus over 1 year ago - 1 comment
Labels: bug

#519 - build(deps-dev): update ruff requirement from <0.0.253 to <0.0.255

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#518 - TUF `TrustUpdater` basic logging

Pull Request - State: closed - Opened by jleightcap over 1 year ago - 1 comment

#517 - Release verification with both (`.sig`, `.crt`) + `.sigstore`

Pull Request - State: closed - Opened by jleightcap over 1 year ago - 4 comments

#516 - build(deps-dev): bump cryptography from 39.0.1 to 39.0.2

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#515 - build(deps): bump cryptography from 39.0.1 to 39.0.2 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#514 - Support signing multiple artifacts with a single certificate

Issue - State: closed - Opened by mayaCostantini over 1 year ago - 9 comments
Labels: enhancement

#513 - build(deps-dev): update ruff requirement from <0.0.253 to <0.0.254

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#512 - build(deps): bump slsa-framework/slsa-github-generator from 1.4.0 to 1.5.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, github_actions

#511 - build(deps-dev): update ruff requirement from <0.0.250 to <0.0.253

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#510 - build(deps): bump github/codeql-action from 2.2.4 to 2.2.5

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, github_actions

#509 - Update our release process to produce `.sigstore` bundle files

Issue - State: closed - Opened by di over 1 year ago - 3 comments
Labels: enhancement

#508 - chore: rename some error types

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: refactoring, chore

#507 - Use DEFAULT_AUDIENCE instead of hard-coding

Pull Request - State: closed - Opened by di over 1 year ago - 1 comment

#506 - build(deps-dev): update ruff requirement from <0.0.248 to <0.0.250

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#505 - build(deps): bump slsa-framework/slsa-github-generator from 1.2.1 to 1.4.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#504 - pyproject.toml: pin pydantic ~= 1.10

Pull Request - State: closed - Opened by tnytown over 1 year ago - 4 comments
Labels: dependencies

#503 - build(deps-dev): update ruff requirement from <0.0.247 to <0.0.248

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#502 - build(deps): bump typing-extensions from 4.4.0 to 4.5.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#501 - build(deps): bump pydantic from 1.10.4 to 1.10.5 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#500 - build(deps-dev): update ruff requirement from <0.0.245 to <0.0.247

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#499 - oidc: Buildkite support

Pull Request - State: closed - Opened by tetsuo-cpp over 1 year ago - 6 comments

#498 - build(deps): bump github/codeql-action from 2.2.3 to 2.2.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#497 - build(deps-dev): update ruff requirement from <0.0.244 to <0.0.245

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#496 - build(deps): bump github/codeql-action from 2.2.2 to 2.2.3

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#495 - build(deps): bump cryptography from 39.0.0 to 39.0.1 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#494 - build(deps-dev): update ruff requirement from <0.0.242 to <0.0.244

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#493 - build(deps): bump github/codeql-action from 2.2.1 to 2.2.2

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#492 - build(deps-dev): update ruff requirement from <0.0.241 to <0.0.242

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#491 - build(deps-dev): update ruff requirement from <0.0.240 to <0.0.241

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#490 - build(deps-dev): update ruff requirement from <0.0.239 to <0.0.240

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#489 - build(deps): bump actions/deploy-pages from 1.2.3 to 1.2.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#488 - TUF: Support "bundled" trust root

Issue - State: closed - Opened by woodruffw over 1 year ago - 4 comments
Labels: enhancement, component:tuf

#487 - build(deps-dev): update ruff requirement from <0.0.238 to <0.0.239

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#486 - build(deps): bump sigstore from 1.0.0 to 1.1.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#485 - Conformance suite fixes

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: component:cicd, component:tests

#484 - Prep 1.1.0

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 1 comment
Labels: chore

#483 - CLI: `--offline` should mean fully offline

Issue - State: closed - Opened by woodruffw over 1 year ago - 22 comments
Labels: enhancement, component:cli, component:tuf

#482 - build(deps-dev): bump tuf from 2.0.0 to 2.1.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, python

#481 - build(deps-dev): update ruff requirement from <0.0.237 to <0.0.238

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, python

#480 - build(deps): bump tuf from 2.0.0 to 2.1.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 4 comments
Labels: dependencies, python

#479 - Log cert-identity and cert-oidc-issuer at signing time

Pull Request - State: closed - Opened by di over 1 year ago

#478 - Support verifying Sigstore bundles

Pull Request - State: closed - Opened by tetsuo-cpp over 1 year ago - 2 comments
Labels: component:cli, component:verification

#477 - pyproject.toml: Don't check for line-length with `ruff` since we're reformatting with `black`

Pull Request - State: closed - Opened by tetsuo-cpp over 1 year ago
Labels: refactoring

#476 - build(deps-dev): update ruff requirement from <0.0.236 to <0.0.237

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#475 - build(deps): bump github/codeql-action from 2.2.0 to 2.2.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#474 - NewTypes for clearer encoding types

Pull Request - State: closed - Opened by emilejbm over 1 year ago - 14 comments
Labels: refactoring

#473 - build(deps-dev): update ruff requirement from <0.0.232 to <0.0.236

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#472 - build(deps): bump github/codeql-action from 2.1.39 to 2.2.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#471 - pyproject: semver match for tuf dep

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 1 comment
Labels: dependencies, chore

#470 - CHANGELOG: record changes

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 1 comment
Labels: documentation, chore

#469 - build(deps-dev): update ruff requirement from <0.0.231 to <0.0.232

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#468 - build(deps-dev): update ruff requirement from <0.0.229 to <0.0.231

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#467 - `sigstore==1.0.0` causes a pydantic error with python 3.8

Issue - State: closed - Opened by mayaCostantini over 1 year ago
Labels: bug

#466 - build(deps-dev): update ruff requirement from <0.0.226 to <0.0.229

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#465 - Initial Sigstore bundle support

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 4 comments
Labels: component:cli, component:signing

#464 - build(deps-dev): update ruff requirement from <0.0.225 to <0.0.226

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#463 - build(deps): bump github/codeql-action from 2.1.38 to 2.1.39

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#462 - sigstore: improve JSON response handling

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 1 comment
Labels: refactoring

#461 - Only run conformance if safe-to-test label is applied

Pull Request - State: closed - Opened by loosebazooka over 1 year ago - 1 comment

#460 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] over 1 year ago - 1 comment
Labels: bug, component:cicd, component:tests

#459 - Fixing typo in release.yml

Pull Request - State: closed - Opened by ankenyr over 1 year ago - 1 comment

#458 - keyring: CTFE & Rekor shared `Keyring` abstraction

Pull Request - State: closed - Opened by jleightcap over 1 year ago - 4 comments

#457 - build(deps-dev): update ruff requirement from <0.0.224 to <0.0.225

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#456 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] over 1 year ago
Labels: bug, component:cicd, component:tests

#455 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] over 1 year ago
Labels: bug, component:cicd, component:tests

#454 - build(deps-dev): update ruff requirement from <0.0.221 to <0.0.224

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, python

#453 - build(deps): bump actions/checkout from 3.2.0 to 3.3.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions

#452 - build(deps): bump actions/setup-python from 4.4.0 to 4.5.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, github_actions