python-tuf icon indicating copy to clipboard operation
python-tuf copied to clipboard
verified publisher icon theupdateframework

deps: hatchling update

Open jku opened this issue 3 years ago • 3 comments

We pin hatchling in pyproject.toml: build-system.requires = ["hatchling==0.22.0"]. I think this is the correct choice: otherwise the build is not really reproducible.

It looks like Dependabot does not notice this as a dependency: so we're currently several versions behind.

Tasks:

  • Update hatchling to current
  • Figure out how we stay up-to-date?

jku avatar Jun 16 '22 13:06 jku

Relevant dependabot feature request: https://github.com/dependabot/dependabot-core/issues/3290

joshuagl avatar Jun 16 '22 15:06 joshuagl

Hi, I would like to fix this issue. Can you please assign me this issue.

UDITBALUJA avatar Sep 08 '22 06:09 UDITBALUJA

Note that this might be an impossible request:

Figure out how we stay up-to-date?

So a plain hatchling version bump (and preferably checking that the build result did not change) is fine.

jku avatar Sep 10 '22 18:09 jku

I have checked hatchling versions 1.9.0 and 1.10.0 and the build results seem to be fine.I'll also check for the latest version released on 9 Oct,2022 ,and will give update soon.

UDITBALUJA avatar Oct 18 '22 08:10 UDITBALUJA