romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-21 16:52:12 +03:00
Code Issues Projects Releases Packages Wiki Activity
36738 commits 20 branches 229 tags 262 MiB
Commit graph

10 commits

Author SHA1 Message Date
dependabot[bot]
7203498c6a
GHA: bump the pip-dependencies group across 2 directories with 3 updates 
Closes #19321
 2025-11-02 17:10:39 +01:00
renovate[bot]
d3e7bef1ef
GHA: update reuse to v6.2.0 
Closes #19257
 2025-10-29 08:31:47 +01:00
renovate[bot]
74147acd17
GHA: update dependency ruff to v0.14.1 
Closes #19085
 2025-10-17 16:19:42 +02:00
dependabot[bot]
29093f0ee8
GHA: bump dependencies 
- cryptography from 44.0.1 to 46.0.2 in tests/http
- ruff from 0.13.2 to 0.14.0 in .github/scripts
- reuse from 6.0.0 to 6.1.2 in .github/scripts
- github/codeql-action from 3.30.5 to 4.30.7

Closes #18941
Closes #18942
Closes #18943
Closes #18945
Closes #18947
 2025-10-08 16:07:58 +02:00
Viktor Szakats
13f10add17
REUSE: bump reuse to v6, add more fences to fix issues 
Closes #18895
Closes #18897
 2025-10-06 20:54:26 +02:00
renovate[bot]
e27853d36b
GHA: update dependency ruff and github/codeql-action 
- update github/codeql-action digest to 303c0ae
- update dependency ruff to v0.13.2

Closes #18716
Closes #18734
 2025-09-25 21:53:53 +02:00
Viktor Szakats
e08211b1ca
GHA: bump pip cryptography, relax impacket version requirement 
Bump `cryptography` to a newer version that fixes two known OpenSSL
vulnerabilities reported by Dependabot.

To make it work, also allow `impacket` 0.11.0, because it allows any
pyOpenSSL version, while 0.12.0 pinned it to a single version that
happens to be incompatible with the bugfixed `cryptography` version.

Also: drop spaces from `requirements.txt` files. Bots don't add them,
though they seem to be preferred in the official documentation:
https://pip.pypa.io/en/stable/reference/requirements-file-format/

https://github.com/fortra/impacket/blob/impacket_0_11_0/requirements.txt
https://github.com/fortra/impacket/blob/impacket_0_12_0/requirements.txt

Follow-up to 7d5f8be532 #18708

Closes #18731
 2025-09-25 14:22:40 +02:00
Viktor Szakats
6796147910
GHA/checksrc: run reuse directly, merge into the linters workflow 
To eliminate dependencies on an Action, Docker Hub and to simplify.

Closes #18721
 2025-09-25 12:06:44 +02:00
renovate[bot]
8e13e42583
GHA: update dependency ruff to v0.13.1 2025-09-25 11:42:43 +02:00
Viktor Szakats
7d5f8be532
GHA: use pip requirements.txt with pins, and more venv 
- requirements.txt: shorten copyright headers.

- requirements.txt: pin packages to versions.

- GHA/windows: use `tests/requirements.txt`.
  Pick a `cryptography` package version that satifies both `impacket`
  and pytests dependencies.

- GHA/checksrc: move pip deps into a new `requirements.txt`.
  To make Dependabot detect and bump them.

- GHA/checksrc: replace apt packages for python test deps with pip
  install `tests/**/requirements.txt` to a venv.

- GHA/checksrc: use venv and drop `--break-system-packages`.

- GHA/linux: fix to actually activate venvs.
  Follow-up to 2638570241 #15578

- GHA/linux: fixup (did not cause an issue)
  Follow-up to d75785c7de #18660

- GHA: create venvs later, simplify commands.

- GHA: sync pip command-line options, e.g. drop progress-bar,
  everywhere.

Assisted-by: Dan Fandrich

Closes #18708
 2025-09-25 10:45:30 +02:00