Debian Package Tracker

general

source: in-toto (main)
version: 0.5.0-1
maintainer: in-toto developers (DMD)
uploaders: Justin Cappos [DMD] – Lukas Puehringer [DMD] – Santiago Torres-Arias [DMD] – Holger Levsen [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

testing: 0.5.0-1
unstable: 0.5.0-1

versioned links

0.5.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

in-toto

action needed

A new upstream version is available: 1.0.0 high

A new upstream version 1.0.0 is available, you should consider packaging it.

Created: 2020-11-25 Last update: 2021-01-22 01:40

15 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 6171110b7e6aa2ba7aed7e47bb3244851f8d128a
Merge: 6337ce7 21b6649
Author: lukpueh <lukas.puehringer@nyu.edu>
Date:   Mon Dec 21 16:01:43 2020 +0100

    Merge pull request #420 from lukpueh/minor-rtd-updates
    
    Minor RTD visual enhancements

commit 21b6649f50d648efc1908e13b8d0c9bc1c578036
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Fri Dec 18 10:24:47 2020 +0100

    Add FIXME comments about napoleon sphinx extension
    
    We currently use a fork of the stand-alone Napoleon sphinx
    extension that fixes in-toto/in-toto#401.
    
    However, we should instead use the more up-to-date Napoleon
    extension built into sphinx, and maybe try to upstream our patch
    there.
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit 64e4c95091cc0f7c0dde908948da1f49a5041616
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Thu Dec 17 17:57:46 2020 +0100

    Add colored in-toto icon as RTD favicon
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit cf3f0800806ade571edf8bb57f22d363087a9ee7
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Thu Dec 17 17:49:48 2020 +0100

    Add white horiztonal in-toto logo for RTD
    
    Horizontal looks nicer than stacked and white looks nicer than
    red/blue for the currently used RTD theme.
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit f94d3bec98af91355c94d9e21c2e13c7b6b30292
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Thu Dec 17 17:23:06 2020 +0100

    Use napoleon fork to support "Side Effects"
    
    Use napoleon fork hosted in the project umbrella github
    organization "secure-systems-lab", to display our custom "Side
    Effects" docstring section (kudos to @SolidifiedRay for patching
    napoleon).
    
    Also ssee https://github.com/in-toto/in-toto/issues/401 for
    discussed alternatives and attempts to upstream this or a more
    flexible solution.
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit 6337ce766a77166f58d769e3c7096819c900f3b2
Merge: a6e867b f238f8b
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date:   Fri Dec 11 09:38:43 2020 -0500

    Merge pull request #419 from lukpueh/update-py-versions-and-deps
    
    Drop Python 3.5, add Python 3.9 and update requirements

commit f238f8bd9e8d24ad73100d8e2acfb21a3cd0710d
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Fri Dec 11 12:57:32 2020 +0100

    Update pinned dependencies for testing
    
    requirements-pinned.txt lists all immediate and transitive
    dependencies combined for all supported Python versions.
    
    Given both the recent change in Python version support (-3.5, +3.9)
    and an update of requirements.txt (sslib>=0.18.0), this commit
    semi-automatically updates the pinned dependencies according to the
    instructions in requirements.txt's doc header:
    
    Updated dependencies are:
    - Remove dropped transitive dependency colorama
    - Bump cryptography to 3.3.1
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit fd2ae537872747485807e6fed6fad142a988011a
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Fri Dec 11 12:54:04 2020 +0100

    Fix securesystemslib minimal version requirement
    
    With #402 in-toto adopted a backwards-incompatible change in
    securesystemslib. Since then, in-toto requires
    securesystemslib>=0.18.0. This reflects that requirement in
    setup.py and requirements.txt.
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit 9bd8d049b1d3cec4e77c8e6ecc98e3315985c490
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Fri Dec 11 12:26:43 2020 +0100

    Update multi-env requirements generation docs
    
    Adopt docs for updating requirements-pinned.txt from based on
    their revision in tuf and sslib:
    - theupdateframework/tuf#982
    - secure-systems-lab/securesystemslib#209
    
    The update includes a transfer of the doc header + script/commands
    from requirements-pinned.txt to requirements.txt, and a thus
    resulting simplification of the commands.
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit 98729023e6157501ca595f112ba1e96ecd324401
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Fri Dec 11 12:24:48 2020 +0100

    Adopt Python version changes in test config
    
    - Disable dropped Python 3.5 builds from tox, Travis and Appveyor
    - Enable 3.9 builds for tox and Travis
      Note, 3.9 doesn't seem to work on Appveyor out of the box,
      instead of troubleshooting, we should just switch to GitHub
      Actions soon (see #407).
    - Add 3.8 to Appveyor
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit d0749d7605c7ede68c5e44cd2ffef8b3f68a5946
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Fri Dec 11 12:17:06 2020 +0100

    Drop Py3.5 support + add 3.9 classifier in setup.py
    
    Python 3.5 has now reached its end-of-life and has been retired.
    https://www.python.org/dev/peps/pep-0478/
    
    The optional (but highly recommended) 'cryptography' dependency
    has also just dropped support for 3.5. Continuing support for 3.5
    does not seem worth the effort.
    
    Instead we signal support for the new stable Python 3.9 via the
    corresponding classifier.
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit a6e867b84fdbdbd02fe9197f824de87a288b8304
Merge: bedde9b a807778
Author: lukpueh <lukas.puehringer@nyu.edu>
Date:   Mon Dec 7 14:34:08 2020 +0100

    Merge pull request #416 from lukpueh/constrain-bandit-install
    
    Add >=Py3.5 constraint for bandit test dependency

commit a807778b1ccffc6ab9a7b578ac2fe0617f232a74
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date:   Mon Dec 7 14:21:05 2020 +0100

    Add >=Py3.5 constraint for bandit test dependency
    
    Bandit just dropped support for Python <3.5. This commit adds
    a corresponding constraint to requirements-test.txt.
    
    Note, we run bandit in a dedicated 'lint' tox environment, which
    uses Python3.8 on Travis.
    
    Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>

commit bedde9b1bb19bba2e26fe60200f048f401124050
Merge: 5ede520 2031e9b
Author: lukpueh <lukas.puehringer@nyu.edu>
Date:   Mon Nov 30 12:03:08 2020 +0100

    Merge pull request #415 from in-toto/dependabot/pip/cffi-1.14.4
    
    Bump cffi from 1.14.3 to 1.14.4

commit 2031e9b18bab27354a4ea1d041ee12362990a29e
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date:   Mon Nov 30 07:00:26 2020 +0000

    Bump cffi from 1.14.3 to 1.14.4
    
    Bumps [cffi](https://github.com/python-cffi/release-doc) from 1.14.3 to 1.14.4.
    - [Release notes](https://github.com/python-cffi/release-doc/releases)
    - [Commits](https://github.com/python-cffi/release-doc/commits)
    
    Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Created: 2020-11-30 Last update: 2021-01-21 16:04

lintian reports 6 warnings normal

Lintian reports 6 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-09-21 Last update: 2020-09-21 06:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-11-17 05:41

news

[rss feed]

[2021-01-22] Accepted in-toto 1.0.0-2 (source) into unstable (Holger Levsen)
[2020-09-08] in-toto 0.5.0-1 MIGRATED to testing (Debian testing watch)
[2020-09-02] Accepted in-toto 0.5.0-1 (source) into unstable (Lukas Puehringer) (signed by: Holger Levsen)
[2019-10-24] in-toto 0.4.0-2 MIGRATED to testing (Debian testing watch)
[2019-10-18] Accepted in-toto 0.4.0-2 (source) into unstable (Lukas Puehringer) (signed by: Holger Levsen)
[2019-10-13] Accepted in-toto 0.4.0-1 (source all) into unstable, unstable (Lukas Puehringer) (signed by: Holger Levsen)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 6)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.5.0-1