From f3f21aff896187f34821a396a26a84efe2e6fc6c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Jul 2025 01:08:23 +0000 Subject: [PATCH 1/2] build(deps): bump the test-and-lint-dependencies group with 2 updates Bumps the test-and-lint-dependencies group with 2 updates: [ruff](https://github.com/astral-sh/ruff) and [zizmor](https://github.com/zizmorcore/zizmor). Updates `ruff` from 0.12.0 to 0.12.1 - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/0.12.0...0.12.1) Updates `zizmor` from 1.9.0 to 1.11.0 - [Release notes](https://github.com/zizmorcore/zizmor/releases) - [Changelog](https://github.com/zizmorcore/zizmor/blob/main/docs/release-notes.md) - [Commits](https://github.com/zizmorcore/zizmor/compare/v1.9.0...v1.11.0) --- updated-dependencies: - dependency-name: ruff dependency-version: 0.12.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: test-and-lint-dependencies - dependency-name: zizmor dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: test-and-lint-dependencies ... Signed-off-by: dependabot[bot] --- requirements/lint.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements/lint.txt b/requirements/lint.txt index 1ab9845122..4009445cde 100644 --- a/requirements/lint.txt +++ b/requirements/lint.txt @@ -6,9 +6,9 @@ # Lint tools # (We are not so interested in the specific versions of the tools: the versions # are pinned to prevent unexpected linting failures when tools update) -ruff==0.12.0 +ruff==0.12.1 mypy==1.16.1 -zizmor==1.9.0 +zizmor==1.11.0 # Required for type stubs freezegun==1.5.2 From 3925818a4460883b9db16e2c8a8a90d58f7d5a22 Mon Sep 17 00:00:00 2001 From: Jussi Kukkonen Date: Tue, 8 Jul 2025 10:56:43 +0300 Subject: [PATCH 2/2] workflows: Add action/job names zizmor now requires these and it seems like good practice Signed-off-by: Jussi Kukkonen --- .github/workflows/_test.yml | 2 ++ .github/workflows/_test_sslib_main.yml | 1 + .github/workflows/conformance.yml | 1 + .github/workflows/dependency-review.yml | 1 + .github/workflows/specification-version-check.yml | 1 + 5 files changed, 6 insertions(+) diff --git a/.github/workflows/_test.yml b/.github/workflows/_test.yml index 34ad5f2d4d..c3fcf28d47 100644 --- a/.github/workflows/_test.yml +++ b/.github/workflows/_test.yml @@ -4,6 +4,7 @@ on: permissions: {} +name: Lint and run test suite jobs: lint-test: name: Lint Test @@ -89,6 +90,7 @@ jobs: - run: echo "All test jobs have completed successfully." coveralls-fin: + name: Submit coverage to Coveralls.io # Always run when all 'tests' jobs have finished even if they failed # TODO: Replace always() with a 'at least one job succeeded' expression if: always() diff --git a/.github/workflows/_test_sslib_main.yml b/.github/workflows/_test_sslib_main.yml index c8cf3107d9..45069f396b 100644 --- a/.github/workflows/_test_sslib_main.yml +++ b/.github/workflows/_test_sslib_main.yml @@ -4,6 +4,7 @@ on: permissions: {} +name: Test securesystemslib main branch jobs: sslib-main: name: Test securesystemslib main branch (not a merge blocker) diff --git a/.github/workflows/conformance.yml b/.github/workflows/conformance.yml index 1c3a414dd6..0078b495f0 100644 --- a/.github/workflows/conformance.yml +++ b/.github/workflows/conformance.yml @@ -11,6 +11,7 @@ permissions: name: Conformance jobs: conformance: + name: Conformance runs-on: ubuntu-latest steps: - name: Checkout conformance client diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 1400d25cf6..8033ea81c0 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -13,6 +13,7 @@ permissions: jobs: dependency-review: + name: Dependency review runs-on: ubuntu-latest steps: - name: 'Checkout Repository' diff --git a/.github/workflows/specification-version-check.yml b/.github/workflows/specification-version-check.yml index ed4f6bbe1f..6c89e2014d 100644 --- a/.github/workflows/specification-version-check.yml +++ b/.github/workflows/specification-version-check.yml @@ -10,6 +10,7 @@ permissions: {} jobs: # Get the version of the TUF specification the project states it supports get-supported-tuf-version: + name: Get TUF spec version supported by python-tuf runs-on: ubuntu-latest outputs: version: ${{ steps.get-version.outputs.version }}