vcswatch reports that
this package seems to have new commits in its VCS but has
not yet updated debian/changelog. You should consider updating
the Debian changelog and uploading this new version into the archive.
Here are the relevant commit logs:
commit 12c477f0682960a45fb647f934aedd5d524ad119
Merge: 78a162f 0600d4e
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Mon Oct 26 09:11:13 2020 -0400
Merge pull request #404 from in-toto/dependabot/pip/cryptography-3.2
Bump cryptography from 3.1.1 to 3.2
commit 0600d4ec3535dada60a519c680da23b7a8f89b93
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Oct 26 07:25:06 2020 +0000
Bump cryptography from 3.1.1 to 3.2
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.1.1 to 3.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.1.1...3.2)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit 78a162f96b6f5f2eceaac2943e52336fd9e1b65b
Merge: 2dce10c f1f02f4
Author: Santiago Torres <santiago@nyu.edu>
Date: Fri Oct 23 13:19:16 2020 -0400
Merge pull request #402 from lukpueh/rm-util
Remove util module and use securesystemslib key interfaces instead
commit 2dce10c859d8827f98993417ab5a12ba97ee522e
Merge: c775e3b d7d5034
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Wed Oct 21 23:24:08 2020 -0400
Merge pull request #400 from in-toto/dependabot/pip/colorama-0.4.4
Bump colorama from 0.4.3 to 0.4.4
commit f1f02f404514808368e607de9f03fc112d2d4a6e
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Oct 19 17:07:20 2020 +0200
TEMPORARY: Pull in non-released sslib dependency (WIP)
TODO: Unpin before merging!
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 28f1cf83154b89c59ccb6626a37b5a34538dda39
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Oct 19 16:57:16 2020 +0200
Remove now obsolete util module and tests
in-toto library and cli code no longer requires functionality
provided by 'in-toto.util', which mostly consisted of
facades/wrappers to 'securesystemslib', but calls directly into
'securesystemslib'.
**The following alternatives exist**:
-------------------------------------------------------------------
in_toto.util.generate_and_write_rsa_keypair &
in_toto.util.prompt_generate_and_write_rsa_keypair
-> securesystemslib.interface.generate_and_write_rsa_keypair
in_toto.util.prompt_generate_and_write_ed25519_keypair &
in_toto.util.generate_and_write_ed25519_keypair
-> securesystemslib.interface.generate_and_write_ed25519_keypair
in_toto.util.prompt_import_rsa_key_from_file &
in_toto.util.import_rsa_key_from_file,
-> securesystemslib.interface.import_rsa_privatekey_from_file &
securesystemslib.interface.import_rsa_publickey_from_file
in_toto.util.prompt_import_ed25519_privatekey_from_file
-> securesystemslib.interface.import_ed25519_privatekey_from_file
in_toto.util.import_gpg_public_keys_from_keyring_as_dict
-> securesystemslib.gpg.functions.export_pubkeys
in_toto.util.import_public_keys_from_files_as_dict
-> securesystemslib.interface.import_publickeys_from_file
in_toto.util.import_private_key_from_file
-> securesystemslib.interface.import_private_key_from_file
in_toto.util.prompt_password
-> securesystemslib.interface.get_password
-------------------------------------------------------------------
Application programmers are advised to also use these (see recent
docs addition).
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit a4368c9776d618a7bca92de7e939e967df26ca19
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Oct 19 17:06:42 2020 +0200
Add key utilities documentation
Add sphinx-docs for key generation and import functions provided by
the in-house crypto interface securesystemslib.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit e4bebc5408d78d55480c8469dc2c45cd2f8ed17b
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Wed Oct 21 12:27:55 2020 +0200
Use sslib interface directly w/o 'in_toto.util'
Use recently updated key interface (see
secure-systems-lib/securesystemslib#288) directly instead of
facade/wrapper functions in 'in_toto.util'.
Also moves the 'SUPPORTED_KEY_TYPES' to in_toto.__init__, which
seems a good place for global in_toto constants, and assigns key
type constants imported from sslib to it.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit de1b2f23a8ef76b876ed9ec8de5ddee1a3b843e2
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Oct 19 16:53:27 2020 +0200
Add -P/--password (and prompt) cli argument
- Add common CLI argument for 'in-toto-run' and 'in-toto-record' to
optionally pass a password ('-P <password>') or open a prompt
('-P') for a password to decrypt a signing key passed with '--key'.
- Add '--prompt' CLI argument for 'in-toto-sign' to optionally open
a prompt for a password to decrypt signing keys passed with
'--key'.
Note: Since 'in-toto-sign' allows passing multiple keys at once, we
only support the prompt option and not a '--password' option like
above, also in order to keep the mostly internally used tool
simple.
Prior to this commit, the CLI tools always tried to first load the
key as if it were unencrypted and, on error, opened a password
prompt, assuming (but not knowing!) that the error was due to the
key being encrypted, which is not ideal (see #80, and "explicit is
better").
This commit makes the password handling more explicit and was
motivated by a recent change of the securesystemslib key interface
that gives us better control over the key decryption password.
(secure-systems-lab/securesystemslib#288)
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 51e626f4532414b772bbcc30059b0850cea512a9
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Tue Oct 20 16:26:34 2020 +0200
Add simple GenKeysMixin to generate test keys
Mix in with subclasses of unittest.TestCase and call set_up_keys in
setUpClass method, ideally to be used together with TmpDirMixin.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 28a3ed53431b3e8b9050ba88506035c38e12f258
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Oct 19 15:28:11 2020 +0200
Remove obsolete prompt test patching
Remove 'with' statements that patch the password prompt return
value in test cases that would not prompt for a password anyways.
These were added in #209, but neither commit message nor the PR
page indicate why.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 4e227e25d3e48a201eed762ecf9bdbd2ab6780e2
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Oct 19 14:37:02 2020 +0200
Remove unrelated tests from test_in_toto_keygen.py
Remove tests for 'in_toto.util' functions from unrelated
keygen cli test module.
Similar more extensive tests already exist in the 'test_util.py',
where they belong. Moreover, both the 'util' module and its tests
will be removed/replaced in subsequent PRs.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit d7d50341ff2a6cf6e17e1a3507f98869308f0cd7
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Oct 19 07:19:34 2020 +0000
Bump colorama from 0.4.3 to 0.4.4
Bumps [colorama](https://github.com/tartley/colorama) from 0.4.3 to 0.4.4.
- [Release notes](https://github.com/tartley/colorama/releases)
- [Changelog](https://github.com/tartley/colorama/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/tartley/colorama/compare/0.4.3...0.4.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit c775e3b260a50ec5fb673a9b725e2d2eacedfb6b
Merge: 51d33e5 0b55aba
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Mon Sep 28 12:45:49 2020 +0200
Merge pull request #398 from in-toto/dependabot/pip/cryptography-3.1.1
Bump cryptography from 3.1 to 3.1.1
commit 0b55abaa5fce6a4b6e8d5f5641d0f3494773c207
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Sep 28 07:14:38 2020 +0000
Bump cryptography from 3.1 to 3.1.1
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.1 to 3.1.1.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.1...3.1.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit 51d33e5702c5e60127e0d63ff912babbeaa32057
Merge: d371514 db1588c
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Mon Sep 21 09:40:28 2020 -0400
Merge pull request #397 from in-toto/dependabot/pip/cffi-1.14.3
Bump cffi from 1.14.2 to 1.14.3
commit db1588c083627a821f183f38f11c456beb3c4d59
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Sep 21 07:14:12 2020 +0000
Bump cffi from 1.14.2 to 1.14.3
Bumps [cffi](https://github.com/python-cffi/release-doc) from 1.14.2 to 1.14.3.
- [Release notes](https://github.com/python-cffi/release-doc/releases)
- [Commits](https://github.com/python-cffi/release-doc/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit d37151451ac34e0ab187e26f21971a3d88abcff6
Merge: 42150fc 399bf26
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Fri Sep 18 09:10:38 2020 -0400
Merge pull request #396 from didier-durand/roadmap_typos
roadmap.md: fixing a couple of typos
commit 42150fce8b3b06e5da3994611798fec4e26b4b2c
Merge: b1f8ce4 b345811
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Fri Sep 18 09:03:15 2020 -0400
Merge pull request #395 from didier-durand/layout-creation.md_FIX
fix dangling link : layout-creation.md
commit 399bf262c519cd6bfb2e873246b4d040e9fe9362
Author: didier <durand.didier@gmail.com>
Date: Fri Sep 18 14:48:35 2020 +0200
roadmap.md: fixing a couple of typos
Signed-off-by: didier <durand.didier@gmail.com>
commit b345811221c18174485a6891a838501f933abaf6
Author: didier <durand.didier@gmail.com>
Date: Fri Sep 18 14:23:57 2020 +0200
fix dangling link : layout-creation.md
Signed-off-by: didier <durand.didier@gmail.com>
commit b1f8ce4f3e4a4aae08009debc520b8a968717cd9
Merge: 45bbab8 b664e1c
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Wed Sep 16 09:17:07 2020 -0400
Merge pull request #394 from in-toto/dependabot/pip/iso8601-0.1.13
Bump iso8601 from 0.1.12 to 0.1.13
commit b664e1c2a5698677507e6df644609e871d7ec477
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Sep 14 07:20:59 2020 +0000
Bump iso8601 from 0.1.12 to 0.1.13
Bumps [iso8601](https://github.com/micktwomey/pyiso8601) from 0.1.12 to 0.1.13.
- [Release notes](https://github.com/micktwomey/pyiso8601/releases)
- [Commits](https://github.com/micktwomey/pyiso8601/compare/0.1.12...0.1.13)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit 45bbab858f356a986fd44a916b99d329283f6804
Merge: b468054 216e4cd
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Mon Sep 7 09:40:28 2020 +0200
Merge pull request #390 from in-toto/dependabot/pip/attrs-20.2.0
Bump attrs from 20.1.0 to 20.2.0
commit 216e4cd4e77d73e327c1f7b581d457aec3bbe41a
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Sep 7 07:10:42 2020 +0000
Bump attrs from 20.1.0 to 20.2.0
Bumps [attrs](https://github.com/python-attrs/attrs) from 20.1.0 to 20.2.0.
- [Release notes](https://github.com/python-attrs/attrs/releases)
- [Changelog](https://github.com/python-attrs/attrs/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/python-attrs/attrs/compare/20.1.0...20.2.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit b46805455af76a194230ab3935b7b6f21801242b
Merge: 74da7aa a513664
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Fri Sep 4 04:31:20 2020 -0400
Merge pull request #373 from itsbenwu/patch-1
Create exclude-patterns documentation
commit 74da7aabce663a5539ad3e1e17b2c871eeaa227a
Merge: 625438a 7acd80a
Author: Santiago Torres <santiago@nyu.edu>
Date: Thu Sep 3 12:04:59 2020 -0400
Merge pull request #382 from lukpueh/debian
Prepare Debian 0.5.0-1 release
commit 625438ac8fa75fac7444c5a4bbaf306bd72284d9
Merge: 188e2ba 1012d49
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Thu Sep 3 17:38:57 2020 +0200
Merge pull request #367 from kristelfung/in-toto-run-timeout
Add max timeout setting
commit 188e2ba5546a34410feeb350189106c487d6a130
Merge: 299cd1d 810657f
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Tue Sep 1 15:08:44 2020 -0400
Merge pull request #389 from in-toto/dependabot/pip/cryptography-3.1
Bump cryptography from 3.0 to 3.1
commit 299cd1d0a8de5c03680e92ca7b5805ac9e4da185
Merge: 55acb5d bab8006
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Tue Sep 1 15:08:24 2020 -0400
Merge pull request #386 from in-toto/dependabot/pip/attrs-20.1.0
Bump attrs from 19.3.0 to 20.1.0
commit bab80061210e1a707fefaf81a74e7e14f22ecd1b
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Aug 24 07:05:38 2020 +0000
Bump attrs from 19.3.0 to 20.1.0
Bumps [attrs](https://github.com/python-attrs/attrs) from 19.3.0 to 20.1.0.
- [Release notes](https://github.com/python-attrs/attrs/releases)
- [Changelog](https://github.com/python-attrs/attrs/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/python-attrs/attrs/compare/19.3.0...20.1.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit 1012d499f55365e0ffa1ff3acc23d47191c30e1c
Author: Kristel Fung <kristelfung@gmail.com>
Date: Tue Sep 1 22:10:28 2020 +0800
add unit tests to test_user_settings for timeout
Signed-off-by: Kristel Fung <kristelfung@gmail.com>
commit 810657f2adf63dca2d52e20055b878f949c9737f
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Aug 31 07:09:44 2020 +0000
Bump cryptography from 3.0 to 3.1
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.0 to 3.1.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.0...3.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit a51366432a22a2bb1112b10dd07797232c23757d
Author: Aditya Sirish <aditya@saky.in>
Date: Wed Aug 12 16:02:28 2020 -0400
Minor fixes:
- Remove duplicate file
- Fix link in index.rst
- Reorganize some points
- Add some clarifying examples
Signed-off-by: Aditya Sirish <aditya@saky.in>
commit 23c5b260abc9cc31778c71fbff42aaf19b72b8d7
Author: Benjamin Wu <benjaminwu1337@gmail.com>
Date: Wed Jul 22 10:25:08 2020 -0400
Update exclude-patterns.md
Signed-off-by: Benjamin Wu <benjaminwu1337@gmail.com>
commit 844e9345b3c3bb6df5f83345b6e10c2a0e233724
Author: Benjamin Wu <benjaminwu1337@gmail.com>
Date: Wed Jul 22 09:56:44 2020 -0400
Added exclude-pattern to index.rst
Signed-off-by: Benjamin Wu <benjaminwu1337@gmail.com>
commit 5ca57a3c0a3c573c73e248da7a04eb5956df32d2
Author: Benjamin Wu <benjaminwu1337@gmail.com>
Date: Mon Jul 6 13:12:59 2020 -0400
Create exclude-patterns.md
Documentation for the --exclude command-line argument for in-toto run.
Signed-off-by: Benjamin Wu <benjaminwu1337@gmail.com>
commit 55acb5d376dca9aebba1ffb5e7e5357283b40ff6
Merge: 2f81db5 90eb2ff
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Thu Aug 27 10:40:58 2020 -0400
Merge pull request #387 from lukpueh/adopt-pylint-update
Adopt pylint 2.6.0 update
commit aeb6d49bba8251eea77a6ad0f8cddb1159b8761d
Author: Kristel Fung <kristelfung@gmail.com>
Date: Thu Aug 27 21:07:55 2020 +0800
add prefix bash style environment
Signed-off-by: Kristel Fung <kristelfung@gmail.com>
commit 9755e20540d561acc6adef5ef559f41cb33dbb28
Author: Kristel Fung <kristelfung@gmail.com>
Date: Mon Aug 24 21:22:17 2020 +0800
cast timeout to float instead of int
Signed-off-by: Kristel Fung <kristelfung@gmail.com>
commit 90eb2ff7c20da006239515348257c71e19b70b83
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Aug 24 13:59:15 2020 +0200
Address pylint raise-missing-from warning
Versions 2.6.0 and later of pylint adhere to PEP 3134
and trigger a 'raise-missing-from' warning (W0707) when
chained exceptions are raised implicitly.
The 'from' keyword is a Python3.x feature, that is why
six.raise_from is used for Python2.x compatibility.
Kudos to @sechkova and @jku for showing how to do this
(theupdateframework/tuf#1116).
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit f9eb590f84ebe8f194441af17b0daaf02fbe9418
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Aug 24 13:56:41 2020 +0200
Add super-with-arguments pylint exemption
Allow Python 2 style calls of super() with arguments, by disabling
the corresponding pylint check, added in pylint 2.6.0.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 3958a60f6615ed5976d7638cf58b07a65ba1d27b
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Aug 24 13:10:06 2020 +0200
Remove obsolete bad-continuation pylint exemption
bad-continuation was removed in 2.6.0, with the suggestion to use
black instead.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 191f0a17712a8c8f70cbc43484248f4fd62182e1
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Aug 24 13:07:38 2020 +0200
Remove obsolete bad-whitespace pylint exemption
bad-whitespace was removed in 2.6.0, with the suggestion to use
black instead.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 2f81db5f85ede2b5d16e769d325f7804cad02b2b
Merge: d32a714 69d16dd
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Thu Aug 20 14:50:38 2020 +0200
Merge pull request #385 from lukpueh/fix-metadata-docs
Fix copy paste mistake in Metadata.load docstring
commit 585e987a99b7e8129ec00505c57b0af21b4a479c
Author: Kristel Fung <kristelfung@gmail.com>
Date: Wed Aug 19 21:34:52 2020 +0800
Document new setting, ensure setting is cast to int in execute_link
Signed-off-by: Kristel Fung <kristelfung@gmail.com>
commit 69d16dd5b5835d2867c62d690743b57648790465
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Wed Aug 19 09:11:31 2020 +0200
Fix copy paste mistake in Metadata.load docstring
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit c9906c9cebada0e45c0d17b059f8f0652b55bb76
Author: Kristel Fung <kristelfung@gmail.com>
Date: Wed Aug 19 00:02:22 2020 +0800
timeout 0.1 for unit tests
Signed-off-by: Kristel Fung <kristelfung@gmail.com>
commit d32a7145763ce59d818a90a2bf78eeb80b3460d8
Merge: 50d08a7 8be6460
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Tue Aug 18 16:12:53 2020 +0200
Merge pull request #384 from in-toto/dependabot/pip/securesystemslib-cryptopynacl--0.16.0
Bump securesystemslib[crypto,pynacl] from 0.15.0 to 0.16.0
commit 50d08a774fa5f4cd72f7fe1fb6ff1323a8e376bf
Merge: 73dcfc4 290a7f0
Author: Aditya Sirish <8928778+adityasaky@users.noreply.github.com>
Date: Tue Aug 18 08:46:26 2020 -0400
Merge pull request #381 from SantiagoTorres/roadmap-2021
Add roadmap 2021
commit 73dcfc4a3e8ae739873377883c3a5a6cb3e15099
Merge: 7a98eb3 d96a460
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Mon Aug 17 11:39:42 2020 +0200
Merge pull request #383 from in-toto/dependabot/pip/cffi-1.14.2
Bump cffi from 1.14.0 to 1.14.2
commit 7a98eb33663ec6e5aa1a72a1a57f1fbff81a8ca1
Merge: 68cc466 e9a5e6f
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Mon Aug 17 11:39:17 2020 +0200
Merge pull request #377 from in-toto/dependabot/pip/cryptography-3.0
Bump cryptography from 2.9.2 to 3.0
commit 8be64604d757b9347852fd00b0afa368befbc478
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Aug 17 09:18:04 2020 +0000
Bump securesystemslib[crypto,pynacl] from 0.15.0 to 0.16.0
Bumps [securesystemslib[crypto,pynacl]](https://github.com/secure-systems-lab/securesystemslib) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases)
- [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/master/CHANGELOG.md)
- [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v0.15.0...v0.16.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit d96a460b9d4f7ba6b821c255729ab8c7f3681935
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Aug 17 09:17:18 2020 +0000
Bump cffi from 1.14.0 to 1.14.2
Bumps [cffi](https://github.com/python-cffi/release-doc) from 1.14.0 to 1.14.2.
- [Release notes](https://github.com/python-cffi/release-doc/releases)
- [Commits](https://github.com/python-cffi/release-doc/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit 7acd80a86ff8a77c80673e8cbe3f1f8e1c79436a
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Thu Aug 13 15:32:23 2020 +0200
Prepare Debian 0.5.0-1 release
- Replace never released 0.4.1-1 changelog entry, including note-
worthy upstream changes since 0.4.0
- Update securesystemslib dependency to >= 0.16.0
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 290a7f0eb8050b454f7d434fd9e9f8de086808ba
Author: Aditya Sirish <aditya@saky.in>
Date: Tue Aug 11 12:50:44 2020 -0400
Pre merge nits
- Update time period for roadmap to match org roadmap
- Update review periods
- Add note regarding previous roadmaps, link to roadmap 2020
- Fix CII typo - we are targeting the gold badge
Signed-off-by: Aditya Sirish <aditya@saky.in>
commit 172e97937d0fe189c3551c6b0c338d2acd05a9f0
Author: Santiago Torres <santiago@archlinux.org>
Date: Mon Jul 13 12:42:40 2020 -0400
ENH: add roadmap 20201
Signed-off-by: Santiago Torres <santiago@archlinux.org>
commit 68cc466ac7ad2143bcaf6ebe344b68f8dd48e7dd
Merge: a621c3b 3489e4b
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Wed Aug 5 15:33:48 2020 +0200
Merge pull request #379 from shibumi/shibumi/fix-duplicate-imports
Fix issue 378: duplicate imports
commit 3489e4b7e9f8b1303d2ee54ec173e0fbec478f0f
Author: Christian Rebischke <chris@shibumi.dev>
Date: Tue Jul 28 17:38:49 2020 +0200
Fix issue 378: duplicate imports
We had a few unnecessary duplicate imports.
This commit removes the additional "from-import" lines,
and just uses the full path for the import.
Signed-off-by: Christian Rebischke <chris@shibumi.dev>
commit 33ab4a11f09f9d2e9385abe6077f3d2a940602b0
Author: Kristel Fung <kristelfung@gmail.com>
Date: Wed Jul 29 23:21:49 2020 +0800
Fix tests
Signed-off-by: Kristel Fung <kristelfung@gmail.com>
commit f2e969f8a0e805c150e2f579d5a467a0c32c2668
Author: Kristel Fung <kristelfung@gmail.com>
Date: Wed Jul 22 22:12:01 2020 +0800
Write unit test for timeout
Signed-off-by: Kristel Fung <kristelfung@gmail.com>
commit 16d82cb35c25fafe0488f477c3b3a5e5b19539ba
Author: Kristel Fung <kristelfung@gmail.com>
Date: Fri Jun 12 01:14:32 2020 +0800
Add setting for max timeout for in-toto-run
Signed-off-by: Kristel Fung <kristelfung@gmail.com>
commit e9a5e6fb076fa80a1c001f6598025bef63c59aa6
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Jul 27 09:15:28 2020 +0000
Bump cryptography from 2.9.2 to 3.0
Bumps [cryptography](https://github.com/pyca/cryptography) from 2.9.2 to 3.0.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/2.9.2...3.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
![[bug history graph]](https://qa.debian.org/data/bts/graphs/i/in-toto.png){kind=link}