diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index ca04c17d..ad158955 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -1,5 +1,32 @@ # Changelog +## v0.14.0 +### Added +* Added a mechanism to the Updater to disable the hash prefix for target files + even when `consistent_snapshot` is enabled for a repository (#1102) + +### Changed +* Updater now uses keyids provided in the metadata, rather than re-calculating + keyids using `keyid_hash_algorithms` (#1014, #1121) +* When loading an existing repository the keyids provided in the metadata will + be used, rather than re-calculating keyids using `keyid_hash_algorithms` (#1014, #1121) +* Improve reliability and performance of tests by removing sleep calls, instead + use polling to check whether the simple_server is ready to accept + connections (#1096) +* Only calculate lengths and hashes of files listed by timestamp and snapshot + metadata when those lengths and hashes will be included in the metadata (#1097) +* Re-raise chained exceptions explicitly per PEP 3134 (#1116) +* Remove use of `securesystemslib.settings.HASH_ALGORITHMS`, instead pass + desired algorithms explicitly to securesystemslib's + `keys.format_metadata_to_key` (#1016) + +### Fixed +* Better adhere to the detailed client workflow in the specification by + ensuring that a newly downloaded root metadata file is verified with a + threshold of its own signatures (#1101) +* Update a delegating role's metadata when adding a new verification key to a + delegated role (#1037) + ## v0.13.0 ### Added * Add support for BLAKE hash functions (#993) diff --git a/docs/RELEASE.md b/docs/RELEASE.md index 09a959b4..04439759 100644 --- a/docs/RELEASE.md +++ b/docs/RELEASE.md @@ -1,8 +1,8 @@ # Release process -* Ensure docs/CHANGELOG.md contains a one-line summary of each [notable +* Ensure `docs/CHANGELOG.md` contains a one-line summary of each [notable change](https://keepachangelog.com/) since the prior release -* Update setup.py and `tuf/__init__.py` to the new version number vA.B.C +* Update `setup.py` and `tuf/__init__.py` to the new version number vA.B.C * Test packaging, uploading to Test PyPI and installing from a virtual environment * Remove existing dist build dirs * Create source dist `python setup.py sdist` @@ -10,12 +10,13 @@ * Sign the dists `gpg --detach-sign -a dist/tuf-vA.B.C.tar.gz` * Upload to test PyPI `twine upload --repository testpypi dist/*` * Verify the uploaded package https://testpypi.python.org/pypi/tuf/ -* Create a PR with updated CHANGELOG.md and version bumps +* Create a PR with updated `CHANGELOG.md` and version bumps * Once the PR is merged, pull the updated `develop` branch locally * Create a signed tag matching the updated version number on the merge commit `git tag --sign vA.B.C -m "vA.B.C"` * Push the tag to GitHub `git push origin vA.B.C` -* Create a new release on GitHub, copying the CHANGELOG.md entries for the release +* Create a new release on GitHub, copying the `CHANGELOG.md` entries for the + release * Create a package for the formal release * Remove existing dist build dirs * Create source dist `python setup.py sdist` diff --git a/setup.py b/setup.py index 396edc43..cee67ac8 100755 --- a/setup.py +++ b/setup.py @@ -78,7 +78,7 @@ setup( name = 'tuf', - version = '0.13.0', # If updating version, also update it in tuf/__init__.py + version = '0.14.0', # If updating version, also update it in tuf/__init__.py description = 'A secure updater framework for Python', long_description = long_description, long_description_content_type='text/markdown', diff --git a/tuf/__init__.py b/tuf/__init__.py index 2c2601bf..681f31e7 100755 --- a/tuf/__init__.py +++ b/tuf/__init__.py @@ -2,7 +2,7 @@ # setup.py has it hard-coded separately. # Currently, when the version is changed, it must be set in both locations. # TODO: Single-source the version number. -__version__ = "0.13.0" +__version__ = "0.14.0" # This reference implementation produces metadata intended to conform to # version 1.0.0 of the TUF specification, and is expected to consume metadata