git-market/curl-curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-15 01:05:56 +08:00
Code Issues Actions 15 Packages Projects Releases Wiki Activity
38,362 Commits 14 Branches 229 Tags 263 MiB
74a169575d
Commit Graph

20 Commits

Author SHA1 Message Date
dependabot[bot]
fcf946e846
GHA: bump actions and pips 
- update `actions/cache` from 5.0.3 to 5.0.4
- update `actions/download-artifact` from 7.0.0 to 8.0.1
- update `actions/upload-artifact` from 6.0.0 to 7.0.0
- update `msys2/setup-msys2` from 2.30.0 to 2.31.0
- update pip `ruff` from 0.15.7 to 0.15.8

Closes #21195
Closes #21197
 2026-04-01 22:50:11 +02:00
dependabot[bot]
bb0c8cf5af
GHA: bump pip-dependencies 
- update `filelock` from 3.24.3 to 3.25.2
- update `ruff` from 0.15.2 to 0.15.7
- update `cryptography` from 46.0.5 to 46.0.6 (CVE-2026-34073)

Closes #21138
 2026-03-28 03:43:26 +01:00
Viktor Szakats
37f5e3960f
spelling: bump codespell to 2.4.2, fix fallouts 
Closes #20825
Closes #20827
 2026-03-06 00:30:32 +01:00
dependabot[bot]
4427e6152a
GHA: bump actions and pip dependencies 
- update action `actions/cache` from 5.0.1 to 5.0.3
- update action `github/codeql-action` from 4.31.9 to 4.32.4
- update pip `filelock` from 3.20.3 to 3.24.3
- update pip `ruff` from 0.14.14 to 0.15.2

Closes #20782
Closes #20783
 2026-03-01 19:06:39 +01:00
dependabot[bot]
47734f3244
GHA: bump GHA and pip dependencies 
- update `actions/checkout` from 6.0.1 to 6.0.2
- update `ruff` from 0.14.11 to 0.14.14
- update `cryptography` from 46.0.3 to 46.0.4
- update `psutil` from 7.2.1 to 7.2.2
- update `websockets` from 15.0.1 to 16.0

Closes #20490
Closes #20491
 2026-02-01 16:40:37 +01:00
dependabot[bot]
ad8374aedc
GHA: bump pip-dependencies 
- update `ruff` from 0.14.10 to 0.14.11
- update `filelock` from 3.20.1 to 3.20.3 (CVE-2026-22701) (used in pytests)
- update `psutil` from 7.2.0 to 7.2.1

Closes #20300
 2026-01-13 23:17:10 +01:00
dependabot[bot]
ef97f47635
GHA: bump pip-dependencies 
- update `ruff` from 0.14.9 to 0.14.10
- update `psutil` from 7.1.3 to 7.2.0

Closes #20141
 2026-01-01 20:49:00 +01:00
dependabot[bot]
1b205078bd
GHA: bump pip-dependencies 
- update `filelock` from 3.20.0 to 3.20.1 (CVE-2025-68146) (used in pytests)
- update `pytest` from 9.0.1 to 9.0.2
- update `ruff` from 0.14.8 to 0.14.9

Closes #20004
 2025-12-17 00:55:26 +01:00
dependabot[bot]
cc853ddc3d
GHA: bump pip-dependencies ruff, psutil, pytest 
- update `ruff` from 0.14.5 to 0.14.8
- update `psutil` from 7.1.2 to 7.1.3
- update `pytest` from 8.4.2 to 9.0.1

Closes #19876
 2025-12-08 15:37:43 +01:00
renovate[bot]
39320e1e1b
GHA: update dependencies 
- github/codeql-action to 4.31.3
- google/boringssl to v0.20251110.0
- ruff to 0.14.5

Closes #19442
Closes #19455
 2025-11-17 16:48:56 +01:00
dependabot[bot]
7203498c6a
GHA: bump the pip-dependencies group across 2 directories with 3 updates 
Closes #19321
 2025-11-02 17:10:39 +01:00
renovate[bot]
d3e7bef1ef
GHA: update reuse to v6.2.0 
Closes #19257
 2025-10-29 08:31:47 +01:00
renovate[bot]
74147acd17
GHA: update dependency ruff to v0.14.1 
Closes #19085
 2025-10-17 16:19:42 +02:00
dependabot[bot]
29093f0ee8
GHA: bump dependencies 
- cryptography from 44.0.1 to 46.0.2 in tests/http
- ruff from 0.13.2 to 0.14.0 in .github/scripts
- reuse from 6.0.0 to 6.1.2 in .github/scripts
- github/codeql-action from 3.30.5 to 4.30.7

Closes #18941
Closes #18942
Closes #18943
Closes #18945
Closes #18947
 2025-10-08 16:07:58 +02:00
Viktor Szakats
13f10add17
REUSE: bump reuse to v6, add more fences to fix issues 
Closes #18895
Closes #18897
 2025-10-06 20:54:26 +02:00
renovate[bot]
e27853d36b
GHA: update dependency ruff and github/codeql-action 
- update github/codeql-action digest to 303c0ae
- update dependency ruff to v0.13.2

Closes #18716
Closes #18734
 2025-09-25 21:53:53 +02:00
Viktor Szakats
e08211b1ca
GHA: bump pip cryptography, relax impacket version requirement 
Bump `cryptography` to a newer version that fixes two known OpenSSL
vulnerabilities reported by Dependabot.

To make it work, also allow `impacket` 0.11.0, because it allows any
pyOpenSSL version, while 0.12.0 pinned it to a single version that
happens to be incompatible with the bugfixed `cryptography` version.

Also: drop spaces from `requirements.txt` files. Bots don't add them,
though they seem to be preferred in the official documentation:
https://pip.pypa.io/en/stable/reference/requirements-file-format/

https://github.com/fortra/impacket/blob/impacket_0_11_0/requirements.txt
https://github.com/fortra/impacket/blob/impacket_0_12_0/requirements.txt

Follow-up to 7d5f8be532 #18708

Closes #18731
 2025-09-25 14:22:40 +02:00
Viktor Szakats
6796147910
GHA/checksrc: run reuse directly, merge into the linters workflow 
To eliminate dependencies on an Action, Docker Hub and to simplify.

Closes #18721
 2025-09-25 12:06:44 +02:00
renovate[bot]
8e13e42583
GHA: update dependency ruff to v0.13.1 2025-09-25 11:42:43 +02:00
Viktor Szakats
7d5f8be532
GHA: use pip requirements.txt with pins, and more venv 
- requirements.txt: shorten copyright headers.

- requirements.txt: pin packages to versions.

- GHA/windows: use `tests/requirements.txt`.
  Pick a `cryptography` package version that satifies both `impacket`
  and pytests dependencies.

- GHA/checksrc: move pip deps into a new `requirements.txt`.
  To make Dependabot detect and bump them.

- GHA/checksrc: replace apt packages for python test deps with pip
  install `tests/**/requirements.txt` to a venv.

- GHA/checksrc: use venv and drop `--break-system-packages`.

- GHA/linux: fix to actually activate venvs.
  Follow-up to 2638570241 #15578

- GHA/linux: fixup (did not cause an issue)
  Follow-up to d75785c7de #18660

- GHA: create venvs later, simplify commands.

- GHA: sync pip command-line options, e.g. drop progress-bar,
  everywhere.

Assisted-by: Dan Fandrich

Closes #18708
 2025-09-25 10:45:30 +02:00