Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
python-tuf/docs/1.0.0-ANNOUNCEMENT.md

42 lines
2.1 KiB
Markdown
Raw Permalink Normal View History

doc: announce 1.0.0 stable release * Add a document that announces a stable "modern implementation"-only 1.0.0 release, with the following contents: - the scheduled release date - contents of release (metadata API, ngclient, no legacy code) - legacy code deprecation note (adr 2) - note about lack of repository tool (adr 10) - migration instructions * Add "important notice" to head of main README, pointing to above document. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-12-01 14:22:50 +00:00
# Announcing TUF 1.0.0
doc: reword announcement about upcoming 1.0.0 Change docs in preparation of close v1.0.0 release. - Remove important notice about upcoming 1.0.0 release from README - Reword 1.0.0-ANNOUNCEMENT.md to not sound outdated after release Co-authored-by: Joshua Lock <jlock@vmware.com> Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2022-02-15 12:49:11 +00:00
Python-TUF v1.0.0 is a rewritten stable reference implementation of the TUF
specification, which *currently* includes:
doc: announce 1.0.0 stable release * Add a document that announces a stable "modern implementation"-only 1.0.0 release, with the following contents: - the scheduled release date - contents of release (metadata API, ngclient, no legacy code) - legacy code deprecation note (adr 2) - note about lack of repository tool (adr 10) - migration instructions * Add "important notice" to head of main README, pointing to above document. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-12-01 14:22:50 +00:00
- a modern low-level [*metadata
API*](https://theupdateframework.readthedocs.io/en/latest/api/tuf.api.html)
- a fully specification-compliant [*updater
client*](https://theupdateframework.readthedocs.io/en/latest/api/tuf.ngclient.html),
serving as a more robust and yet more flexible stand-in replacement
for the legacy client updater
doc: reword announcement about upcoming 1.0.0 Change docs in preparation of close v1.0.0 release. - Remove important notice about upcoming 1.0.0 release from README - Reword 1.0.0-ANNOUNCEMENT.md to not sound outdated after release Co-authored-by: Joshua Lock <jlock@vmware.com> Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2022-02-15 12:49:11 +00:00
For the reasons outlined in [ADR 10](https://github.com/theupdateframework/python-tuf/blob/develop/docs/adr/0010-repository-library-design.md
), this release *does not yet* include *repository tool*-like functionality.
However, the new *metadata API* makes it easy to replicate the desired
functionality tailored to the specific needs of any given repository (see
*Migration* for details).
doc: fix broken links in 1.0.0-ANNOUNCEMENT.md The recent move of 1.0.0-ANNOUNCEMENT.md (#1732) broke the relative links in the document. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-12-22 11:23:41 +00:00
As discussed in [ADR 2](https://github.com/theupdateframework/python-tuf/blob/develop/docs/adr/0002-pre-1-0-deprecation-strategy.md), this
doc: reword announcement about upcoming 1.0.0 Change docs in preparation of close v1.0.0 release. - Remove important notice about upcoming 1.0.0 release from README - Reword 1.0.0-ANNOUNCEMENT.md to not sound outdated after release Co-authored-by: Joshua Lock <jlock@vmware.com> Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2022-02-15 12:49:11 +00:00
release *does not* include any legacy code, as its maintenance has become
doc: announce 1.0.0 stable release * Add a document that announces a stable "modern implementation"-only 1.0.0 release, with the following contents: - the scheduled release date - contents of release (metadata API, ngclient, no legacy code) - legacy code deprecation note (adr 2) - note about lack of repository tool (adr 10) - migration instructions * Add "important notice" to head of main README, pointing to above document. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-12-01 14:22:50 +00:00
infeasible for the python-tuf team. The pre-1.0.0 deprecation strategy from ADR
2 applies as follows:
> *Bugs reported with tuf versions prior to 1.0.0 will likely not be addressed
directly by tufs maintainers. Pull Requests to fix bugs in the last release
prior to 1.0.0 will be considered, and merged (subject to normal review
processes). Note that there may be delays due to the lack of developer resources
for reviewing such pull requests.*
## Migration
Given the clean cut with the legacy reference implementation, we provide the
following migration support:
- detailed code documentation on
[https://theupdateframework.readthedocs.io](https://theupdateframework.readthedocs.io/)
doc: fix broken links in 1.0.0-ANNOUNCEMENT.md The recent move of 1.0.0-ANNOUNCEMENT.md (#1732) broke the relative links in the document. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-12-22 11:23:41 +00:00
- verbose [code examples](https://github.com/theupdateframework/python-tuf/tree/develop/examples) for *client updater* usage, and
doc: announce 1.0.0 stable release * Add a document that announces a stable "modern implementation"-only 1.0.0 release, with the following contents: - the scheduled release date - contents of release (metadata API, ngclient, no legacy code) - legacy code deprecation note (adr 2) - note about lack of repository tool (adr 10) - migration instructions * Add "important notice" to head of main README, pointing to above document. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2021-12-01 14:22:50 +00:00
repository-side operations based on the low-level *metadata API*
- individual migration support upon
[request](https://github.com/theupdateframework/python-tuf#contact)
- targeted migration support initiative for known users
Reference in a new issue Copy permalink