Avatar for the aio-libs user
aio-libs
janus
BlogDocsChangelog

Performance History

Latest Results

Bump sigstore/gh-action-sigstore-python from 3.2.0 to 3.3.0 (#842) Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 3.2.0 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/releases">sigstore/gh-action-sigstore-python's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Dependency updates. Most importantly used sigstore-python is now version 4.2.0</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md">sigstore/gh-action-sigstore-python's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to <code>gh-action-sigstore-python</code> will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>.</p> <p>All versions prior to 3.0.0 are untracked.</p> <h2>[Unreleased]</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/04cffa1d795717b140764e8b640de88853c92acc"><code>04cffa1</code></a> build(deps): bump requests from 2.32.5 to 2.33.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/342">#342</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/69171e8b4fc7e133c709d115b6e2bb3c8e1fbdf8"><code>69171e8</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/340">#340</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/40198d7762a275864eefc3a852954bf4fd99d30c"><code>40198d7</code></a> build(deps): bump github/codeql-action in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/338">#338</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/ca55bb0ddfa7bac5ff4982347d6463da59bd246f"><code>ca55bb0</code></a> build(deps): bump the python-dependencies group with 2 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/339">#339</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/27361433717379476d1f91e6c136f301fcb925cf"><code>2736143</code></a> build(deps): bump the actions group with 3 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/335">#335</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/9afbb8895e98a49c15b231412e53ac9c78737444"><code>9afbb88</code></a> build(deps): bump pyasn1 from 0.6.2 to 0.6.3 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/337">#337</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/eb907b0de40f85c17550859a1cbfec3ec30ce068"><code>eb907b0</code></a> build(deps): bump pyopenssl from 25.3.0 to 26.0.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/334">#334</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/84eaebf1a7f9d6d1be29f95f8ea205c74e5b27ea"><code>84eaebf</code></a> build(deps): bump astral-sh/setup-uv in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/331">#331</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57c12bea9d19b9f1c95c6099757b8b2c9e6c0640"><code>57c12be</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/332">#332</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57918d7825e46199e6b1a6917188570b86723bb6"><code>57918d7</code></a> build(deps): bump pyjwt from 2.11.0 to 2.12.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/333">#333</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/gh-action-sigstore-python&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
14 hours ago
Bump sigstore/gh-action-sigstore-python from 3.2.0 to 3.3.0 (#842) Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 3.2.0 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/releases">sigstore/gh-action-sigstore-python's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Dependency updates. Most importantly used sigstore-python is now version 4.2.0</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md">sigstore/gh-action-sigstore-python's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to <code>gh-action-sigstore-python</code> will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>.</p> <p>All versions prior to 3.0.0 are untracked.</p> <h2>[Unreleased]</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/04cffa1d795717b140764e8b640de88853c92acc"><code>04cffa1</code></a> build(deps): bump requests from 2.32.5 to 2.33.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/342">#342</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/69171e8b4fc7e133c709d115b6e2bb3c8e1fbdf8"><code>69171e8</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/340">#340</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/40198d7762a275864eefc3a852954bf4fd99d30c"><code>40198d7</code></a> build(deps): bump github/codeql-action in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/338">#338</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/ca55bb0ddfa7bac5ff4982347d6463da59bd246f"><code>ca55bb0</code></a> build(deps): bump the python-dependencies group with 2 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/339">#339</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/27361433717379476d1f91e6c136f301fcb925cf"><code>2736143</code></a> build(deps): bump the actions group with 3 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/335">#335</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/9afbb8895e98a49c15b231412e53ac9c78737444"><code>9afbb88</code></a> build(deps): bump pyasn1 from 0.6.2 to 0.6.3 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/337">#337</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/eb907b0de40f85c17550859a1cbfec3ec30ce068"><code>eb907b0</code></a> build(deps): bump pyopenssl from 25.3.0 to 26.0.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/334">#334</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/84eaebf1a7f9d6d1be29f95f8ea205c74e5b27ea"><code>84eaebf</code></a> build(deps): bump astral-sh/setup-uv in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/331">#331</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57c12bea9d19b9f1c95c6099757b8b2c9e6c0640"><code>57c12be</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/332">#332</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57918d7825e46199e6b1a6917188570b86723bb6"><code>57918d7</code></a> build(deps): bump pyjwt from 2.11.0 to 2.12.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/333">#333</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/gh-action-sigstore-python&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
2 days ago
Bump sigstore/gh-action-sigstore-python from 3.2.0 to 3.3.0 (#842) Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 3.2.0 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/releases">sigstore/gh-action-sigstore-python's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Dependency updates. Most importantly used sigstore-python is now version 4.2.0</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md">sigstore/gh-action-sigstore-python's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to <code>gh-action-sigstore-python</code> will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>.</p> <p>All versions prior to 3.0.0 are untracked.</p> <h2>[Unreleased]</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/04cffa1d795717b140764e8b640de88853c92acc"><code>04cffa1</code></a> build(deps): bump requests from 2.32.5 to 2.33.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/342">#342</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/69171e8b4fc7e133c709d115b6e2bb3c8e1fbdf8"><code>69171e8</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/340">#340</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/40198d7762a275864eefc3a852954bf4fd99d30c"><code>40198d7</code></a> build(deps): bump github/codeql-action in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/338">#338</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/ca55bb0ddfa7bac5ff4982347d6463da59bd246f"><code>ca55bb0</code></a> build(deps): bump the python-dependencies group with 2 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/339">#339</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/27361433717379476d1f91e6c136f301fcb925cf"><code>2736143</code></a> build(deps): bump the actions group with 3 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/335">#335</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/9afbb8895e98a49c15b231412e53ac9c78737444"><code>9afbb88</code></a> build(deps): bump pyasn1 from 0.6.2 to 0.6.3 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/337">#337</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/eb907b0de40f85c17550859a1cbfec3ec30ce068"><code>eb907b0</code></a> build(deps): bump pyopenssl from 25.3.0 to 26.0.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/334">#334</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/84eaebf1a7f9d6d1be29f95f8ea205c74e5b27ea"><code>84eaebf</code></a> build(deps): bump astral-sh/setup-uv in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/331">#331</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57c12bea9d19b9f1c95c6099757b8b2c9e6c0640"><code>57c12be</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/332">#332</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57918d7825e46199e6b1a6917188570b86723bb6"><code>57918d7</code></a> build(deps): bump pyjwt from 2.11.0 to 2.12.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/333">#333</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/gh-action-sigstore-python&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
3 days ago
Bump sigstore/gh-action-sigstore-python from 3.2.0 to 3.3.0 (#842) Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 3.2.0 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/releases">sigstore/gh-action-sigstore-python's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Dependency updates. Most importantly used sigstore-python is now version 4.2.0</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md">sigstore/gh-action-sigstore-python's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to <code>gh-action-sigstore-python</code> will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>.</p> <p>All versions prior to 3.0.0 are untracked.</p> <h2>[Unreleased]</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/04cffa1d795717b140764e8b640de88853c92acc"><code>04cffa1</code></a> build(deps): bump requests from 2.32.5 to 2.33.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/342">#342</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/69171e8b4fc7e133c709d115b6e2bb3c8e1fbdf8"><code>69171e8</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/340">#340</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/40198d7762a275864eefc3a852954bf4fd99d30c"><code>40198d7</code></a> build(deps): bump github/codeql-action in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/338">#338</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/ca55bb0ddfa7bac5ff4982347d6463da59bd246f"><code>ca55bb0</code></a> build(deps): bump the python-dependencies group with 2 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/339">#339</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/27361433717379476d1f91e6c136f301fcb925cf"><code>2736143</code></a> build(deps): bump the actions group with 3 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/335">#335</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/9afbb8895e98a49c15b231412e53ac9c78737444"><code>9afbb88</code></a> build(deps): bump pyasn1 from 0.6.2 to 0.6.3 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/337">#337</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/eb907b0de40f85c17550859a1cbfec3ec30ce068"><code>eb907b0</code></a> build(deps): bump pyopenssl from 25.3.0 to 26.0.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/334">#334</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/84eaebf1a7f9d6d1be29f95f8ea205c74e5b27ea"><code>84eaebf</code></a> build(deps): bump astral-sh/setup-uv in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/331">#331</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57c12bea9d19b9f1c95c6099757b8b2c9e6c0640"><code>57c12be</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/332">#332</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57918d7825e46199e6b1a6917188570b86723bb6"><code>57918d7</code></a> build(deps): bump pyjwt from 2.11.0 to 2.12.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/333">#333</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/gh-action-sigstore-python&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
4 days ago
Bump sigstore/gh-action-sigstore-python from 3.2.0 to 3.3.0 (#842) Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 3.2.0 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/releases">sigstore/gh-action-sigstore-python's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Dependency updates. Most importantly used sigstore-python is now version 4.2.0</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md">sigstore/gh-action-sigstore-python's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to <code>gh-action-sigstore-python</code> will be documented in this file.</p> <p>The format is based on <a href="https://keepachangelog.com/en/1.0.0/">Keep a Changelog</a>.</p> <p>All versions prior to 3.0.0 are untracked.</p> <h2>[Unreleased]</h2> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/04cffa1d795717b140764e8b640de88853c92acc"><code>04cffa1</code></a> build(deps): bump requests from 2.32.5 to 2.33.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/342">#342</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/69171e8b4fc7e133c709d115b6e2bb3c8e1fbdf8"><code>69171e8</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/340">#340</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/40198d7762a275864eefc3a852954bf4fd99d30c"><code>40198d7</code></a> build(deps): bump github/codeql-action in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/338">#338</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/ca55bb0ddfa7bac5ff4982347d6463da59bd246f"><code>ca55bb0</code></a> build(deps): bump the python-dependencies group with 2 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/339">#339</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/27361433717379476d1f91e6c136f301fcb925cf"><code>2736143</code></a> build(deps): bump the actions group with 3 updates (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/335">#335</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/9afbb8895e98a49c15b231412e53ac9c78737444"><code>9afbb88</code></a> build(deps): bump pyasn1 from 0.6.2 to 0.6.3 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/337">#337</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/eb907b0de40f85c17550859a1cbfec3ec30ce068"><code>eb907b0</code></a> build(deps): bump pyopenssl from 25.3.0 to 26.0.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/334">#334</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/84eaebf1a7f9d6d1be29f95f8ea205c74e5b27ea"><code>84eaebf</code></a> build(deps): bump astral-sh/setup-uv in the actions group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/331">#331</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57c12bea9d19b9f1c95c6099757b8b2c9e6c0640"><code>57c12be</code></a> build(deps): bump charset-normalizer in the python-dependencies group (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/332">#332</a>)</li> <li><a href="https://github.com/sigstore/gh-action-sigstore-python/commit/57918d7825e46199e6b1a6917188570b86723bb6"><code>57918d7</code></a> build(deps): bump pyjwt from 2.11.0 to 2.12.0 in /requirements (<a href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/333">#333</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/gh-action-sigstore-python&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
5 days ago
Bump sigstore/gh-action-sigstore-python from 3.2.0 to 3.3.0 Bumps [sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/sigstore/gh-action-sigstore-python/releases) - [Changelog](https://github.com/sigstore/gh-action-sigstore-python/blob/main/CHANGELOG.md) - [Commits](https://github.com/sigstore/gh-action-sigstore-python/compare/v3.2.0...v3.3.0) --- updated-dependencies: - dependency-name: sigstore/gh-action-sigstore-python dependency-version: 3.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot/github_actions/sigstore/gh-action-sigstore-python-3.3.0
5 days ago
Bump dependabot/fetch-metadata from 2.5.0 to 3.0.0 Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.5.0 to 3.0.0. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2.5.0...v3.0.0) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot/github_actions/dependabot/fetch-metadata-3.0.0
5 days ago
Bump pytest-cov from 7.0.0 to 7.1.0 (#840) Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 7.0.0 to 7.1.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst">pytest-cov's changelog</a>.</em></p> <blockquote> <h2>7.1.0 (2026-03-21)</h2> <ul> <li> <p>Fixed total coverage computation to always be consistent, regardless of reporting settings. Previously some reports could produce different total counts, and consequently can make --cov-fail-under behave different depending on reporting options. See <code>[#641](https://github.com/pytest-dev/pytest-cov/issues/641) &lt;https://github.com/pytest-dev/pytest-cov/issues/641&gt;</code>_.</p> </li> <li> <p>Improve handling of ResourceWarning from sqlite3.</p> <p>The plugin adds warning filter for sqlite3 <code>ResourceWarning</code> unclosed database (since 6.2.0). It checks if there is already existing plugin for this message by comparing filter regular expression. When filter is specified on command line the message is escaped and does not match an expected message. A check for an escaped regular expression is added to handle this case.</p> <p>With this fix one can suppress <code>ResourceWarning</code> from sqlite3 from command line::</p> <p>pytest -W &quot;ignore:unclosed database in &lt;sqlite3.Connection object at:ResourceWarning&quot; ...</p> </li> <li> <p>Various improvements to documentation. Contributed by Art Pelling in <code>[#718](https://github.com/pytest-dev/pytest-cov/issues/718) &lt;https://github.com/pytest-dev/pytest-cov/pull/718&gt;</code>_ and &quot;vivodi&quot; in <code>[#738](https://github.com/pytest-dev/pytest-cov/issues/738) &lt;https://github.com/pytest-dev/pytest-cov/pull/738&gt;</code><em>. Also closed <code>[#736](https://github.com/pytest-dev/pytest-cov/issues/736) &lt;https://github.com/pytest-dev/pytest-cov/issues/736&gt;</code></em>.</p> </li> <li> <p>Fixed some assertions in tests. Contributed by in Markéta Machová in <code>[#722](https://github.com/pytest-dev/pytest-cov/issues/722) &lt;https://github.com/pytest-dev/pytest-cov/pull/722&gt;</code>_.</p> </li> <li> <p>Removed unnecessary coverage configuration copying (meant as a backup because reporting commands had configuration side-effects before coverage 5.0).</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/66c8a526b1246b5eb8fb1bc218878131bc628622"><code>66c8a52</code></a> Bump version: 7.0.0 → 7.1.0</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/f7076624784332594aa4cb3585d4757d295db15e"><code>f707662</code></a> Make the examples use pypy 3.11.</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/6049a7847872e3139e6c82e93787123df5dc8672"><code>6049a78</code></a> Make context test use the old ctracer (seems the new sysmon tracer behaves di...</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/8ebf20bbbc73478b3f8fd36d30237d9ea083f06b"><code>8ebf20b</code></a> Update changelog.</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/861d30e60d571f97259c6b718b71c819d5dbc3b9"><code>861d30e</code></a> Remove the backup context manager - shouldn't be needed since coverage 5.0, ...</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/fd4c956014035527f0c3c8d7faef3f8cfdadac7f"><code>fd4c956</code></a> Pass the precision on the nulled total (seems that there's some caching goion...</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/78c9c4ecb005faf4962fd86ff7bf9c9cce9554d6"><code>78c9c4e</code></a> Only run the 3.9 on older deps.</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/4849a922e8be725c662a3d9175da571ace6545dc"><code>4849a92</code></a> Punctuation.</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/197c35e2f37031fd1927715307ab6eed7cb3d2b7"><code>197c35e</code></a> Update changelog and hopefully I don't forget to publish release again :))</li> <li><a href="https://github.com/pytest-dev/pytest-cov/commit/14dc1c92d44108384e39803888635fdbfc578b7f"><code>14dc1c9</code></a> Update examples to use 3.11 and make the adhoc layout example look a bit more...</li> <li>Additional commits viewable in <a href="https://github.com/pytest-dev/pytest-cov/compare/v7.0.0...v7.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pytest-cov&package-manager=pip&previous-version=7.0.0&new-version=7.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
master
6 days ago

Latest Branches

CodSpeed Performance Gauge
+1%
Bump sigstore/gh-action-sigstore-python from 3.2.0 to 3.3.0#842
5 days ago
bb363d4
dependabot/github_actions/sigstore/gh-action-sigstore-python-3.3.0
CodSpeed Performance Gauge
+1%
Bump dependabot/fetch-metadata from 2.5.0 to 3.0.0#841
5 days ago
8743ad3
dependabot/github_actions/dependabot/fetch-metadata-3.0.0
CodSpeed Performance Gauge
-3%
Bump pytest-cov from 7.0.0 to 7.1.0#840
9 days ago
e4e83ee
dependabot/pip/pytest-cov-7.1.0
© 2026 CodSpeed Technology
Home Terms Privacy Docs