From bf3a0700afc76f3d08c03a038a32f18fe925f732 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jul 2024 22:09:36 +0000 Subject: [PATCH] build(deps): bump the minimum-runtime-dependencies group across 2 directories with 5 updates Updates the requirements on [securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]](https://github.com/secure-systems-lab/securesystemslib), [tuf](https://github.com/theupdateframework/python-tuf), [ruff](https://github.com/astral-sh/ruff), [mypy](https://github.com/python/mypy) and [securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore]](https://github.com/secure-systems-lab/securesystemslib) to permit the latest version. Updates `securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]` to 1.1.0 - [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases) - [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md) - [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v0.31.0...v1.1.0) Updates `tuf` to 5.0.0 - [Release notes](https://github.com/theupdateframework/python-tuf/releases) - [Changelog](https://github.com/theupdateframework/python-tuf/blob/develop/docs/CHANGELOG.md) - [Commits](https://github.com/theupdateframework/python-tuf/compare/v3.1.0...v5.0.0) Updates `ruff` from 0.5.4 to 0.5.5 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/0.5.4...0.5.5) Updates `tuf` to 5.0.0 - [Release notes](https://github.com/theupdateframework/python-tuf/releases) - [Changelog](https://github.com/theupdateframework/python-tuf/blob/develop/docs/CHANGELOG.md) - [Commits](https://github.com/theupdateframework/python-tuf/compare/v3.1.0...v5.0.0) Updates `mypy` from 1.10.0 to 1.11.0 - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](https://github.com/python/mypy/compare/v1.10.0...v1.11) Updates `ruff` from 0.4.4 to 0.5.5 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/0.5.4...0.5.5) Updates `securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore]` to 1.1.0 - [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases) - [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/main/CHANGELOG.md) - [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v0.31.0...v1.1.0) --- updated-dependencies: - dependency-name: securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore] dependency-type: direct:production dependency-group: minimum-runtime-dependencies - dependency-name: tuf dependency-type: direct:production dependency-group: minimum-runtime-dependencies - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minimum-runtime-dependencies - dependency-name: tuf dependency-type: direct:production dependency-group: minimum-runtime-dependencies - dependency-name: mypy dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minimum-runtime-dependencies - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minimum-runtime-dependencies - dependency-name: securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore] dependency-type: direct:production dependency-group: minimum-runtime-dependencies ... Signed-off-by: dependabot[bot] --- repo/pyproject.toml | 6 +++--- signer/pyproject.toml | 8 ++++---- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/repo/pyproject.toml b/repo/pyproject.toml index e0e375a9..69114fe6 100644 --- a/repo/pyproject.toml +++ b/repo/pyproject.toml @@ -11,8 +11,8 @@ name = "tuf-on-ci" description = "TUF-on-CI repository tools, intended to be executed on a CI system" readme = "README.md" dependencies = [ - "securesystemslib[awskms, azurekms, gcpkms, sigstore, pynacl] ~= 0.31.0", - "tuf ~= 3.1", + "securesystemslib[awskms, azurekms, gcpkms, sigstore, pynacl] ~= 1.1.0", + "tuf ~= 5.0", "click ~= 8.1", ] requires-python = ">=3.10" @@ -29,7 +29,7 @@ tuf-on-ci-update-targets = "tuf_on_ci:update_targets" [project.optional-dependencies] lint = [ "mypy == 1.11.0", - "ruff == 0.5.4", + "ruff == 0.5.5", ] [tool.hatch.version] diff --git a/signer/pyproject.toml b/signer/pyproject.toml index 3aaa153b..d6277f96 100644 --- a/signer/pyproject.toml +++ b/signer/pyproject.toml @@ -9,8 +9,8 @@ readme = "README.md" dependencies = [ "packaging >= 23.2,< 25.0", "platformdirs ~= 4.2", - "securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore] ~= 0.31.0", - "tuf ~= 3.1", + "securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore] >= 0.31,< 1.2", + "tuf >= 3.1,< 6.0", "click ~= 8.1", ] requires-python = ">=3.10" @@ -23,8 +23,8 @@ tuf-on-ci-sign = "tuf_on_ci_sign:sign" [project.optional-dependencies] lint = [ - "mypy == 1.10.0", - "ruff == 0.4.4", + "mypy == 1.11.0", + "ruff == 0.5.5", ] [tool.hatch.version]