python-tuf
python-tuf copied to clipboard
theupdateframework
Python reference implementation of The Update Framework (TUF)
We already have `TargetFile.from_data() / TargetFile.from_file()` to calculate hashes and length for a target. We should optionally support hashes and length for Metafile too (but likely the API is not...
**Description of issue or feature request**: The CII best practice silver badge requires a *roadmap that describes what the project intends to do and not do*. We currently provide the...
The following warning can be found in current GitHub Windows runner build logs. ``` WARNING: test command found but not installed in testenv cmd: C:\hostedtoolcache\windows\Python\3.8.10\x64\python3.EXE env: D:\a\python-tuf\python-tuf\.tox\py Maybe you forgot...
*Supersedes https://github.com/theupdateframework/python-tuf/issues/1006* **Description of issue or feature request**: #1790 removes `QUICKSTART.md` because it is severely outdated. The new [client and repo examples](https://github.com/theupdateframework/python-tuf/tree/e0736d6d75e344b10ac128e5798cde3136ccc9cf/examples) should be a good replacement to quickly get...
**Description of issue or feature request**: #1790 removes severely outdated [ATTACKS.md](https://github.com/theupdateframework/python-tuf/blob/e0736d6d75e344b10ac128e5798cde3136ccc9cf/tuf/ATTACKS.md), which demoed how python-tuf protects against the attacks [TUF is designed for](https://theupdateframework.github.io/specification/v1.0.28/index.html#goals-to-protect-against-specific-attacks). Such documentation, if up-to-date, still seems like...
**Description of issue or feature request**: I run 1coverage` locally to find out at how many places do we miss unit test coverage. We are pretty good right now with...
**Description of issue or feature request**: **Current behavior**: No clear distinction of different documentation types in `docs` directory. **Expected behavior**: Clear distinction of different documentation types in `docs` directory, e.g....
**Description of issue or feature request**: Inside `tox.ini` we have defined a test case where we test against latest changes in securesystemslib master: https://github.com/theupdateframework/python-tuf/blob/fc9b42fa5d4e887821189055b9f44fa0f04f0885/tox.ini#L31 I wanted to try it out,...
**Description of issue or feature request**: Project releases should include [in-toto](https://in-toto.github.io/) metadata that can be used to validate the integrity of the release's software supply chain. **Current behavior**: Developer signatures...
Add [tap12](https://github.com/theupdateframework/taps/blob/master/tap12.md) to the reference implementation. This TAP allows for greater flexibility in how keyids are generated. This will require the following changes to the client: - [x] Remove all...
Metadata
Owner
Metadata
Python reference implementation of The Update Framework (TUF)