build(deps): bump the minimum-runtime-dependencies group across 2 directories with 5 updates #436
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updates the requirements on securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore], tuf, mypy, ruff and securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore] to permit the latest version.
Updates
securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]
to 1.1.0Release notes
Sourced from securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]'s releases.
Changelog
Sourced from securesystemslib[awskms,azurekms,gcpkms,pynacl,sigstore]'s changelog.
... (truncated)
Commits
c70d7be
Merge pull request #821 from jku/release-v1.1.09d4a99e
Prepare v1.108e64be
Merge pull request #819 from secure-systems-lab/dependabot/pip/dependencies-2...7058f55
Bump the dependencies group across 1 directory with 4 updates5e734e4
Merge pull request #813 from jku/upgrade-sigstorebc6f882
Merge pull request #814 from secure-systems-lab/dependabot/pip/test-and-lint-...f61cf1a
GCPSigner: Add exception for unsupported keys323d572
Merge pull request #816 from secure-systems-lab/dependabot/github_actions/act...3b7b7e6
---603b461
---Updates
tuf
to 5.0.0Release notes
Sourced from tuf's releases.
Changelog
Sourced from tuf's changelog.
... (truncated)
Commits
1b0c9f7
Merge pull request #2630 from lukpueh/release-v5d3d2ac1
Update docs/CHANGELOG.mdbce5039
Rlease v5.0.0c890b7e
Merge pull request #2628 from theupdateframework/dependabot/pip/test-and-lint...6e24f4d
Merge pull request #2629 from theupdateframework/dependabot/github_actions/ac...02464e9
build(deps): bump ossf/scorecard-action in the action-dependencies groupa5ba1a1
build(deps): bump ruff in the test-and-lint-dependencies group87e418c
Merge pull request #2627 from jku/finish-ruff-integration419bfe3
linting: Enable all Ruff rulesets by defaultd855d1c
Merge pull request #2626 from theupdateframework/dependabot/pip/test-and-lint...Updates
mypy
from 1.11.0 to 1.11.2Commits
789f02c
Bump version to 1.11.2917cc75
An alternative fix for a union-like literal string (#17639)7d805b3
Unwrap TypedDict item types before storing (#17640)32675dd
Revert "Fix Literal strings containing pipe characters" (#17638)778542b
Revert "FixRawExpressionType.accept
crash with--cache-fine-grained
" (#1...14ab742
Bump version to 1.11.2+dev570b90a
Bump version to 1.11b3a102e
FixRawExpressionType.accept
crash with--cache-fine-grained
(#17588)aec04c7
Fix PEP 604 isinstance caching (#17563)cb44e4d
Fixtyping.TypeAliasType
being undefined on python < 3.12 (#17558)Updates
ruff
from 0.5.4 to 0.6.4Release notes
Sourced from ruff's releases.
... (truncated)
Changelog
Sourced from ruff's changelog.
... (truncated)
Commits
65cc6ec
Bump version to 0.6.4 (#13253)66fe226
[red-knot] fix lookup of nonlocal names in deferred annotations (#13236)e965f9c
[red-knot] InferUnknown
for the loop var inasync for
loops (#13243)0512428
[red-knot] Emit a diagnostic if the value of a starred expression or a `yield...46a4573
[red-knot] Add type inference for basicfor
loops (#13195)5728909
Make mypy pass on black inknot_benchmark
(#13235)9d1bd7a
[pylint] removed dunder methods in Python 3 (PLW3201) (#13194)e37bde4
[ruff] implement useless if-else (RUF034) (#13218)862bd0c
[red-knot] Add debug assert to check for duplicate definitions (#13214)e1e9143
[red-knot] Handle multiple comprehension targets (#13213)Updates
tuf
to 5.0.0Release notes
Sourced from tuf's releases.
Changelog
Sourced from tuf's changelog.
... (truncated)
Commits
1b0c9f7
Merge pull request #2630 from lukpueh/release-v5d3d2ac1
Update docs/CHANGELOG.mdbce5039
Rlease v5.0.0c890b7e
Merge pull request #2628 from theupdateframework/dependabot/pip/test-and-lint...6e24f4d
Merge pull request #2629 from theupdateframework/dependabot/github_actions/ac...02464e9
build(deps): bump ossf/scorecard-action in the action-dependencies groupa5ba1a1
build(deps): bump ruff in the test-and-lint-dependencies group87e418c
Merge pull request #2627 from jku/finish-ruff-integration419bfe3
linting: Enable all Ruff rulesets by defaultd855d1c
Merge pull request #2626 from theupdateframework/dependabot/pip/test-and-lint...Updates
mypy
from 1.10.0 to 1.11.2Commits
789f02c
Bump version to 1.11.2917cc75
An alternative fix for a union-like literal string (#17639)7d805b3
Unwrap TypedDict item types before storing (#17640)32675dd
Revert "Fix Literal strings containing pipe characters" (#17638)778542b
Revert "FixRawExpressionType.accept
crash with--cache-fine-grained
" (#1...14ab742
Bump version to 1.11.2+dev570b90a
Bump version to 1.11b3a102e
FixRawExpressionType.accept
crash with--cache-fine-grained
(#17588)aec04c7
Fix PEP 604 isinstance caching (#17563)cb44e4d
Fixtyping.TypeAliasType
being undefined on python < 3.12 (#17558)Updates
ruff
from 0.4.4 to 0.6.4Release notes
Sourced from ruff's releases.
... (truncated)
Changelog
Sourced from ruff's changelog.
... (truncated)
Commits
65cc6ec
Bump version to 0.6.4 (#13253)66fe226
[red-knot] fix lookup of nonlocal names in deferred annotations (#13236)e965f9c
[red-knot] InferUnknown
for the loop var inasync for
loops (#13243)0512428
[red-knot] Emit a diagnostic if the value of a starred expression or a `yield...46a4573
[red-knot] Add type inference for basicfor
loops (#13195)5728909
Make mypy pass on black inknot_benchmark
(#13235)9d1bd7a
[pylint] removed dunder methods in Python 3 (PLW3201) (#13194)e37bde4
[ruff] implement useless if-else (RUF034) (#13218)862bd0c
[red-knot] Add debug assert to check for duplicate definitions (#13214)e1e9143
[red-knot] Handle multiple comprehension targets (#13213)Updates
securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore]
to 1.1.0Release notes
Sourced from securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore]'s releases.
Changelog
Sourced from securesystemslib[awskms,azurekms,gcpkms,hsm,sigstore]'s changelog.
... (truncated)
Commits
c70d7be
Merge pull request #821 from jku/release-v1.1.09d4a99e
Prepare v1.108e64be
Merge pull request #819 from secure-systems-lab/dependabot/pip/dependencies-2...7058f55
Bump the dependencies group across 1 directory with 4 updates5e734e4
Merge pull request #813 from jku/upgrade-sigstorebc6f882
Merge pull request #814 from secure-systems-lab/dependabot/pip/test-and-lint-...f61cf1a
GCPSigner: Add exception for unsupported keys323d572
Merge pull request #816 from secure-systems-lab/dependabot/github_actions/act...3b7b7e6
---603b461
---Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions