sigstore-rs icon indicating copy to clipboard operation
sigstore-rs copied to clipboard

Published 20 hours ago verified publisher icon sigstore

Regression: TUF contents are not saved to disk anymore

Open flavio opened this issue 1 year ago • 2 comments
trafficstars

Description

Up to version 0.7.2, the SigstoreRepository::fetch method took care of synchronizing the contents of a local checkout of Sigstore's TUF repository.

Now (v0.8.0 being latest stable release), the SigstoreTrustRoot::new method tries to take advantage of a local cache of the TUF repository, but it doesn't update the local contents.

The code that takes care of synchronizing the local cache is still part of the sigstore-rs codebase, but it's no longer being used.

flavio avatar Apr 09 '24 10:04 flavio

Apologies for the regression. #311 reworks the target fetching functionality and caches the trust root correctly.

tnytown avatar Apr 09 '24 15:04 tnytown

@tnytown no worries, ping me on the other PR when it's ready to be reviewed

flavio avatar Apr 10 '24 07:04 flavio

Closing, this has been fixed

flavio avatar Sep 17 '24 10:09 flavio