Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: pypa/gh-action-pypi-publish
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.8.8
Choose a base ref
Loading
...
head repository: pypa/gh-action-pypi-publish
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.8.9
Choose a head ref
Loading
  • 11 commits
  • 3 files changed
  • 4 contributors

Commits on Jul 13, 2023

  1. 🎨📝 Link SHA pinning encouragement @ README 

    This article [[1]] describes security flows of using branches and
tags as an end-user. The commit is intended to educate them but not
force doing so if they don't want to.

[1]: https://julienrenaux.fr/2019/12/20/github-actions-security-risk/
    @webknjaz
    webknjaz committed Jul 13, 2023
    Configuration menu
    Copy the full SHA
    2a939dd View commit details
    Browse the repository at this point in the history

Commits on Jul 25, 2023

  1. Bump certifi from 2023.5.7 to 2023.7.22 in /requirements 

    Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.5.7 to 2023.7.22.
- [Commits](certifi/python-certifi@2023.05.07...2023.07.22)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Jul 25, 2023
    Configuration menu
    Copy the full SHA
    c185b8e View commit details
    Browse the repository at this point in the history

Commits on Jul 26, 2023

  1. Merge pull request #171 from pypa/dependabot/pip/requirements/certifi… 

    …-2023.7.22

Bump certifi from 2023.5.7 to 2023.7.22 in /requirements
    @webknjaz
    webknjaz authored Jul 26, 2023
    Configuration menu
    Copy the full SHA
    413a8d5 View commit details
    Browse the repository at this point in the history

Commits on Aug 2, 2023

  1. Bump cryptography from 41.0.2 to 41.0.3 in /requirements 

    Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.2 to 41.0.3.
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](pyca/cryptography@41.0.2...41.0.3)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
    @dependabot
    dependabot[bot] authored Aug 2, 2023
    Configuration menu
    Copy the full SHA
    adef75a View commit details
    Browse the repository at this point in the history

Commits on Aug 9, 2023

  1. oidc-exchange: render claims if exchange fails 

    Signed-off-by: William Woodruff <william@trailofbits.com>
    @woodruffw
    woodruffw committed Aug 9, 2023
    Configuration menu
    Copy the full SHA
    71a0032 View commit details
    Browse the repository at this point in the history

  2. oidc-exchange: lintage 

    Signed-off-by: William Woodruff <william@trailofbits.com>
    @woodruffw
    woodruffw committed Aug 9, 2023
    Configuration menu
    Copy the full SHA
    8bdd0cc View commit details
    Browse the repository at this point in the history

  3. oidc-exchange: ignore a nested function 

    Signed-off-by: William Woodruff <william@trailofbits.com>
    @woodruffw
    woodruffw committed Aug 9, 2023
    Configuration menu
    Copy the full SHA
    e5f0690 View commit details
    Browse the repository at this point in the history

  4. oidc-exchange: add-trailing-comma 

    Signed-off-by: William Woodruff <william@trailofbits.com>
    @woodruffw
    woodruffw committed Aug 9, 2023
    Configuration menu
    Copy the full SHA
    326f9ad View commit details
    Browse the repository at this point in the history

  5. README: use semantic callouts 

    See: https://github.com/orgs/community/discussions/16925

Signed-off-by: William Woodruff <william@trailofbits.com>
    @woodruffw
    woodruffw committed Aug 9, 2023
    Configuration menu
    Copy the full SHA
    4864f13 View commit details
    Browse the repository at this point in the history

  6. README: re-add "pro tip" language 

    Signed-off-by: William Woodruff <william@trailofbits.com>
    @woodruffw
    woodruffw committed Aug 9, 2023
    Configuration menu
    Copy the full SHA
    637917e View commit details
    Browse the repository at this point in the history

Commits on Aug 10, 2023

  1. Merge PRs #174 #175 and #172 into unstable/v1

    @webknjaz
    webknjaz committed Aug 10, 2023
    Configuration menu
    Copy the full SHA
    ade57f5 View commit details
    Browse the repository at this point in the history
Loading
Morty Proxy This is a proxified and sanitized view of the page, visit original site.