Jussi Kukkonen
Jussi Kukkonen
The API uses `bytes` as type for all file contents. This is fine for certs and signatures, but the input files can be arbitrarily large: the API should not force...
I'm not a complete beginner and I still have trouble understanding what exactly I can actually verify with sigstore-python at the moment... It would be helpful if there was an...
The fact that TUF metadata contains the non-canonical form of the payload is a known issue (see https://github.com/secure-systems-lab/dsse for future plans). While we wait for the spec to evolve, I...
Since a incompatible spec version update seems to get more interest (see #2040), we should start with actually designing how spec version numbers are going to work... Who is responsible...
Currently creating e.g. succinct delegations looks like this ``` BIT_LENGTH = int(math.log2(NUMBER_OF_BINS)) succinct_roles = SuccinctRoles( keyids=[bins_key.keyid], threshold=THRESHOLD, bit_length=BIT_LENGTH, name_prefix=NAME_PREFIX, ) delegations_keys_info: Dict[str, Key] = {} delegations_keys_info[bins_key.keyid] = bins_key targets.signed.delegations =...
* Remove bandit * Add ruff ruleset "flake8-bandit" * verify_release is now checked by bandit * Avoid some asserts as suggested * ignore a subprocess.run lint: it seems dumb *...
ruff linter has 50 or so [rulesets](https://docs.astral.sh/ruff/rules/) that can be enabled. Currently we enable 6 good ones, but could enable more. ### Instructions * Pick a ruleset that is not...
Use `RUFF_OUTPUT_FORMAT=github` when on GitHub: this gives inline linter annotations
tox.ini contains a call to `ruff check`. Documentation talks about `--output-format=github` option that apparently might enable inline comments in github... We should test this: * add `--output-format=github` to the "ruff...
I wonder if `Repository.get_delegating_role(role: str) -> str` would be useful * In my implementations I end up looking up the delegating role of a role quite a lot. * if...