Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / trailofbits/pypi-attestations issues and pull requests

#74 - Prepare version 0.0.18

Pull Request - State: closed - Opened by DarkaMaul 5 days ago - 1 comment

#73 - Bump pydantic to 2.10.0 and remove Base64 workaround

Pull Request - State: closed - Opened by facutuesca 11 days ago - 1 comment

#72 - Mix fixes and prep release for `0.0.17`

Pull Request - State: closed - Opened by facutuesca 12 days ago

#71 - Fix `GitLabPublisher` workflow path check

Pull Request - State: closed - Opened by facutuesca 12 days ago

#70 - Add `claims` to `Attestation`

Pull Request - State: closed - Opened by DarkaMaul 17 days ago

#69 - workflows: zizmor fixes

Pull Request - State: closed - Opened by woodruffw 19 days ago
Labels: component:CI/CD :robot:

#68 - fix handling of zip sdists

Pull Request - State: closed - Opened by woodruffw 25 days ago

#68 - fix handling of zip sdists

Pull Request - State: closed - Opened by woodruffw 25 days ago

#67 - build(deps): bump actions/setup-python from 5.2.0 to 5.3.0 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#67 - build(deps): bump actions/setup-python from 5.2.0 to 5.3.0 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#66 - build(deps): bump actions/checkout from 4.2.1 to 4.2.2 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#66 - build(deps): bump actions/checkout from 4.2.1 to 4.2.2 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies, github_actions

#65 - CHANGELOG: record changes

Pull Request - State: closed - Opened by woodruffw about 1 month ago

#65 - CHANGELOG: record changes

Pull Request - State: closed - Opened by woodruffw about 1 month ago

#64 - Make minimum Python version 3.9 again

Pull Request - State: closed - Opened by facutuesca about 1 month ago - 1 comment

#64 - Make minimum Python version 3.9 again

Pull Request - State: closed - Opened by facutuesca about 1 month ago - 1 comment

#63 - API improvements

Issue - State: open - Opened by woodruffw about 2 months ago

#63 - API improvements

Issue - State: open - Opened by woodruffw about 2 months ago

#62 - remove Verifier param from verify() API

Pull Request - State: closed - Opened by woodruffw about 2 months ago

#62 - remove Verifier param from verify() API

Pull Request - State: closed - Opened by woodruffw about 2 months ago

#61 - build(deps): bump actions/upload-artifact from 4.4.2 to 4.4.3 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#61 - build(deps): bump actions/upload-artifact from 4.4.2 to 4.4.3 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#60 - build(deps): bump actions/upload-artifact from 4.4.1 to 4.4.2 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#60 - build(deps): bump actions/upload-artifact from 4.4.1 to 4.4.2 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#59 - build(deps): bump the actions group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#59 - build(deps): bump the actions group with 2 updates

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies, github_actions

#58 - _cli: make it clear that subjects are identities

Pull Request - State: closed - Opened by woodruffw about 2 months ago

#58 - _cli: make it clear that subjects are identities

Pull Request - State: closed - Opened by woodruffw about 2 months ago

#57 - _cli: exit with an error code when verification fails

Pull Request - State: closed - Opened by woodruffw about 2 months ago
Labels: bug :bug:

#56 - README: reorganize, add callouts

Pull Request - State: closed - Opened by woodruffw about 2 months ago
Labels: component:documentation :book:

#56 - README: reorganize, add callouts

Pull Request - State: closed - Opened by woodruffw about 2 months ago
Labels: component:documentation :book:

#55 - Difficulties with `pypi_attestations verify`

Issue - State: open - Opened by AA-Turner about 2 months ago - 6 comments

#55 - Difficulties with `pypi_attestations verify`

Issue - State: open - Opened by AA-Turner about 2 months ago - 6 comments

#54 - release: split jobs, refactor

Pull Request - State: closed - Opened by woodruffw about 2 months ago
Labels: component:CI/CD :robot:

#54 - release: split jobs, refactor

Pull Request - State: closed - Opened by woodruffw about 2 months ago
Labels: component:CI/CD :robot:

#53 - release: enable attestations

Pull Request - State: closed - Opened by woodruffw about 2 months ago
Labels: component:CI/CD :robot:

#53 - release: enable attestations

Pull Request - State: closed - Opened by woodruffw about 2 months ago
Labels: component:CI/CD :robot:

#52 - CLI: add a `convert` subcommand?

Issue - State: open - Opened by woodruffw 2 months ago

#52 - CLI: add a `convert` subcommand?

Issue - State: open - Opened by woodruffw 2 months ago

#51 - build(deps): bump actions/checkout from 4.1.7 to 4.2.0 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies, github_actions

#50 - misc cleanup

Pull Request - State: closed - Opened by woodruffw 2 months ago

#49 - pypi-attestations: prep 0.0.12

Pull Request - State: closed - Opened by woodruffw 2 months ago

#48 - Fix base64 encode/decode bug due to Pydantic issue

Pull Request - State: closed - Opened by facutuesca 2 months ago

#47 - build(deps): bump actions/setup-python from 5.1.1 to 5.2.0 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#47 - build(deps): bump actions/setup-python from 5.1.1 to 5.2.0 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#46 - build(deps): bump actions/attest from 1.4.0 to 1.4.1 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#46 - build(deps): bump actions/attest from 1.4.0 to 1.4.1 in the actions group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, github_actions

#45 - build(deps): update sigstore requirement from ~=3.1.0 to >=3.1,<3.3 in the python group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, python

#45 - build(deps): update sigstore requirement from ~=3.1.0 to >=3.1,<3.3 in the python group

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies, python

#44 - Consider switching `Publisher` to be a `RootModel`

Issue - State: open - Opened by woodruffw 4 months ago

#44 - Consider switching `Publisher` to be a `RootModel`

Issue - State: open - Opened by woodruffw 4 months ago

#43 - Run mypy on tests

Pull Request - State: closed - Opened by woodruffw 4 months ago - 2 comments

#42 - Update CHANGELOG for version 0.0.10

Pull Request - State: closed - Opened by DarkaMaul 4 months ago - 1 comment

#42 - Update CHANGELOG for version 0.0.10

Pull Request - State: closed - Opened by DarkaMaul 4 months ago - 1 comment

#40 - workflows: hash-pin all workflows

Pull Request - State: closed - Opened by woodruffw 4 months ago
Labels: component:CI/CD :robot:

#40 - workflows: hash-pin all workflows

Pull Request - State: closed - Opened by woodruffw 4 months ago
Labels: component:CI/CD :robot:

#39 - bump sigstore ~= 3.1

Pull Request - State: closed - Opened by woodruffw 4 months ago

#38 - Make `Publisher` a discriminated union

Pull Request - State: closed - Opened by woodruffw 4 months ago - 1 comment

#37 - Upgrade minimum Python version

Pull Request - State: closed - Opened by DarkaMaul 4 months ago

#36 - Add the PEP 740 related objects

Pull Request - State: closed - Opened by DarkaMaul 4 months ago

#36 - Add the PEP 740 related objects

Pull Request - State: closed - Opened by DarkaMaul 4 months ago

#35 - prep 0.0.9

Pull Request - State: closed - Opened by woodruffw 5 months ago - 1 comment

#34 - src, test: remove I/O from sign/verify APIs

Pull Request - State: closed - Opened by woodruffw 5 months ago

#33 - API: Don't do I/O in sign/verify APIs

Issue - State: closed - Opened by woodruffw 5 months ago - 3 comments

#32 - _impl: catch another _ultranormalize_dist_filename error case

Pull Request - State: closed - Opened by woodruffw 5 months ago

#32 - _impl: catch another _ultranormalize_dist_filename error case

Pull Request - State: closed - Opened by woodruffw 5 months ago

#31 - re-export AttestationType

Pull Request - State: closed - Opened by woodruffw 5 months ago

#30 - prep 0.0.7

Pull Request - State: closed - Opened by woodruffw 5 months ago

#29 - Add `AttestationType`, check during verify

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: enhancement :sparkles:

#29 - Add `AttestationType`, check during verify

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: enhancement :sparkles:

#28 - Prevent third party exceptions to leak from `Attestation.sign`.

Pull Request - State: closed - Opened by DarkaMaul 5 months ago

#28 - Prevent third party exceptions to leak from `Attestation.sign`.

Pull Request - State: closed - Opened by DarkaMaul 5 months ago

#27 - CHANGELOG: add missing entries

Pull Request - State: closed - Opened by woodruffw 5 months ago - 4 comments
Labels: component:documentation :book:

#27 - CHANGELOG: add missing entries

Pull Request - State: closed - Opened by woodruffw 5 months ago - 4 comments
Labels: component:documentation :book:

#26 - CHANGELOG, README: more renames

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: component:documentation :book:

#26 - CHANGELOG, README: more renames

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: component:documentation :book:

#25 - Rename to pypi-attestations

Pull Request - State: closed - Opened by DarkaMaul 5 months ago - 1 comment

#24 - Move free functions to Attestation

Pull Request - State: closed - Opened by DarkaMaul 5 months ago

#24 - Move free functions to Attestation

Pull Request - State: closed - Opened by DarkaMaul 5 months ago

#23 - API: `Attestation.sign` should not leak 3p exceptions

Issue - State: closed - Opened by woodruffw 5 months ago
Labels: enhancement :sparkles:

#22 - CLI tool (init)

Pull Request - State: closed - Opened by DarkaMaul 5 months ago - 1 comment

#22 - CLI tool (init)

Pull Request - State: closed - Opened by DarkaMaul 5 months ago - 1 comment

#21 - Small CLI driver

Issue - State: closed - Opened by woodruffw 5 months ago - 2 comments
Labels: enhancement :sparkles:

#20 - verify: return statement bits

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: component:tests :test_tube:, enhancement :sparkles:

#20 - verify: return statement bits

Pull Request - State: closed - Opened by woodruffw 5 months ago
Labels: component:tests :test_tube:, enhancement :sparkles:

#19 - release: switch to attestation

Pull Request - State: closed - Opened by woodruffw 6 months ago

#19 - release: switch to attestation

Pull Request - State: closed - Opened by woodruffw 6 months ago

#18 - Switch to in-toto statements

Pull Request - State: closed - Opened by woodruffw 6 months ago - 1 comment

#18 - Switch to in-toto statements

Pull Request - State: closed - Opened by woodruffw 6 months ago - 1 comment

#17 - Release 0.0.2

Pull Request - State: closed - Opened by facutuesca 7 months ago

#17 - Release 0.0.2

Pull Request - State: closed - Opened by facutuesca 7 months ago

#16 - Release 0.0.1

Pull Request - State: closed - Opened by facutuesca 7 months ago

#16 - Release 0.0.1

Pull Request - State: closed - Opened by facutuesca 7 months ago

#15 - impl: stream into sha256

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: enhancement :sparkles:

#15 - impl: stream into sha256

Pull Request - State: closed - Opened by woodruffw 7 months ago
Labels: enhancement :sparkles:

#14 - Refactor: turn helpers into instance methods

Issue - State: closed - Opened by woodruffw 7 months ago

#14 - Refactor: turn helpers into instance methods

Issue - State: closed - Opened by woodruffw 7 months ago