From 2434766b08451dbf1fcf60e3a11dde7c46ae7494 Mon Sep 17 00:00:00 2001 From: "Eden Ross Duff, MSc, DDiv" Date: Mon, 27 Jan 2025 23:52:45 -0600 Subject: [PATCH 01/10] Update SECURITY.md Signed-off-by: Eden Ross Duff, MSc, DDiv --- .github/SECURITY.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/SECURITY.md b/.github/SECURITY.md index 481f90ed..323ff2aa 100644 --- a/.github/SECURITY.md +++ b/.github/SECURITY.md @@ -12,6 +12,8 @@ currently being supported with security updates. | 1.30.x | ☑️ | 9.15 | | 1.31.x | ☑️ | 9.15 | | 1.32.x | ☑️ | 9.15 | +| 1.33.x | ☑️ | 9.16 | +| 1.34.x | ☑️ | 9.17 | ## Disclosure From 197e8c7abf537cbc2b7df716983534c5dab87a7c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 06:15:16 +0000 Subject: [PATCH 02/10] :arrow_up: Bump OZI-Project/publish from 1.9.0 to 1.9.3 Bumps [OZI-Project/publish](https://github.com/ozi-project/publish) from 1.9.0 to 1.9.3. - [Release notes](https://github.com/ozi-project/publish/releases) - [Commits](https://github.com/ozi-project/publish/compare/2467f6f7d938a0587d8dbc3f1155bab825f35283...c35059a13b64575387092e163fa91c2a9f5019da) --- updated-dependencies: - dependency-name: OZI-Project/publish dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/dist-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dist-workflow.yml b/.github/workflows/dist-workflow.yml index 4df54f59..d82b50fe 100644 --- a/.github/workflows/dist-workflow.yml +++ b/.github/workflows/dist-workflow.yml @@ -268,7 +268,7 @@ jobs: ghcr.io:443 pkg-containers.githubusercontent.com:443 - - uses: OZI-Project/publish@2467f6f7d938a0587d8dbc3f1155bab825f35283 # 1.9.0 + - uses: OZI-Project/publish@c35059a13b64575387092e163fa91c2a9f5019da # 1.9.3 with: github-token: ${{ secrets.GITHUB_TOKEN }} From 55442c70e1228fc7dd4c2119404d8dffef0db42d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 06:15:20 +0000 Subject: [PATCH 03/10] :arrow_up: Bump OZI-Project/checkpoint from 1.5.4 to 1.5.5 Bumps [OZI-Project/checkpoint](https://github.com/ozi-project/checkpoint) from 1.5.4 to 1.5.5. - [Release notes](https://github.com/ozi-project/checkpoint/releases) - [Commits](https://github.com/ozi-project/checkpoint/compare/84a85f725520d5661ed417915ccb0e769973879c...f14cac563125e34d106b3a1e0ddb2773062953e5) --- updated-dependencies: - dependency-name: OZI-Project/checkpoint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/dev-workflow.yml | 8 ++++---- .github/workflows/dist-workflow.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/dev-workflow.yml b/.github/workflows/dev-workflow.yml index 2aea4604..0607b830 100644 --- a/.github/workflows/dev-workflow.yml +++ b/.github/workflows/dev-workflow.yml @@ -40,7 +40,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 oauth2.sigstore.dev:443 - - uses: OZI-Project/checkpoint@84a85f725520d5661ed417915ccb0e769973879c # 1.5.4 + - uses: OZI-Project/checkpoint@f14cac563125e34d106b3a1e0ddb2773062953e5 # 1.5.5 with: python-version: "3.10" parallel: false @@ -73,7 +73,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 oauth2.sigstore.dev:443 - - uses: OZI-Project/checkpoint@84a85f725520d5661ed417915ccb0e769973879c # 1.5.4 + - uses: OZI-Project/checkpoint@f14cac563125e34d106b3a1e0ddb2773062953e5 # 1.5.5 with: python-version: "3.11" @@ -105,7 +105,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 oauth2.sigstore.dev:443 - - uses: OZI-Project/checkpoint@84a85f725520d5661ed417915ccb0e769973879c # 1.5.4 + - uses: OZI-Project/checkpoint@f14cac563125e34d106b3a1e0ddb2773062953e5 # 1.5.5 with: python-version: "3.12" @@ -138,6 +138,6 @@ jobs: index.crates.io:443 static.crates.io:443 - - uses: OZI-Project/checkpoint@84a85f725520d5661ed417915ccb0e769973879c + - uses: OZI-Project/checkpoint@f14cac563125e34d106b3a1e0ddb2773062953e5 with: python-version: "3.13" diff --git a/.github/workflows/dist-workflow.yml b/.github/workflows/dist-workflow.yml index 4df54f59..a0f2a450 100644 --- a/.github/workflows/dist-workflow.yml +++ b/.github/workflows/dist-workflow.yml @@ -41,7 +41,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 oauth2.sigstore.dev:443 - - uses: OZI-Project/checkpoint@84a85f725520d5661ed417915ccb0e769973879c # 1.5.4 + - uses: OZI-Project/checkpoint@f14cac563125e34d106b3a1e0ddb2773062953e5 # 1.5.5 with: python-version: "3.10" parallel: false @@ -73,7 +73,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 oauth2.sigstore.dev:443 - - uses: OZI-Project/checkpoint@84a85f725520d5661ed417915ccb0e769973879c # 1.5.4 + - uses: OZI-Project/checkpoint@f14cac563125e34d106b3a1e0ddb2773062953e5 # 1.5.5 with: python-version: "3.11" parallel: false @@ -105,7 +105,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 oauth2.sigstore.dev:443 - - uses: OZI-Project/checkpoint@84a85f725520d5661ed417915ccb0e769973879c # 1.5.4 + - uses: OZI-Project/checkpoint@f14cac563125e34d106b3a1e0ddb2773062953e5 # 1.5.5 with: python-version: "3.12" parallel: false @@ -136,7 +136,7 @@ jobs: rekor.sigstore.dev:443 tuf-repo-cdn.sigstore.dev:443 - - uses: OZI-Project/checkpoint@84a85f725520d5661ed417915ccb0e769973879c + - uses: OZI-Project/checkpoint@f14cac563125e34d106b3a1e0ddb2773062953e5 with: python-version: "3.13" From 1456370862511f8fe7bb7ffe6f1554f3379d53c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 06:15:24 +0000 Subject: [PATCH 04/10] :arrow_up: Bump OZI-Project/release from 1.3.1 to 1.3.3 Bumps [OZI-Project/release](https://github.com/ozi-project/release) from 1.3.1 to 1.3.3. - [Release notes](https://github.com/ozi-project/release/releases) - [Commits](https://github.com/ozi-project/release/compare/5fead75f13134fe16226c4eba87ae80b52876ab0...ef531325086db519edaf13b95362051f41bb4802) --- updated-dependencies: - dependency-name: OZI-Project/release dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/dist-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dist-workflow.yml b/.github/workflows/dist-workflow.yml index 4df54f59..678367df 100644 --- a/.github/workflows/dist-workflow.yml +++ b/.github/workflows/dist-workflow.yml @@ -221,7 +221,7 @@ jobs: downloads.python.org:443 oauth2.sigstore.dev:443 - - uses: OZI-Project/release@5fead75f13134fe16226c4eba87ae80b52876ab0 # 1.3.1 + - uses: OZI-Project/release@ef531325086db519edaf13b95362051f41bb4802 # 1.3.3 id: release with: tag: ${{ needs.draft.outputs.tag }} From d7aa9e822305fe0b84a8d0b4543172e26165212f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 06:16:22 +0000 Subject: [PATCH 05/10] :arrow_up: Update black requirement in /ozi/lint/black Updates the requirements on [black](https://github.com/psf/black) to permit the latest version. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/24.10.0...25.1.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- ozi/lint/black/requirements.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ozi/lint/black/requirements.in b/ozi/lint/black/requirements.in index e0cea116..dd51f808 100644 --- a/ozi/lint/black/requirements.in +++ b/ozi/lint/black/requirements.in @@ -1 +1 @@ -black~=24.10.0 +black~=25.1.0 From 0001961836469fd02fc00a38e7bb19d896411ba7 Mon Sep 17 00:00:00 2001 From: "Eden Ross Duff, MSc, DDiv" Date: Wed, 29 Jan 2025 01:33:46 -0600 Subject: [PATCH 06/10] :arrow_up: pytest-asyncio~=0.25.3 Signed-off-by: Eden Ross Duff, MSc, DDiv --- ozi/test/pytest/requirements.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ozi/test/pytest/requirements.in b/ozi/test/pytest/requirements.in index cabe2e97..01a7c9bc 100644 --- a/ozi/test/pytest/requirements.in +++ b/ozi/test/pytest/requirements.in @@ -1,8 +1,8 @@ pytest~=8.3 -pytest-asyncio>=0.23.8 +pytest-asyncio~=0.25.3 pytest-cov~=6.0 pytest-randomly~=3.16 pytest-tcpclient~=0.7 pytest-xdist~=3.6 urllib3~=1.26 -hypothesis[cli,codemods,ghostwriter]~=6.124 \ No newline at end of file +hypothesis[cli,codemods,ghostwriter]~=6.124 From 43436dd6bc14ba8ecacb96e17c281f27ef33a447 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 07:35:09 +0000 Subject: [PATCH 07/10] :arrow_up: Update black requirement in /ozi/lint/black Updates the requirements on [black](https://github.com/psf/black) to permit the latest version. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](https://github.com/psf/black/compare/24.10.0...25.1.0) --- updated-dependencies: - dependency-name: black dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- ozi/lint/black/requirements.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ozi/lint/black/requirements.in b/ozi/lint/black/requirements.in index e0cea116..dd51f808 100644 --- a/ozi/lint/black/requirements.in +++ b/ozi/lint/black/requirements.in @@ -1 +1 @@ -black~=24.10.0 +black~=25.1.0 From bcc5ba750f76a6c645f30a0a99973dfeb8aae029 Mon Sep 17 00:00:00 2001 From: rjdbcm Date: Wed, 29 Jan 2025 01:38:39 -0600 Subject: [PATCH 08/10] :rotating_light: run black Signed-off-by: rjdbcm --- ozi/__main__.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ozi/__main__.py b/ozi/__main__.py index 06cb2c78..b521432a 100644 --- a/ozi/__main__.py +++ b/ozi/__main__.py @@ -2,8 +2,7 @@ # Part of the OZI Project, under the Apache License v2.0 with LLVM Exceptions. # See LICENSE.txt for license information. # SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception -"""``ozi`` console application. -""" # pragma: no cover +"""``ozi`` console application.""" # pragma: no cover from __future__ import annotations # pragma: no cover import argparse # pragma: no cover From 62a77a47ae3913872557dce15b9e6b0d9a020fa3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 12:21:48 +0000 Subject: [PATCH 09/10] :arrow_up: Bump ozi-core from 1.13.0 to 1.13.1 Bumps [ozi-core](https://github.com/OZI-Project/ozi-core) from 1.13.0 to 1.13.1. - [Release notes](https://github.com/OZI-Project/ozi-core/releases) - [Changelog](https://github.com/OZI-Project/ozi-core/blob/1.13.1/CHANGELOG.md) - [Commits](https://github.com/OZI-Project/ozi-core/compare/1.13.0...1.13.1) --- updated-dependencies: - dependency-name: ozi-core dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index d6f4f16e..982e93fb 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -55,7 +55,7 @@ tag_regex = "^(?Pv)?(?P[^\\+]+)(?P.*)?$" dynamic = ["version"] dependencies = [ 'pathvalidate~=3.2.1', - 'ozi-core==1.13.0', + 'ozi-core==1.13.1', 'setuptools_scm[toml]', 'tomli>=2.0.0;python_version<"3.11"', ] From a0754177e93676a8fc1df84d5f14161572a5a466 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jan 2025 23:35:47 +0000 Subject: [PATCH 10/10] :arrow_up: Bump OZI-Project/draft from 1.10.0 to 1.10.1 Bumps [OZI-Project/draft](https://github.com/ozi-project/draft) from 1.10.0 to 1.10.1. - [Release notes](https://github.com/ozi-project/draft/releases) - [Commits](https://github.com/ozi-project/draft/compare/44efdab7f2755cdda29697adf8951e25b468a696...d3c4167df5ea92adf74006a4406ae85bbf8926e5) --- updated-dependencies: - dependency-name: OZI-Project/draft dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/dist-workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dist-workflow.yml b/.github/workflows/dist-workflow.yml index 9983312e..130ce68c 100644 --- a/.github/workflows/dist-workflow.yml +++ b/.github/workflows/dist-workflow.yml @@ -176,7 +176,7 @@ jobs: files.pythonhosted.org:443 downloads.python.org:443 - - uses: OZI-Project/draft@44efdab7f2755cdda29697adf8951e25b468a696 + - uses: OZI-Project/draft@d3c4167df5ea92adf74006a4406ae85bbf8926e5 id: draft with: github-token: ${{ secrets.GITHUB_TOKEN }}