Skip to content

v2.0.0rc3

Pre-release
Pre-release
Compare
Choose a tag to compare
@woodruffw woodruffw released this 12 Sep 03:11
· 330 commits to main since this release
v2.0.0rc3
87681a9
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

What's Changed

  • build(deps-dev): update ruff requirement from <0.0.279 to <0.0.281 by @dependabot in #714
  • build(deps): bump certifi from 2022.12.7 to 2023.7.22 in /install by @dependabot in #716
  • Add VerificationMaterials.to_bundle() by @sethmlarson in #719
  • conformance: bump runner by @jleightcap in #720
  • build(deps-dev): update ruff requirement from <0.0.281 to <0.0.282 by @dependabot in #722
  • doc: README document the (now default) .sigstore bundles by @jleightcap in #721
  • build(deps-dev): update ruff requirement from <0.0.282 to <0.0.283 by @dependabot in #725
  • build(deps): bump slsa-framework/slsa-github-generator from 1.7.0 to 1.8.0 by @dependabot in #727
  • models: require checkpoint in embedded inclusion proof by @woodruffw in #723
  • build(deps-dev): update ruff requirement from <0.0.283 to <0.0.284 by @dependabot in #728
  • build(deps): bump actions/deploy-pages from 2.0.3 to 2.0.4 by @dependabot in #731
  • build(deps): bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.9 by @dependabot in #730
  • build(deps): bump pypa/gh-action-pypi-publish from 1.8.9 to 1.8.10 by @dependabot in #732
  • build(deps-dev): update ruff requirement from <0.0.284 to <0.0.286 by @dependabot in #733
  • Add SECURITY.md file by @david-a-wheeler in #735
  • build(deps): bump slsa-framework/slsa-github-generator from 1.8.0 to 1.9.0 by @dependabot in #736
  • build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in #737
  • Try separate config for /install directory by @di in #742
  • Revert "Try separate config for /install directory (#742)" by @di in #743
  • Pass --upgrade to pip-compile in pin-requirements.yml by @di in #744
  • Drop support for Python 3.7 by @di in #745
  • Update securityscorecards.dev URL by @di in #746
  • Update pin-requirements.yml to use latest tag as default by @di in #748
  • Update pin-requirements.yml by @di in #749
  • CHANGELOG: record #745 by @woodruffw in #747
  • Update pin-requirements.yml by @di in #750
  • build(deps-dev): update ruff requirement from <0.0.286 to <0.0.287 by @dependabot in #740
  • Update pin-requirements.yml by @di in #751
  • Update pin-requirements.yml by @di in #752
  • pin-requirements: explicitly fetch tags by @woodruffw in #753
  • Update comments by @woodruffw in #717
  • Update pinned requirements for v1.1.2 by @github-actions in #755
  • Pydantic fixes by @jku in #757
  • build(deps-dev): update ruff requirement from <0.0.287 to <0.0.288 by @dependabot in #758
  • build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in #760
  • Allow -v/--verbose anywhere in command line by @jku in #759
  • build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #762
  • Remove security policy by @haydentherapper in #764
  • sign: Make SigningResult._to_bundle() public by @jku in #765
  • pyproject: bump id by @woodruffw in #767
  • build(deps-dev): update ruff requirement from <0.0.288 to <0.0.289 by @dependabot in #769
  • sigstore: 2.0.0rc3 by @woodruffw in #768

New Contributors

Full Changelog: v2.0.0rc2...v2.0.0rc3

Contributors

jku, di, and 6 other contributors
Assets 11
Loading