chore(deps): bump pypi-attestations from 0.0.19 to 0.0.20 #17273
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
dependencies
dependabot
bot
force-pushed
the
dependabot/pip/pypi-attestations-0.0.20
branch
2 times, most recently
from
d7a1b8d to
406b2fc
Compare
|
@dependabot rebase |
dependabot
bot
force-pushed
the
dependabot/pip/pypi-attestations-0.0.20
branch
2 times, most recently
from
d89db3d to
4b76ac6
Compare
Bumps [pypi-attestations](https://github.com/trailofbits/pypi-attestations) from 0.0.19 to 0.0.20. - [Release notes](https://github.com/trailofbits/pypi-attestations/releases) - [Changelog](https://github.com/trailofbits/pypi-attestations/blob/main/CHANGELOG.md) - [Commits](trailofbits/pypi-attestations@v0.0.19...v0.0.20) --- updated-dependencies: - dependency-name: pypi-attestations dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/pip/pypi-attestations-0.0.20
branch
from
4b76ac6 to
161d6c1
Compare
Dependabot can't update these, so do it for them. Also update `pypi-attestations` sub-dependencies via sigstore Closes pypi#17273 Signed-off-by: Mike Fiedler <[email protected]>
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
1 similar comment
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Bumps pypi-attestations from 0.0.19 to 0.0.20.
Release notes
Sourced from pypi-attestations's releases.
Changelog
Sourced from pypi-attestations's changelog.
Commits
d612336chore: prep 0.0.20 (#79)598de57build(deps): update sigstore requirement from <3.6,>=3.5.3 to >=3.5.3,<3.7 in...26351f3build(deps): bump actions/attest-build-provenance from 1 to 2 in the actions ...You can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)