-
-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose PEP 740 attestations functionality #236
Commits on May 16, 2024
-
requirements: Add initial support for uploading PEP 740 attestations
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for b526ff8 - Browse repository at this point
Copy the full SHA b526ff8View commit details -
Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for f267787 - Browse repository at this point
Copy the full SHA f267787View commit details
Commits on Jun 11, 2024
-
bump pypi_attestation_models, update usage
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 1571a0d - Browse repository at this point
Copy the full SHA 1571a0dView commit details -
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 27500cf - Browse repository at this point
Copy the full SHA 27500cfView commit details -
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for e9c72dd - Browse repository at this point
Copy the full SHA e9c72ddView commit details -
Configuration menu - View commit details
-
Copy full SHA for 3166978 - Browse repository at this point
Copy the full SHA 3166978View commit details -
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for e7bd6ea - Browse repository at this point
Copy the full SHA e7bd6eaView commit details
Commits on Jun 18, 2024
-
runtime: constrain pypi-attestation-models with a range
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 5aa7e41 - Browse repository at this point
Copy the full SHA 5aa7e41View commit details -
Configuration menu - View commit details
-
Copy full SHA for 4bc4ced - Browse repository at this point
Copy the full SHA 4bc4cedView commit details
Commits on Jun 20, 2024
-
runtime: bump range for pypi-attestation-models
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 0e2b9c9 - Browse repository at this point
Copy the full SHA 0e2b9c9View commit details
Commits on Jun 21, 2024
-
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 242d7e9 - Browse repository at this point
Copy the full SHA 242d7e9View commit details
Commits on Jun 24, 2024
-
Update requirements/runtime.in
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
Configuration menu - View commit details
-
Copy full SHA for aa69903 - Browse repository at this point
Copy the full SHA aa69903View commit details -
attestations: pre-validate dists as files
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 6b4d371 - Browse repository at this point
Copy the full SHA 6b4d371View commit details -
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 16aa3a2 - Browse repository at this point
Copy the full SHA 16aa3a2View commit details -
README: PEP 740 -> "digital attestations"
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 6dbccb5 - Browse repository at this point
Copy the full SHA 6dbccb5View commit details -
README: explain that digital attestations require TP
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 16b5dc1 - Browse repository at this point
Copy the full SHA 16b5dc1View commit details -
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 251402e - Browse repository at this point
Copy the full SHA 251402eView commit details -
twine-upload: debug -> notice, rm PEP ref
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 1e91a3b - Browse repository at this point
Copy the full SHA 1e91a3bView commit details -
attestations: debug dists before signing
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 835d65d - Browse repository at this point
Copy the full SHA 835d65dView commit details -
twine-upload: factor out TRUSTED_PUBLISHING
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 95be6b9 - Browse repository at this point
Copy the full SHA 95be6b9View commit details
Commits on Jun 28, 2024
-
pypi_attestation_models -> pypi_attestations
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 176c905 - Browse repository at this point
Copy the full SHA 176c905View commit details
Commits on Jul 9, 2024
-
Merge remote-tracking branch 'upstream/unstable/v1' into ww/attestations
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 9bac976 - Browse repository at this point
Copy the full SHA 9bac976View commit details -
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 6a808bf - Browse repository at this point
Copy the full SHA 6a808bfView commit details
Commits on Jul 10, 2024
-
requirements: bump pypi-attestations
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 1bb6510 - Browse repository at this point
Copy the full SHA 1bb6510View commit details
Commits on Jul 17, 2024
-
bump to pypi-attestations==0.0.9
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 8c640e3 - Browse repository at this point
Copy the full SHA 8c640e3View commit details -
attestations: use __main__ scope
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for e6556ab - Browse repository at this point
Copy the full SHA e6556abView commit details -
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 8094cdf - Browse repository at this point
Copy the full SHA 8094cdfView commit details -
attestations: please the linter
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 57dba07 - Browse repository at this point
Copy the full SHA 57dba07View commit details
Commits on Jul 22, 2024
-
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for af78f7a - Browse repository at this point
Copy the full SHA af78f7aView commit details -
twine-upload: emphasize attestations is a setting
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for bcc935f - Browse repository at this point
Copy the full SHA bcc935fView commit details -
twine-upload: setting -> input
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 66f02b6 - Browse repository at this point
Copy the full SHA 66f02b6View commit details
Commits on Jul 31, 2024
-
requirements: bump pypi-attestations, sigstore
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 28806ba - Browse repository at this point
Copy the full SHA 28806baView commit details
Commits on Aug 20, 2024
-
requirements: bump sigstore, pypi-attestations
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for fed8784 - Browse repository at this point
Copy the full SHA fed8784View commit details
Commits on Aug 21, 2024
-
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
Configuration menu - View commit details
-
Copy full SHA for 61ffce1 - Browse repository at this point
Copy the full SHA 61ffce1View commit details -
Apply suggestions from code review
Co-authored-by: Sviatoslav Sydorenko (Святослав Сидоренко) <wk.cvs.github@sydorenko.org.ua>
Configuration menu - View commit details
-
Copy full SHA for e1b63c3 - Browse repository at this point
Copy the full SHA e1b63c3View commit details -
attestations: use Path.resolve(), break out dist collection
...to make the linters happy. Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 15d9377 - Browse repository at this point
Copy the full SHA 15d9377View commit details -
attestations: use exists() instead of is_file()
Signed-off-by: William Woodruff <william@trailofbits.com>
Configuration menu - View commit details
-
Copy full SHA for 473ca48 - Browse repository at this point
Copy the full SHA 473ca48View commit details