chore: prep 2.8.0 (#879)

woodruffw · web-flow · commit 888cf00f2780 · 2025-02-06T23:56:34.000+01:00
* chore: prep 2.8.0

Signed-off-by: William Woodruff &lt;william@trailofbits.com&gt;

* bump versions

Signed-off-by: William Woodruff &lt;william@trailofbits.com&gt;

---------

Signed-off-by: William Woodruff &lt;william@trailofbits.com&gt;
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -13,7 +13,6 @@ jobs:
 
     permissions:
       # Used to authenticate to PyPI via OIDC.
-      # Used to sign the release's artifacts with sigstore-python.
       id-token: write
 
       # Used to attach signing artifacts to the published release.
@@ -37,8 +36,3 @@ jobs:
     - name: publish
       uses: pypa/gh-action-pypi-publish@release/v1
 
-    - name: sign
-      uses: sigstore/gh-action-sigstore-python@f514d46b907ebcd5bedc05145c03b69c1edd8b46 # v3.0.0
-      with:
-        inputs: ./dist/*.tar.gz ./dist/*.whl
-        release-signing-artifacts: true
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -27,7 +27,7 @@ repos:
     hooks:
       - id: isort
   - repo: https://github.com/pypa/pip-audit
-    rev: v2.7.3
+    rev: v2.8.0
     hooks:
       - id: pip-audit
   - repo: https://github.com/rhysd/actionlint
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,8 @@ All versions prior to 0.0.9 are untracked.
 
 ## [Unreleased]
 
+## [2.8.0]
+
 ### Added
 
 * `pip-audit` now allows some CLI flags to be configured via environment
@@ -616,7 +618,8 @@ All versions prior to 0.0.9 are untracked.
   dependency errors ([#146](https://github.com/pypa/pip-audit/pull/146))
 
 <!-- Release URLs -->
-[Unreleased]: https://github.com/pypa/pip-audit/compare/v2.7.3...HEAD
+[Unreleased]: https://github.com/pypa/pip-audit/compare/v2.8.0...HEAD
+[2.8.0]: https://github.com/pypa/pip-audit/compare/v2.7.3...v2.8.0
 [2.7.3]: https://github.com/pypa/pip-audit/compare/v2.7.2...v2.7.3
 [2.7.2]: https://github.com/pypa/pip-audit/compare/v2.7.1...v2.7.2
 [2.7.1]: https://github.com/pypa/pip-audit/compare/v2.7.0...v2.7.1
diff --git a/README.md b/README.md
@@ -107,7 +107,7 @@ For example, using `pip-audit` via `pre-commit` to audit a requirements file:
 
 ```yaml
   - repo: https://github.com/pypa/pip-audit
-    rev: v2.7.3
+    rev: v2.8.0
     hooks:
       -   id: pip-audit
           args: ["-r", "requirements.txt"]
diff --git a/pip_audit/__init__.py b/pip_audit/__init__.py
@@ -2,4 +2,4 @@
 The `pip_audit` APIs.
 """
 
-__version__ = "2.7.3"
+__version__ = "2.8.0"
