Comparing changes
Open a pull request
- 15 commits
- 7 files changed
- 6 contributors
Commits on Nov 11, 2024
-
Tag Docker images with Git SHA
PR #230 updated the action to pull Docker images from GHCR instead of building Docker images each time the workflow runs. As part of this PR, a new GitHub Actions workflow was added that builds Docker images and pushes them to GitHub Container Registry (GHCR). Actions can be referenced in various ways. The Docker build workflow covers most of the action references, but does not push Docker images tagged with the Git commit ID (Git SHA). This commit will add Docker tags for referencing the action with a Git SHA. GitHub Actions only supports references by the full 40 character SHA. If users try to reference the action by a short SHA like `1234567`, they will get an error like, "Unable to resolve action `pypa/gh-action-pypi-publish@1234567`, the provided ref `1234567` is the shortened version of a commit SHA, which is not supported. Please use the full commit SHA `1234567890123456789012345678901234567890` instead." #230 #290 https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/using-pre-written-building-blocks-in-your-workflow#using-shas
Commits on Nov 15, 2024
Commits on Nov 22, 2024
-
oidc-exchange: add workflow_ref to debug msg
Signed-off-by: William Woodruff <william@trailofbits.com>
Commits on Nov 24, 2024
Commits on Dec 1, 2024
-
requirements: bump twine to ~= 6.0
Signed-off-by: William Woodruff <william@trailofbits.com>
Commits on Dec 4, 2024
-
Merge pull request #309 from trail-of-forks/ww/bumptwine
requirements: bump twine to ~= 6.0
Commits on Dec 6, 2024
-
🧪 Allow CI to register multiple distributions
This is necessary to allow the smoke test check uploading multiple packages.
-
-
📌📦 Pin
pkginfoto v1.12 @ runtime depsSigned-off-by: William Woodruff <william@trailofbits.com>
-
Merge pull request #313 from webknjaz/maintenance/metadata-2.4
This patch adds support for uploading dists with metadata v2.4 through bumping the transitive dependency `pkgutil` to v1.12 to enable support for validating metadata v2.4 in Twine. It also integrates a Maturin-based package into the smoke test in CI as a regression check. Closes #312 Resolves #311 Resolves #310
Commits on Dec 7, 2024
-
💅📦 Split transitive dep constraints
This is a structural change allowing for better placement of direct dependencies and limiting the transitive ones.
-
📌📦 Include jeepney & secretstorage pins
It appears these have been missed when updating `cryptography`. This is probably dependabot's fault.
-
-
Commits on Dec 9, 2024
-
📦 Only keep lower bounds @ input requirements
This concerns both direct (`twine`) and indirect (`pkginfo`) deps, provided there's no broken versions to exclude.
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff 15c56dba361d8335944d31a2ecd17d700fc7bcbc...67339c736fd9354cd4f8cb0b744f2b82a74b5c70