1.4.0 - Relax lxml version

What's Changed

What's new 🎉

• Update lxml = ">=4.6" and other deps by @esev in #676

Full Changelog: 1.3.1...1.4.0

Release asset details:

SHA256 checksums

7259dd26b5208804737af25cad626909ddda35ab561ccecca866459fc435822e  pywemo-1.4.0-py3-none-any.whl
38ffae2568d0beb8853967d68f9d9af2da6c98c89b0f014f9359dac504549825  pywemo-1.4.0.tar.gz

How to verify sigstore signatures

Visit sigstore.dev to learn more about sigstore signing and verification.

Certificate identity:

https://github.com/pywemo/pywemo/.github/workflows/publish.yml@refs/tags/1.4.0

Verify with sigstore-python:

# Download the release wheel and .sigstore file.
wget https://github.com/pywemo/pywemo/releases/download/1.4.0/pywemo-1.4.0-py3-none-any.whl
wget https://github.com/pywemo/pywemo/releases/download/1.4.0/pywemo-1.4.0-py3-none-any.whl.sigstore

# Install sigstore: https://github.com/sigstore/sigstore-python#installation
python -m pip install sigstore

# Verify that the wheel was built from this release.
python -m sigstore verify github \
    --bundle pywemo-1.4.0-py3-none-any.whl.sigstore \
    --cert-identity https://github.com/pywemo/pywemo/.github/workflows/publish.yml@refs/tags/1.4.0 \
    --sha 9a24c3e76a198a62968c3e6fa3c528e52a157797 \
    pywemo-1.4.0-py3-none-any.whl

How to verify SLSA provenance

Visit slsa.dev to learn more about generating and verifying software provenance with SLSA.

SLSA verifier installation instructions can be found at github.com/slsa-framework/slsa-verifier#installation.

# Download the release wheel and .intoto.jsonl file.
wget https://github.com/pywemo/pywemo/releases/download/1.4.0/pywemo-1.4.0-py3-none-any.whl
wget https://github.com/pywemo/pywemo/releases/download/1.4.0/pywemo-1.4.0.intoto.jsonl

# Verify that the wheel was built from this release.
slsa-verifier verify-artifact \
    --provenance-path pywemo-1.4.0.intoto.jsonl \
    --source-uri github.com/pywemo/pywemo \
    --source-tag 1.4.0 \
    pywemo-1.4.0-py3-none-any.whl