Bump sigstore/gh-action-sigstore-python from 2.1.0 to 2.1.1 (#7962) · aio-libs/aiohttp@1542348

Commit

Bump sigstore/gh-action-sigstore-python from 2.1.0 to 2.1.1 (#7962)

Bumps
[sigstore/gh-action-sigstore-python](https://github.com/sigstore/gh-action-sigstore-python)
from 2.1.0 to 2.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/gh-action-sigstore-python/releases">sigstore/gh-action-sigstore-python's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>requirements: pin sigstore-rekor-types subdep by <a
href="https://github.com/woodruffw"><code>@woodruffw</code></a> in <a
href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/95">sigstore/gh-action-sigstore-python#95</a></li>
<li>requirements: bump sigstore-python by <a
href="https://github.com/woodruffw"><code>@woodruffw</code></a> in <a
href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/97">sigstore/gh-action-sigstore-python#97</a></li>
<li>Prep 2.1.1 by <a
href="https://github.com/tetsuo-cpp"><code>@tetsuo-cpp</code></a> in <a
href="https://redirect.github.com/sigstore/gh-action-sigstore-python/pull/98">sigstore/gh-action-sigstore-python#98</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/gh-action-sigstore-python/compare/v2.1.0...v2.1.1">https://github.com/sigstore/gh-action-sigstore-python/compare/v2.1.0...v2.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sigstore/gh-action-sigstore-python/commit/61f6a500bbfdd9a2a339cf033e5421951fbc1cd2"><code>61f6a50</code></a>
Prep 2.1.1 (<a
href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/98">#98</a>)</li>
<li><a
href="https://github.com/sigstore/gh-action-sigstore-python/commit/f4ac35c73c02e31400c1194bfb28bdb148720e9b"><code>f4ac35c</code></a>
requirements: bump sigstore-python (<a
href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/97">#97</a>)</li>
<li><a
href="https://github.com/sigstore/gh-action-sigstore-python/commit/5e2e3208fcf90ed75628fde4a9e9f60242278cd5"><code>5e2e320</code></a>
requirements: pin sigstore-rekor-types subdep (<a
href="https://redirect.github.com/sigstore/gh-action-sigstore-python/issues/95">#95</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/gh-action-sigstore-python/compare/v2.1.0...v2.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/gh-action-sigstore-python&package-manager=github_actions&previous-version=2.1.0&new-version=2.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Loading branch information

dependabot[bot] committed Mar 31, 2024

1 parent e0d9d3a commit 1542348

.github/workflows/ci-cd.yml

-Original file line number
+Diff line change
@@ Expand Up / @@ -427,7 +427,7 @@ jobs: @@
           uses: pypa/gh-action-pypi-publish@release/v1
         - name: Sign the dists with Sigstore
-          uses: sigstore/gh-action-sigstore-python@v2.1.0
+          uses: sigstore/gh-action-sigstore-python@v2.1.1
           with:
             inputs: >-
               ./dist/*.tar.gz
@@ Expand Down @@

0 comments on commit `1542348`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `1542348`

Commit

There are no files selected for viewing

0 comments on commit 1542348

0 comments on commit `1542348`