Comparing changes

Bumps the actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 2.3.0 to 2.4.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@db473fd...e8998f9) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 2.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the actions group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@11bd719...08c6903) Updates `actions/download-artifact` from 4.3.0 to 5.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@d3f86a1...634f93c) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the actions group with 1 update: [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact). Updates `actions/upload-pages-artifact` from 3.0.1 to 4.0.0 - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@56afc60...7b1f4a7) --- updated-dependencies: - dependency-name: actions/upload-pages-artifact dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the actions group with 1 update: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/attest-build-provenance` from 2.4.0 to 3.0.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@e8998f9...977bb37) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the actions group with 1 update: [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish). Updates `pypa/gh-action-pypi-publish` from 1.12.4 to 1.13.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](pypa/gh-action-pypi-publish@76f52bc...ed0c539) --- updated-dependencies: - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps the actions group with 1 update: [actions/setup-python](https://github.com/actions/setup-python). Updates `actions/setup-python` from 5.6.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@a26af69...e797f83) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

* refactor: drop sigstore-protobuf-specs dependency Closes #131. * refactor: fixup tests * ignores * conftest: give EXTREMELY_DANGEROUS_PUBLIC_OIDC_BEACON precedence * test: remove TEST_INTERACTIVE * remove interactive fallback * mark test as online * Update for sigstore 4.0 * Update import for ClientTrustConfig * Use force_tlog_version = 1 when signing for now: This makes sure we don't get rekor v2 entries before we want them * tests: Update expected error message when using wrong instance * README: Update example to sigstore 4.0 * tests: lint fix * pyproject: Add ceiling for sigstore version --------- Co-authored-by: William Woodruff <william@astral.sh>

* Update after moving repository to `pypi` org Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com> * chore: prep v0.0.28 Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com> --------- Signed-off-by: Facundo Tuesca <facundo.tuesca@trailofbits.com>

Commits on Aug 24, 2025

Update README.md

facutuesca authored Aug 24, 2025

Configuration menu

View commit details

Copy full SHA for b70ff03

Browse repository at this point

Copy the full SHA

b70ff03 View commit details

Browse the repository at this point in the history

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Comparing changes

Open a pull request

Commits on Jun 12, 2025

Commits on Aug 12, 2025

Commits on Aug 15, 2025

Commits on Aug 24, 2025

Commits on Sep 1, 2025

Commits on Sep 4, 2025

Commits on Sep 5, 2025

Commits on Oct 14, 2025

Commits on Oct 16, 2025

This comparison is taking too long to generate.

Uh oh!