sigstore/sigstore-python issues and pull requests

#263 - Refactor SCT verification/CT key handling

Issue - State: closed - Opened by woodruffw over 1 year ago - 4 comments
Labels: bug, component:signing, component:verification

#262 - ctfe: add staging targets

Pull Request - State: closed - Opened by asraa over 1 year ago - 8 comments

#261 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] over 1 year ago - 1 comment
Labels: bug, component:cicd, component:tests

#260 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] over 1 year ago - 1 comment
Labels: bug, component:cicd, component:tests

#259 - test: add an `ambient_oidc` marker

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: component:cicd, component:tests

#258 - test: add an `ambient_oidc` marker

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 1 comment
Labels: component:cicd, component:tests

#257 - CI: Fix unit tests on PRs from forks

Issue - State: closed - Opened by woodruffw over 1 year ago
Labels: bug, component:cicd, component:tests

#256 - Restore SLSA provenance generator

Pull Request - State: closed - Opened by di over 1 year ago - 2 comments

#255 - add community-wide reusable workflow for license/vuln scan

Pull Request - State: closed - Opened by bobcallaway over 1 year ago

#254 - build(deps): bump securesystemslib from 0.24.0 to 0.25.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#253 - workflows/ci: add codecov

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 6 comments
Labels: component:cicd, component:tests

#252 - Support for other Rekor types

Issue - State: closed - Opened by woodruffw over 1 year ago - 2 comments
Labels: enhancement

#251 - Support generating and verifying with "Sigstore" bundles

Issue - State: closed - Opened by woodruffw over 1 year ago - 11 comments
Labels: enhancement

#250 - Chore: Refactor how we handle verification materials

Issue - State: closed - Opened by woodruffw over 1 year ago - 9 comments
Labels: enhancement, component:api, refactoring

#249 - Chore: use newtypes to make the API more misuse-resistant

Issue - State: closed - Opened by woodruffw over 1 year ago - 9 comments
Labels: enhancement, chore

#248 - Include Root Hash verification when verifying a Rekor Inclusion Proof

Issue - State: closed - Opened by asraa over 1 year ago - 7 comments
Labels: enhancement, component:verification

#247 - Offline Rekor bundle generation and verification

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 20 comments
Labels: component:verification

#246 - build(deps): bump sigstore from 0.6.6 to 0.6.7 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#245 - build(deps): bump cryptography from 38.0.1 to 38.0.2 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#244 - _cli: add boolean envvar defaults

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: component:cli

#243 - sigstore: 0.6.7

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: chore

#242 - _cli: add envvar defaults for most options

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: component:cli

#241 - _verify: make the failure reason more detailed when rekor lookup fails

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: component:verification

#240 - build(deps): bump typing-extensions from 4.3.0 to 4.4.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies

#239 - rekor/client: fix result search

Pull Request - State: closed - Opened by woodruffw over 1 year ago
Labels: component:verification

#238 - rekor, verify: replace unstable API use

Pull Request - State: closed - Opened by woodruffw over 1 year ago - 2 comments
Labels: component:verification

#237 - Rekor Verification Reliability: Using /entries/retrieve rather than /index/retrieve

Issue - State: closed - Opened by asraa over 1 year ago - 4 comments
Labels: bug, component:verification

#236 - build(deps): bump sigstore from 0.6.5 to 0.6.6 in /install

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 3 comments
Labels: dependencies

#235 - Tests: ensure consistency of transparency log response and entry

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: component:tests

#234 - Makefile: run recursive make silently

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: component:cicd

#233 - ci, Makefile: make `check-readme` a make target

Pull Request - State: closed - Opened by woodruffw almost 2 years ago - 2 comments
Labels: component:cicd

#232 - Revert "Add SLSA provenance generator to release; closes #222 (#223)"

Pull Request - State: closed - Opened by di almost 2 years ago

#231 - Bump for 0.6.6 release

Pull Request - State: closed - Opened by di almost 2 years ago

#230 - Move `check-readme` from CI into makefile

Issue - State: closed - Opened by di almost 2 years ago
Labels: enhancement

#229 - Add a get-identity-token subcommand

Pull Request - State: closed - Opened by di almost 2 years ago - 2 comments

#228 - Update CONTRIBUTING.md to expose the requirements to open a PR. Closes #224

Pull Request - State: closed - Opened by diogoteles08 almost 2 years ago - 5 comments
Labels: documentation

#227 - README: update GitHub Action slugs

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: documentation, chore

#226 - build(deps): bump pyopenssl from 22.0.0 to 22.1.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#225 - build(deps): bump certifi from 2022.9.14 to 2022.9.24 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#224 - PR requirements not listed in CONTRIBUTING.md

Issue - State: closed - Opened by diogoteles08 almost 2 years ago - 4 comments
Labels: enhancement

#223 - Add SLSA provenance generator to release; closes #222

Pull Request - State: closed - Opened by diogoteles08 almost 2 years ago - 7 comments

#222 - Integration with SLSA security framework

Issue - State: closed - Opened by diogoteles08 almost 2 years ago - 12 comments
Labels: enhancement, component:cicd

#221 - build(deps): bump pyjwt from 2.4.0 to 2.5.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#220 - build(deps): bump sigstore from 0.6.4 to 0.6.5 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#219 - sigstore: 0.6.5

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: chore

#218 - deps: constrain pyOpenSSL to >=22.0.0

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: bug, dependencies

#217 - build(deps): bump certifi from 2022.6.15.1 to 2022.9.14 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#216 - build(deps): bump idna from 3.3 to 3.4 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#215 - build(deps): bump securesystemslib from 0.23.0 to 0.24.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 4 comments
Labels: dependencies

#214 - build(deps): bump certifi from 2022.6.15 to 2022.6.15.1 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#213 - _internal: Rekor and Fulcio clients clean up their HTTP sessions on release

Pull Request - State: closed - Opened by woodruffw almost 2 years ago - 3 comments

#212 - Resolve ResouceWarning and DeprecationWarning messages for 3.11

Issue - State: closed - Opened by djhenderson almost 2 years ago - 8 comments

#211 - Resolve ResouceWarning messages for 3.10

Issue - State: closed - Opened by djhenderson almost 2 years ago - 2 comments
Labels: bug

#210 - sigstore: use stricter pydantic fields, where applicable

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: refactoring

#209 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 1 comment
Labels: bug, component:cicd, component:tests

#208 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 1 comment
Labels: bug, component:cicd, component:tests

#207 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 3 comments
Labels: bug, component:cicd, component:tests

#206 - build(deps): bump sigstore from 0.6.3 to 0.6.4 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#205 - sigstore: 0.6.4

Pull Request - State: closed - Opened by woodruffw almost 2 years ago

#204 - sigstore 0.6.3 doesn't work with cryptography 38.0.1

Issue - State: closed - Opened by ambv almost 2 years ago - 4 comments
Labels: bug

#203 - build(deps): bump cryptography from 37.0.4 to 38.0.1 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 2 comments
Labels: dependencies

#202 - Staging workflow improvements

Pull Request - State: closed - Opened by woodruffw almost 2 years ago - 4 comments
Labels: component:cicd

#201 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 1 comment
Labels: bug, component:cicd, component:tests

#200 - Small improvements to smoketest/staging tests

Issue - State: closed - Opened by di almost 2 years ago
Labels: enhancement

#199 - treewide: upgrade to cryptography 38

Pull Request - State: closed - Opened by woodruffw almost 2 years ago - 6 comments
Labels: refactoring, dependencies

#198 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 1 comment
Labels: bug, component:cicd, component:tests

#197 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 1 comment
Labels: bug, component:cicd, component:tests

#196 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 1 comment
Labels: bug, component:cicd, component:tests

#195 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 1 comment
Labels: bug, component:cicd, component:tests

#194 - Support generating offline Rekor bundles

Issue - State: closed - Opened by di almost 2 years ago - 1 comment
Labels: enhancement

#193 - build(deps): bump pydantic from 1.10.0 to 1.10.2 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#192 - Skip curl to download requirements.txt

Pull Request - State: closed - Opened by uranusjr almost 2 years ago - 2 comments

#191 - README uses curl unnecessarily

Issue - State: closed - Opened by uranusjr almost 2 years ago
Labels: enhancement

#190 - build(deps): bump pydantic from 1.10.0 to 1.10.1 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#189 - build(deps): bump pydantic from 1.9.2 to 1.10.0 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#188 - build(deps): bump charset-normalizer from 2.1.0 to 2.1.1 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#187 - build(deps): bump urllib3 from 1.26.11 to 1.26.12 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#186 - Update scorecard-action to v2:alpha

Pull Request - State: closed - Opened by azeemshaikh38 almost 2 years ago - 1 comment

#185 - ci: add debug loglevel to ci and debug log of verified log index

Pull Request - State: closed - Opened by asraa almost 2 years ago - 1 comment
Labels: component:cicd, component:tests

#184 - Staging tests: assert that transparency log entry matches what's expected

Issue - State: closed - Opened by di almost 2 years ago - 7 comments
Labels: enhancement

#183 - build(deps): bump pydantic from 1.9.1 to 1.9.2 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#182 - API tweak to allow further external verification

Pull Request - State: closed - Opened by jku almost 2 years ago - 3 comments
Labels: component:verification, component:api

#181 - build(deps): bump sigstore from 0.6.2 to 0.6.3 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#180 - test: add an "online" marker for online tests

Pull Request - State: closed - Opened by woodruffw almost 2 years ago - 1 comment
Labels: component:tests

#179 - pyproject, ci: use recursive extras

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: component:cicd

#178 - ✨ Enable Scorecard badge

Pull Request - State: closed - Opened by azeemshaikh38 almost 2 years ago - 6 comments
Labels: qa

#177 - Mark tests as "online"

Issue - State: closed - Opened by woodruffw almost 2 years ago
Labels: component:tests

#176 - Bump to 0.6.3

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: chore

#175 - More verification API tests

Pull Request - State: closed - Opened by woodruffw almost 2 years ago
Labels: component:tests

#174 - _verify: Create a new `X509Store` for each `verify` call

Pull Request - State: closed - Opened by tetsuo-cpp almost 2 years ago - 3 comments

#173 - Verifying multiple files causes `certificate is not yet valid` from OpenSSL

Issue - State: closed - Opened by tetsuo-cpp almost 2 years ago
Labels: bug, component:verification

#172 - build(deps): bump urllib3 from 1.26.10 to 1.26.11 in /install

Pull Request - State: closed - Opened by dependabot[bot] almost 2 years ago - 1 comment
Labels: dependencies

#171 - Tweak linting target

Pull Request - State: closed - Opened by woodruffw almost 2 years ago - 1 comment
Labels: qa

#170 - oidc, _cli: Add more detailed error messages when ambient credential detection fails in GitHub Actions

Pull Request - State: closed - Opened by tetsuo-cpp almost 2 years ago - 1 comment

#169 - Makefile: Make `lint` exit non-zero with unstaged changes

Pull Request - State: closed - Opened by tetsuo-cpp almost 2 years ago - 1 comment

#168 - CI: Reformatting from Black does not break `lint` workflow

Issue - State: closed - Opened by tetsuo-cpp almost 2 years ago - 2 comments
Labels: bug

#167 - fulcio: Fix lint

Pull Request - State: closed - Opened by tetsuo-cpp almost 2 years ago

#166 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago
Labels: bug, component:cicd, component:tests

#165 - [CI] Integration failure: staging instance

Issue - State: closed - Opened by github-actions[bot] almost 2 years ago - 1 comment

#164 - workflows/staging-tests: open an issue on failure

Pull Request - State: closed - Opened by woodruffw almost 2 years ago - 6 comments

GitHub / sigstore/sigstore-python issues and pull requests