orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5190 commits 4 branches 69 tags 37 MiB
Commit graph

32 commits

Author SHA1 Message Date
David Lord
59fd6aa104
use pip-compile instead of pip-compile-multi 2023-11-15 12:44:20 -08:00
David Lord
8037487165
Bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.10 (#5248) 2023-09-05 14:02:38 -07:00
David Lord
e8076d9114
Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.9.0 (#5247) 2023-09-05 14:02:28 -07:00
dependabot[bot]
24c6508d39
Bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.10 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.8 to 1.8.10.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](f8c70e705f...b7f401de30)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-01 16:30:35 +00:00
dependabot[bot]
98cef9fcca
Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.9.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.7.0 to 1.9.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.9.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-01 16:30:31 +00:00
dependabot[bot]
0c97a411b4
Bump actions/checkout from 3.5.3 to 3.6.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](c85c95e3d7...f43a0e5ff2)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-09-01 16:30:27 +00:00
David Lord
b1385919be
Bump pypa/gh-action-pypi-publish from 1.8.7 to 1.8.8 (#5213) 2023-08-01 09:59:06 -07:00
dependabot[bot]
dcc86ebfce
Bump pypa/gh-action-pypi-publish from 1.8.7 to 1.8.8 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.7 to 1.8.8.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](f5622bde02...f8c70e705f)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-01 16:56:22 +00:00
dependabot[bot]
180ff8853c
Bump actions/setup-python from 4.6.1 to 4.7.0 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.1 to 4.7.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](bd6b4b6205...61a6322f88)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-08-01 16:56:18 +00:00
David Lord
cb825687a5
Bump actions/checkout from 3.5.2 to 3.5.3 (#5186) 2023-07-01 09:24:20 -07:00
David Lord
51bf0fdd90
Bump slsa-framework/slsa-github-generator from 1.6.0 to 1.7.0 (#5185) 2023-07-01 09:24:11 -07:00
dependabot[bot]
1ce4d95de9
Bump actions/checkout from 3.5.2 to 3.5.3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8e5e7e5ab8...c85c95e3d7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-01 16:16:28 +00:00
dependabot[bot]
1fb188636e
Bump slsa-framework/slsa-github-generator from 1.6.0 to 1.7.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.6.0...v1.7.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-01 16:16:25 +00:00
dependabot[bot]
47a89da558
Bump pypa/gh-action-pypi-publish from 1.8.6 to 1.8.7 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.6 to 1.8.7.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](a56da0b891...f5622bde02)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-01 16:16:19 +00:00
David Lord
a3e4013f89
Bump actions/setup-python from 4.6.0 to 4.6.1 (#5150) 2023-06-01 11:49:16 -07:00
David Lord
fb20cbbf1e
Bump pypa/gh-action-pypi-publish from 1.8.5 to 1.8.6 (#5149) 2023-06-01 11:47:53 -07:00
dependabot[bot]
18e703bc93
Bump actions/setup-python from 4.6.0 to 4.6.1 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](57ded4d7d5...bd6b4b6205)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-01 16:56:50 +00:00
dependabot[bot]
fc74a114b3
Bump pypa/gh-action-pypi-publish from 1.8.5 to 1.8.6 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.5 to 1.8.6.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](0bf742be3e...a56da0b891)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-01 16:56:46 +00:00
dependabot[bot]
40f31c3078
Bump slsa-framework/slsa-github-generator from 1.5.0 to 1.6.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-01 16:56:43 +00:00
David Lord
d0bf462866
Merge branch '2.3.x' 2023-05-09 12:38:00 -07:00
David Lord
4911012cf4
update workflows 
update publish parameter names
remove pip update
 2023-05-09 12:37:33 -07:00
David Lord
7b31099252
Merge pull request #5106 from pallets/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.5 
Bump pypa/gh-action-pypi-publish from 1.8.4 to 1.8.5
 2023-05-01 10:22:01 -07:00
dependabot[bot]
dcd25d8f07
Bump actions/checkout from 3.5.0 to 3.5.2 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8f4b7f8486...8e5e7e5ab8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-01 17:18:16 +00:00
dependabot[bot]
ec8ca69195
Bump pypa/gh-action-pypi-publish from 1.8.4 to 1.8.5 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.4 to 1.8.5.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](29930c9cf5...0bf742be3e)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-01 16:57:14 +00:00
dependabot[bot]
b7b753b96c
Bump actions/setup-python from 4.5.0 to 4.6.0 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](d27e3f3d7c...57ded4d7d5)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-05-01 16:57:10 +00:00
David Lord
f7d9956c0f
use oidc instead of token 2023-04-13 08:18:14 -07:00
David Lord
a361ef6368
Merge pull request #5038 from pallets/dependabot/github_actions/pypa/gh-action-pypi-publish-1.8.4 
Bump pypa/gh-action-pypi-publish from 1.6.4 to 1.8.4
 2023-04-03 06:19:09 -07:00
dependabot[bot]
6a6c83789f
Bump actions/checkout from 3.3.0 to 3.5.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](ac59398561...8f4b7f8486)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-01 16:57:06 +00:00
dependabot[bot]
29676a273a
Bump pypa/gh-action-pypi-publish from 1.6.4 to 1.8.4 
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.6.4 to 1.8.4.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](c7f29f7ade...29930c9cf5)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-01 16:57:01 +00:00
dependabot[bot]
3cdcc729a7
Bump slsa-framework/slsa-github-generator from 1.4.0 to 1.5.0 
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases)
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md)
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-01 16:57:31 +00:00
dependabot[bot]
94a23a3e24
Bump actions/setup-python from 4.4.0 to 4.5.0 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](5ccb29d877...d27e3f3d7c)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-01 16:01:23 +00:00
David Lord
0b4b61146f
build, provenance, publish workflow 2023-01-20 13:45:15 -08:00