#17054
This was used as part of the release of fleetd 1.22.0 to the `edge`
channel.
I added more automation to ease releasing fleetd. (They were too many
manual clicks and error prone actions.)
The new script was used for the fleetd v1.20.0 release #15991:
```
/path/to/fleet/tools/tuf/promote_edge_to_stable.sh orbit 1.20.0
/path/to/fleet/tools/tuf/promote_edge_to_stable.sh desktop 1.20.0
```
And to release osqueryd 5.11.0 to stable the following can be executed:
```
/path/to/fleet/tools/tuf/promote_edge_to_stable.sh osqueryd 5.11.0
```
* Update go-tuf to v0.5.0
This was triggered by the security advisory
[GHSA-3633-5h82-39pq](https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-3633-5h82-39pq).
Fleet's use of go-tuf is not vulnerable to this issue due to not using
key thresholds greater than 1.
There were some API changes that necessitate changing the initialization
code for the TUF client. See
https://github.com/theupdateframework/go-tuf/issues/379 for further
discussion.
* Add changes file
* Update default root metadata
* Add review changes to update-go-tuf branch
* Update tests
* Add more checks to roots output
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
