pull_requests: 1341641607
This data as json
| id | node_id | number | state | locked | title | user | body | created_at | updated_at | closed_at | merged_at | merge_commit_sha | assignee | milestone | draft | head | base | author_association | auto_merge | repo | url | merged_by |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 1341641607 | PR_kwDOAMm_X85P99OH | 7826 | closed | 0 | Bump pypa/gh-action-pypi-publish from 1.8.5 to 1.8.6 | 49699333 | Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.8.5 to 1.8.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pypa/gh-action-pypi-publish/releases">pypa/gh-action-pypi-publish's releases</a>.</em></p> <blockquote> <h2>v1.8.6</h2> <h2>What's Updated</h2> <ul> <li><a href="https://github.com/sponsors/woodruffw"><code>@woodruffw</code></a> dropped the references to a “private beta” from the project docs and runtime in <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/147">pypa/gh-action-pypi-publish#147</a>. He also clarified that the API tokens are still more secure than passwords in <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/150">pypa/gh-action-pypi-publish#150</a>.</li> <li><a href="https://github.com/sponsors/asherf"><code>@asherf</code></a> noticed that the action metadata incorrectly marked the <code>password</code> field as required and contributed a correction in <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/151">pypa/gh-action-pypi-publish#151</a></li> <li><a href="https://github.com/sponsors/webknjaz"><code>@webknjaz</code></a> moved the Trusted Publishing example to the top of the README in hopes that new users would default to using it via <a href="https://github.com/pypa/gh-action-pypi-publish/commit/f47b34707fd264d5ddb1ef322ca74cf8e4cf351b">https://github.com/pypa/gh-action-pypi-publish/commit/f47b34707fd264d5ddb1ef322ca74cf8e4cf351b</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/sponsors/asherf"><code>@asherf</code></a> made their first contribution in <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/pull/151">pypa/gh-action-pypi-publish#151</a></li> </ul> <p><strong>Full Diff</strong>: <a href="https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.5...v1.8.6">https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.5...v1.8.6</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/a56da0b891b3dc519c7ee3284aff1fad93cc8598"><code>a56da0b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/151">#151</a> from asherf/trusted</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/e4b903174144ed1ae155796f72e117b95cf30c3f"><code>e4b9031</code></a> password input is no longer required, since not specifying it implies trusted...</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/5a085bf49e449ba94cc551efdc03b14b2be3788c"><code>5a085bf</code></a> Merge pull request <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/150">#150</a> from trail-of-forks/tob-doc-tweaks</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/0811f991bd3b72bc79a131736a1966d9df922f60"><code>0811f99</code></a> README: small doc tweaks</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/f47b34707fd264d5ddb1ef322ca74cf8e4cf351b"><code>f47b347</code></a> 📝🎨 Put OIDC on pedestal @ README</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/7a1a355fb5ad6afb4e8f748ad036708c1c61c396"><code>7a1a355</code></a> 🎨 Show GH environments use in README examples</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/3b6670b0bd04d54039641fb3b2ac878aad9d70fc"><code>3b6670b</code></a> Merge pull request <a href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/147">#147</a> from trail-of-forks/tob-stabilize-oidc</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/c008c2f40abc7b85467b393f3b78e67391ffa7f8"><code>c008c2f</code></a> README: re-add OIDC note</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/fe431ff9ad22d027a59d866e45c4e40d93d8ce57"><code>fe431ff</code></a> README, oidc-exchange: remove beta references</li> <li><a href="https://github.com/pypa/gh-action-pypi-publish/commit/c542b72dc68d2280248f2d864ba901e0c31a3ee7"><code>c542b72</code></a> Bump WPS flake8 plugin set to v0.17.0</li> <li>Additional commits viewable in <a href="https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.5...v1.8.6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> | 2023-05-08T06:56:59Z | 2023-05-08T21:24:30Z | 2023-05-08T21:24:29Z | 2023-05-08T21:24:29Z | 306310050f6278f4d8107159c9c3649fbd6b5dea | 0 | 6abfa81bc39df65d267eccd15715e6fedda757f6 | 2cce9f6539a02a7bdc37a722b6965a51be29a8dd | CONTRIBUTOR | 13221727 | https://github.com/pydata/xarray/pull/7826 |
Links from other tables
- 2 rows from pull_requests_id in labels_pull_requests