chore(deps): bump pyasn1 from 0.4.8 to 0.6.1 in /jans-linux-setup

[dependabot]

Bumps pyasn1 from 0.4.8 to 0.6.1.

Release notes

Sourced from pyasn1's releases.

Release 0.6.1

It's a minor release.

• Added support for Python 3.13.
• Cleaned Python 2-related code.
• Removed bdist_wheel universal flag from setup.cfg.

All changes are noted in the CHANGELOG.

Release 0.6.0

It's a major release where we drop Python 2 support entirely. The most significant changes are:

• Removed support for EOL Python 2.7, 3.6, 3.7
• Added support for previously missing RELATIVE-OID construct
• Updated link to Layman's Guide

All changes are noted in the CHANGELOG.

Release 0.5.1

It's a minor release.

• Added support for PyPy 3.10 and Python 3.12
• Updated RTD configuration to include a dummy index.rst redirecting to contents.html, ensuring compatibility with third-party documentation and search indexes.
• Fixed the API breakage wih decoder.decode(substrateFun=...). A substrateFun passed to decoder.decode() can now be either v0.4 Non-Streaming or v0.5 Streaming. pyasn1 will detect and handle both cases transparently. A substrateFun passed to one of the new streaming decoders is still expected to be v0.5 Streaming only.

All changes are noted in the CHANGELOG.

Release 0.5.0

It's a major release. The most important changes are:

• PyPI package ownership for pyasn1 and pyasn1-module has been transferred to Christian Heimes and Simon Pichugin in [PyPI support ticket #2090](pypa/pypi-support#2090).
• The upstream repositories for pyasn1 and pyasn1-modules are now in the GitHub organization https://github.com/pyasn1/.
• Modernized packaging and testing. pyasn1 now uses setup.cfg, pyproject.toml, build, and GitHub Actions.
• Make BER/CER/DER decoders streaming and suspendible
• Added support for Python 3.8, 3.9, 3.10, 3.11
• Removed support for EOL Pythons 2.4, 2.5, 2.6, 3.2, 3.3, 3.4, 3.5
• Added support for PyPy 3.7, 3.8, 3.9

All changes are noted in the CHANGELOG.

Changelog

Sourced from pyasn1's changelog.

Revision 0.6.1, released 10-09-2024

• Added support for Python 3.13 and updated GitHub Actions [pr #73](pyasn1/pyasn1#73)
• Removed Python 2 support and related code [pr #62](pyasn1/pyasn1#62) [pr #61](pyasn1/pyasn1#61) [pr #60](pyasn1/pyasn1#60)
• Improved error handling and consistency [pr #71](pyasn1/pyasn1#71) [pr #70](pyasn1/pyasn1#70)
• Runtime deprecation of tagMap and typeMap aliases [pr #72](pyasn1/pyasn1#72)
• Fixed duplicated and missing declarations [pr #64](pyasn1/pyasn1#64)
• Cleaned documentation and comments [pr #63](pyasn1/pyasn1#63)
• Removed bdist_wheel universal flag from setup.cfg [pr #69](pyasn1/pyasn1#69)

Revision 0.6.0, released 26-03-2024

• Added support for previously missing RELATIVE-OID construct [pr #48](pyasn1/pyasn1#48)
• Updated link to Layman's Guide Now it provides a link to links to a formatted PDF version of the paper, at a stable domain (researchgate), using https [pr #50](pyasn1/pyasn1#50)
• Removed support for EOL Python 2.7, 3.6, 3.7 [pr #56](pyasn1/pyasn1#56)

Revision 0.5.1, released 20-11-2023

• Added support for PyPy 3.10 and Python 3.12 [pr #32](pyasn1/pyasn1#32)

• Updated RTD configuration to include a dummy index.rst redirecting to contents.html, ensuring compatibility with third-party documentation and search indexes. [pr #47](pyasn1/pyasn1#47)

• Fixed the API breakage wih decoder.decode(substrateFun=...).

  A substrateFun passed to decoder.decode() can now be either v0.4 Non-Streaming or v0.5 Streaming. pyasn1 will detect and handle both cases transparently.

  A substrateFun passed to one of the new streaming decoders is still expected to be v0.5 Streaming only.

... (truncated)

Commits

• 0f07d72 Prepare release 0.6.1
• d15cfa0 Revert "Monthly downloads badge added (#67)"
• 2d0a152 Add support for Python 3.13 (#73)
• 507eca7 Runtime deprecation of tagMap & typeMap aliases (#72)
• 8c4f5e5 Python 3 simplified error handling (#71)
• 7a599a1 raise actual error when value is inconsistent (#70)
• d1381d4 Fix duplicated and missing declarations (#64)
• 6993b85 obsolete python version mention in docstring and comments (#63)
• 001bc19 Remove various Python 2 version_info checks (#62)
• aa81e4b Remove python2 code from compat.integer (#61)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dryrunsecurity]

DryRun Security Summary

The pull request introduces comprehensive updates to GitHub Actions workflows and configuration files for the Janssen Project, focusing on enhancing security, reliability, and maintainability through improved authentication, dependency management, testing, and supply chain security measures.

Expand for full summary

Summary:

The code changes in this pull request cover a wide range of updates to the GitHub Actions workflows and configuration files for the Janssen Project. The changes are focused on improving the security, reliability, and maintainability of the project's build, deployment, and testing processes.

Some of the key security-related changes include:

1. Hardening the GitHub Actions runners by using the step-security/harden-runner action, which helps mitigate potential security risks in the runner environment.
2. Implementing secure authentication and authorization practices, such as using GitHub secrets and GPG signing of commits, to ensure the integrity of the build and deployment processes.
3. Updating dependencies and package versions to the latest secure versions, and implementing comprehensive testing and code coverage reporting to identify and address potential security vulnerabilities.
4. Improving the pull request and issue management processes, such as enforcing the linking of pull requests to open issues and automatically labeling pull requests and issues.
5. Implementing supply chain security measures, such as running the Scorecard tool to assess the security posture of the project.

Overall, the changes in this pull request demonstrate a strong focus on application security and the implementation of best practices to ensure the ongoing security and reliability of the Janssen Project.

Files Changed:

• .github/pull_request_template.md: Updates the pull request template to improve the documentation and tracking of changes.
• .github/workflows/backport.yml: Configures a workflow to automatically backport merged pull requests to other branches.
• .github/workflows/build-packages.yml: Updates the workflow responsible for building and publishing binary packages for the Janssen Project.
• .github/workflows/build-docs.yml: Configures the workflow for generating and deploying the Janssen Project documentation.
• .github/dependabot.yml: Adds new dependency update configurations for various package ecosystems and directories.
• .github/CODEOWNERS: Updates the code owners for various components and directories in the repository.
• .github/workflows/activate-nightly-build.yml: Configures the workflow for activating a nightly build process.
• .github/workflows/build-wars.yml: Updates the workflow responsible for building and publishing Java packages.
• .github/workflows/label_pr_issues.yml: Configures the workflow for automatically labeling pull requests and issues.
• .github/workflows/microk8s.yml: Updates the workflow for a MicroK8s-based deployment.
• .github/workflows/pr-ref-issue.yml: Configures the workflow to enforce the practice of linking each pull request to an open issue.
• .github/workflows/flake8-lint.yml: Configures the workflow for running Flake8 linting on Python code.
• .github/workflows/test_docker_linux_installer.yml: Updates the workflow for testing the Linux installer for the Jans Project.
• .github/workflows/scorecard.yml: Configures the workflow for running the Scorecard supply-chain security analysis.
• .github/workflows/sync.yml: Updates the workflow for synchronizing changes between the jans and terraform-provider-jans repositories.
• .github/workflows/testcases.yml: Updates the workflow for running test cases for the jans-pycloudlib project.

Code Analysis

We ran 9 analyzers against 30 files and 0 analyzers had findings. 9 analyzers had no findings.

View PR in the DryRun Dashboard.

[moabu]

@dependabot recreate

[mo-auto]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)