v1.0.14

This is a maintenance release where we focused on updating dependencies and the Docker base image to improve the overall performance and stability of our software.

Maintenance

• Updated PyPi release workflow.
• Added support for Python 3.13.
• Updated various GitHub Actions and dependencies to their latest versions.
• Improved Dockerfile with new base images.

Changes

• Workflows:
  • Updated step-security/harden-runner to v2.10.1.
  • Updated actions/checkout to v4.2.2.
  • Updated actions/setup-python to v5.3.0.
  • Updated github/codeql-action to v3.27.0.
  • Updated actions/upload-artifact to v4.4.3 and other dependencies.
• Dockerfile:
  • Switched to Python 3.13 base images.
• Documentation:
  • Updated version references in README.md and CHANGELOG.md.

For more details, you can view the comparison.

v1.0.12

This is a maintenance release where we focused on updating dependencies and the Docker base image to improve the overall performance and stability of our software.

What's Changed

• Bump version to 1.0.12-dev by @jkreileder in #303
• Bump ruff from 0.4.3 to 0.4.4 by @dependabot in #304
• Use use_oidc for codecov-action by @jkreileder in #305
• Bump cloudflare from 2.19.4 to 2.20.0 by @jkreileder in #306
• Add Scorecard security workflow and badge to README by @jkreileder in #307
• Tighten egress policy in scorecard workflow by @jkreileder in #308
• Bump actions/attest-sbom from 1.1.0 to 1.1.1 by @dependabot in #310
• Bump actions/attest-build-provenance from 1.1.0 to 1.1.1 by @dependabot in #309
• Bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in #311
• Bump codecov/codecov-action from 4.3.1 to 4.4.0 by @dependabot in #312
• Bump pyright from 1.1.362 to 1.1.363 by @dependabot in #313
• Bump python from 2be8dad to afc139a by @dependabot in #314
• Update GitHub actions runners to ubuntu-24.04 by @jkreileder in #315
• Update Scorecard workflow to use ubuntu-latest by @jkreileder in #316
• Bump actions/attest-build-provenance from 1.1.1 to 1.1.2 by @dependabot in #318
• Bump actions/attest-sbom from 1.1.1 to 1.1.2 by @dependabot in #317
• Bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in #319
• Bump pytest from 8.2.0 to 8.2.1 by @dependabot in #320
• Bump requests from 2.31.0 to 2.32.0 in the pip group by @dependabot in #324
• Bump codecov/codecov-action from 4.4.0 to 4.4.1 by @dependabot in #321
• Bump anchore/sbom-action from 0.15.11 to 0.16.0 by @dependabot in #323
• Bump github/codeql-action from 3.25.5 to 3.25.6 by @dependabot in #322
• Bump step-security/harden-runner from 2.7.1 to 2.8.0 by @dependabot in #325
• Bump pyright from 1.1.363 to 1.1.364 by @dependabot in #327
• Bump requests from 2.32.0 to 2.32.2 by @jkreileder in #328
• Update ruff to version 0.4.5 by @jkreileder in #329
• Bump base image to python:3.12.3-alpine3.20 by @jkreileder in #330
• Remove deprecated setup-python-dependencies by @jkreileder in #331
• Update typing-extensions to version 4.12.0 by @jkreileder in #332
• Bump docker/scout-action from 1.8.0 to 1.9.1 by @dependabot in #333
• Bump docker/scout-action from 1.9.1 to 1.9.3 by @dependabot in #337
• Bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #336
• Update ruff-pre-commit to v0.4.6 by @jkreileder in #338
• Update docker/scout-sbom-indexer to version 1.9.3 by @jkreileder in #339
• Bump pydantic from 2.7.1 to 2.7.2 by @dependabot in #335
• Update allowed endpoints in codeql.yaml by @jkreileder in #340
• Bump ruff from 0.4.5 to 0.4.6 by @dependabot in #334
• Bump pyright from 1.1.364 to 1.1.365 by @dependabot in #341
• Bump requests from 2.32.2 to 2.32.3 by @jkreileder in #342
• Update GitHub Actions to use ubuntu-latest by @jkreileder in #343
• Update dependencies to latest versions by @jkreileder in #344
• Bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #345
• Update certifi, pydantic, and pydantic-core versions by @jkreileder in #346
• Bump dawidd6/action-download-artifact from 3.1.4 to 4 by @dependabot in #347
• Bump actions/attest-sbom from 1.1.2 to 1.2.0 by @dependabot in #348
• Bump actions/attest-build-provenance from 1.1.2 to 1.2.0 by @dependabot in #349
• Bump dawidd6/action-download-artifact from 4 to 5 by @dependabot in #350
• Bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in #351
• Bump pytest from 8.2.1 to 8.2.2 by @dependabot in #352
• Bump ruff from 0.4.7 to 0.4.8 by @dependabot in #354
• Bump actions/dependency-review-action from 4.3.2 to 4.3.3 by @dependabot in #356
• Bump python from afc139a to afc139a by @dependabot in #355
• Update ruff pre-commit hook to version 0.4.8 by @jkreileder in #357
• Bump python from 3.12.3-alpine3.20 to 3.12.4-alpine3.20 by @dependabot in #358
• Bump step-security/harden-runner from 2.8.0 to 2.8.1 by @dependabot in #359
• Bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in #360
• Bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #361
• Bump dawidd6/action-download-artifact from 5 to 6 by @dependabot in #362
• Bump codecov/codecov-action from 4.4.1 to 4.5.0 by @dependabot in #367
• Bump pydantic from 2.7.3 to 2.7.4 by @dependabot in #364
• Bump pyright from 1.1.366 to 1.1.367 by @dependabot in #365
• Bump python from e3ae8cf to 2fba8e7 by @dependabot in #366
• Bump github/codeql-action from 3.25.8 to 3.25.10 by @dependabot in #368
• Bump pypa/gh-action-pypi-publish from 1.8.14 to 1.9.0 by @dependabot in #371
• Bump actions/attest-sbom from 1.2.0 to 1.3.1 by @dependabot in #370
• Bump actions/attest-build-provenance from 1.2.0 to 1.3.1 by @dependabot in #369
• Bump ruff from 0.4.8 to 0.4.9 by @dependabot in #372
• Bump python from d24ed567 to a9829975 by @dependabot in #373
• Upgrade pre-commit dependencies by @jkreileder in #374
• Bump urllib3 from 2.2.1 to 2.2.2 in the pip group by @dependabot in #375
• Bump actions/attest-sbom from 1.3.1 to 1.3.2 by @dependabot in #378
• Bump docker/build-push-action from 5.4.0 to 6.0.0 by @dependabot in #376
• Bump actions/attest-build-provenance from 1.3.1 to 1.3.2 by @dependabot in #377
• Bump docker/build-push-action from 6.0.0 to 6.0.1 by @dependabot in #379
• Bump pyright from 1.1.367 to 1.1.368 by @dependabot in #380
• Bump ruff from 0.4.9 to 0.4.10 by @dependabot in #381
• Bump python from 982997 to dc09596 by @dependabot in #382
• Bump docker/scout-action from 1.9.3 to 1.10.0 by @dependabot in #383
• Bump docker/build-push-action from 6.0.1 to 6.1.0 by @dependabot in #385
• Update ruff to version 0...

v1.0.11

This is a maintenance release where we focused on updating dependencies and the Docker base image to improve the overall performance and stability of our software.

What's Changed

• Bump version to 1.0.11-dev by @jkreileder in #249
• Bump docker/scout-action from 1.6.4 to 1.7.0 by @dependabot in #250
• Bump github/codeql-action from 3.24.10 to 3.25.0 by @dependabot in #251
• Update sbom generator from 1.6.4 to 1.7.0 by @jkreileder in #252
• Bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in #254
• Bump pyright from 1.1.358 to 1.1.359 by @dependabot in #253
• Bump docker/scout-action from 1.7.0 to 1.7.1 by @dependabot in #255
• Bump docker/dockerfile from 1.6.0 to 1.7.0 by @jkreileder in #256
• Bump docker/scout-sbom-indexer from 1.7.0 to 1.7.1 by @jkreileder in #257
• Bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #259
• Bump actions/download-artifact from 4.1.4 to 4.1.5 by @dependabot in #260
• Bump ruff from 0.3.7 to 0.4.0 by @jkreileder in #261
• Bump ruff from 0.3.7 to 0.4.0 by @dependabot in #258
• Bump ruff from 0.4.0 to 0.4.1 by @jkreileder in #262
• Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #263
• Bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 by @dependabot in #264
• Bump actions/download-artifact from 4.1.5 to 4.1.6 by @dependabot in #265
• Bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #267
• Bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in #266
• Bump pydantic from 2.7.0 to 2.7.1 by @dependabot in #268
• Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #272
• Bump actions/download-artifact from 4.1.6 to 4.1.7 by @dependabot in #271
• Bump pyright from 1.1.359 to 1.1.360 by @dependabot in #269
• Bump python from 541d45d to 2be8dad by @dependabot in #270
• Bump ruff from 0.4.1 to 0.4.2 by @jkreileder in #273
• Bump github/codeql-action from 3.25.2 to 3.25.3 by @dependabot in #274
• Bump docker/scout-action from 1.7.1 to 1.8.0 by @dependabot in #275
• Bump pytest from 8.1.1 to 8.2.0 by @dependabot in #276
• Bump cloudflare from 2.19.2 to 2.19.4 by @jkreileder in #277
• Bump pyproject-hooks from 1.0.0 to 1.1.0 by @jkreileder in #278
• Bump step-security/harden-runner from 2.7.0 to 2.7.1 by @dependabot in #280
• Bump actions/dependency-review-action from 4.2.5 to 4.3.1 by @dependabot in #279
• Bump actions/dependency-review-action from 4.3.1 to 4.3.2 by @dependabot in #281
• Bump pyright from 1.1.360 to 1.1.361 by @dependabot in #282
• Bump codecov/codecov-action from 4.3.0 to 4.3.1 by @dependabot in #283
• Add GitHub artifact attestation across registries by @jkreileder in #284
• Revert "Remove CODECOV_TOKEN (#235)" by @jkreileder in #285
• Bump ruff from 0.4.2 to 0.4.3 by @dependabot in #286
• Bump ruff from 0.4.2 to 0.4.3 by @jkreileder in #287
• Bump docker/dockerfile from 1.7.0 to 1.7.1 by @jkreileder in #288
• Bump actions/attest-build-provenance from 1.0.0 to 1.1.0 by @dependabot in #290
• Bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #289
• Update pyright to version 1.1.362 by @jkreileder in #291
• Refactor image names to use dynamic usernames by @jkreileder in #292
• Bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in #293
• Generate attestations for python artifacts and sbom by @jkreileder in #294
• Move SBOM generation after build by @jkreileder in #295
• Enhance Docker workflow security settings by @jkreileder in #296
• Generate SBOM and GitHub attestations for DockerHub, Quay, and GitHub Container Registry by @jkreileder in #297
• Rename SBOM output files for clarity by @jkreileder in #298
• Tighten egress policies for PyPi releases by @jkreileder in #299
• Update Docker and Python package workflows to allow uploads of SBOMs to GitHub releases by @jkreileder in #300
• Update workflow action versions and naming by @jkreileder in #301
• Prepare v1.0.11 by @jkreileder in #302

Full Changelog: v1.0.10...v1.0.11

v1.0.10

This is a maintenance release where we focused on updating dependencies and the Docker base image to improve the overall performance and stability of our software.

What's Changed

• Bump version to 1.0.10-dev by @jkreileder in #195
• Bump dawidd6/action-download-artifact from 3.1.2 to 3.1.3 by @dependabot in #196
• Bump github/codeql-action from 3.24.7 to 3.24.8 by @dependabot in #197
• Bump dawidd6/action-download-artifact from 3.1.3 to 3.1.4 by @dependabot in #198
• Bump docker/scout-sbom-indexer from 1.5.2 to 1.6.0 by @jkreileder in #199
• Bump slsa-github-generator from v1.9.0 to v1.9.1-rc.0 by @jkreileder in #200
• Bump importlib-metadata from 7.0.2 to 7.1.0 by @jkreileder in #201
• Bump pyright from 1.1.354 to 1.1.355 by @jkreileder in #202
• Bump slsa-github-generator from v1.9.1-rc.0 to v1.9.1 by @jkreileder in #205
• Bump actions/dependency-review-action from 4.1.3 to 4.2.3 by @dependabot in #204
• Bump EnricoMi/publish-unit-test-result-action from 2.15.1 to 2.16.0 by @dependabot in #203
• Bump slsa-github-generator from v1.9.1 to v1.10.0 by @jkreileder in #206
• Allow api.deps.dev in egress policy by @jkreileder in #207
• Bump docker/scout-action to v1.6.2 by @jkreileder in #208
• Upgrade docker/scout-sbom-indexer to version 1.6.2 by @jkreileder in #209
• Bump ruff from 0.3.3 to 0.3.4 by @jkreileder in #210
• Bump EnricoMi/publish-unit-test-result-action from 2.16.0 to 2.16.1 by @dependabot in #211
• Bump docker/scout-action from 1.6.2 to 1.6.3 by @dependabot in #212
• Bump docker/scout-sbom-indexer from 1.6.2 to 1.6.3 by @jkreileder in #213
• Add comments by @jkreileder in #214
• Bump pytest-cov from 4.1.0 to 5.0.0 by @jkreileder in #215
• Allow api.securityscorecards.dev in egress policy by @jkreileder in #218
• Bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in #216
• Bump actions/dependency-review-action from 4.2.3 to 4.2.4 by @dependabot in #217
• Update Python base images in Dockerfile by @jkreileder in #219
• Bump docker/scout-action from 1.6.3 to 1.6.4 by @dependabot in #220
• Bump actions/dependency-review-action from 4.2.4 to 4.2.5 by @dependabot in #223
• Bump codecov/codecov-action from 4.1.0 to 4.1.1 by @dependabot in #222
• Bump actions/setup-python from 5.0.0 to 5.1.0 by @dependabot in #221
• Update sbom generator to version 1.6.4 by @jkreileder in #224
• Bump pyright from 1.1.355 to 1.1.356 by @jkreileder in #225
• Bump hcloud from 1.33.2 to 1.34.0 by @jkreileder in #226
• Bump build from 1.1.1 to 1.2.0 by @dependabot in #227
• Bump build from 1.2.0 to 1.2.1 by @dependabot in #228
• Update Python base image in Dockerfile by @jkreileder in #229
• Bump python from 5dc6f84 to 5dc6f84 by @dependabot in #230
• Bump ruff from 0.3.4 to 0.3.5 by @jkreileder in #231
• Bump hcloud from 1.34.0 to 1.35.0 by @jkreileder in #232
• Bump pyright from 1.1.356 to 1.1.357 by @dependabot in #233
• Bump codecov/codecov-action from 4.1.1 to 4.2.0 by @dependabot in #234
• Remove CODECOV_TOKEN and support OIDC authentication by @jkreileder in #235
• Bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in #236
• [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in #237
• Bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #238
• Bump codecov/codecov-action from 4.2.0 to 4.3.0 by @dependabot in #239
• Bump python from 3.12.2-alpine3.19 to 3.12.3-alpine3.19 by @dependabot in #242
• Bump pyright from 1.1.357 to 1.1.358 by @dependabot in #241
• Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #240
• Bump idna from 3.6 to 3.7 by @dependabot in #245
• Bump ruff from 0.3.5 to 0.3.7 by @dependabot in #246
• Bump ruff from 0.3.5 to 0.3.7 by @jkreileder in #247
• Prepare v1.0.10 by @jkreileder in #248

New Contributors

• @pre-commit-ci made their first contribution in #237

Full Changelog: v1.0.9...v1.0.10

v1.0.9

This is a maintenance release where we focused on updating dependencies and the Docker base image to improve the overall performance and stability of our software.

v1.0.8

This is a maintenance release where we focused on updating dependencies and the Docker base image to improve the overall performance and stability of our software.

Updates

• Updated Python base image in Dockerfile for better compatibility and performance.
• Upgraded various dependencies including pyright, ruff, ruff-pre-commit, pydantic, and pip.
• Updated certifi, urllib3, and pluggy versions for improved security and functionality.
• Updated ruff and gitleaks pre-commit hooks and ruff configuration for enhanced code quality.
• Bumped various GitHub actions and Docker actions for improved CI/CD performance.
• Updated DOCKER_METADATA_ANNOTATIONS_LEVELS environment variable for better Docker metadata management.
• Bumped pytest from 7.4.4 to 8.0.0 for improved testing capabilities.

v1.0.7

Maintenance release:

Added

• Check passed arguments in test_main (#74)
• Add CPython implementation to classifiers (#61)
• Pin pre-commit hook versions (#59)
• Update Kubernetes CronJob API version (#54)
• Add SLSA3 workflows for Docker images (#50)

Changed

• Update base image shas (#73)
• Bump ruff from 0.1.13 to 0.1.14 (#72)
• Update pyyaml hashes (#71)
• Bump docker/scout-action from 1.2.2 to 1.3.0 (#67)
• Bump python from ee9a59c to 247e70c (#70)
• Bump actions/dependency-review-action from 3.1.5 to 4.0.0 (#68)
• Bump anchore/scan-action from 3.5.0 to 3.6.0 (#69)
• Bump actions/upload-artifact from 4.1.0 to 4.2.0 (#66)
• Bump github/codeql-action from 3.23.0 to 3.23.1 (#65)
• Refactor: Modularize Cloudflare, hcloud firewall, config and logging functionality into separate modules (#64)
• Update pyright to version 1.1.347 (#63)
• Update pyright to version 1.1.346 (#62)
• Bump actions/upload-artifact from 4.0.0 to 4.1.0 (#60)
• Bump ruff from 0.1.12 to 0.1.13 (#58)
• Bump ruff from 0.1.11 to 0.1.12 (#57)
• Bump python from c805c5e to ee9a59c (#55)
• Bump actions/download-artifact from 4.1.0 to 4.1.1 (#53)
• Bump github/codeql-action from 3.22.12 to 3.23.0 (#52)
• Bump anchore/scan-action from 3.4.0 to 3.5.0 (#51)

v1.0.6

Maintenance release:

Added

• Test cases for command line arguments in test_main.py and test_version.py (#46)
• Add objects.githubusercontent.com to allowed hosts (#45)
• Upgrade instructions for pipx and pip
• Error handling for unreadable configuration files or directories (#37)
• Integration of SLSA provenance generation (#36)
• Recommended ignore rules for Ruff

Changed

• Fixed PyPI badge link (#47)
• Updated pyright to version 1.1.345 (#43)
• Updated docker/metadata-action from 5.4.0 to 5.5.0 (#42)
• Updated badges in README.md (#40)
• Updated cloudflare from 2.15.1 to 2.16.0 (#38)
• Updated actions/dependency-review-action from 3.1.4 to 3.1.5 (#39)
• Updated hcloud to v1.33.2
• Updated ruff to v0.1.11
• Enabled more lint rules and adapted code to them

Removed

• Scanning of context and builder for sbom (#44)
• Superfluous ruff target-version

Security

• Updated anchore/scan-action from 3.3.8 to 3.4.0 (#34)

v1.0.5

Fixed

• Resolved issues with Docker image signing through a rebuild. This ensures the
  integrity and authenticity of the Docker images.

v1.0.4

Changed

• Improved log messages for better clarity and understanding.

Performance Improvements

• Reduced Docker image size for faster download and deployment.

Testing

• Added more tests to improve code coverage and reliability.

Notes

• No functional changes were made in this release. The focus was on improvements
  and optimizations.