Justin Cappos
Justin Cappos
Dropping @SophiaUgo until she approves her conflict statement. @anvega , you're ready to go!
> How do I drop my conflict statement @justin Cappos > […](#) > On Sat, Aug 3, 2024 at 7:53 PM Justin Cappos ***@***.***> wrote: Dropping @SophiaUgo until she approves...
Semver seems to be the standard / expected. One concern is whether it would match the gittuf client version number. I would argue for something that clearly doesn't match the...
I think you're aiming in a good direction here. We're also starting to think more about how to deal with situations where some of the targets files are meant to...
I assume you'd treat it in the same way as not having a gittuf repo before. I can't think of another sane option. However, also do consider that this could...
Note, this tracking issue is specific to the Witness implementation and isn't reflective of issues in the in-toto specification.
Thanks for reaching out. I believe this is supported by the spec, but we'd like to make this more explicit. Right now, we were planning to make CBOR support clear...
I need to understand this case better, but in general, my feeling is the RSL should always represent an append-only log of up-to-date actions. This is important to stop the...
Isn't a fork just like a bunch of local commits that weren't pushed to the central repo? Can't you treat it as such? On Mon, Dec 9, 2024 at 12:44 ...
In TUF we made the decision to have a field for items which can be safely ignored by clients that do not understand them. While this has been a messy...