Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
6674 commits 28 branches 35 tags 23 MiB
Commit graph

519 commits

Author SHA1 Message Date
Jussi Kukkonen
85ce3e87e1 Prepare 7.0 release 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2026-05-18 10:49:12 +03:00
Jussi Kukkonen
36c0f08f34 docs: Remove some obsolete advice 
Governance docs does not need to talk about linting tools.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2026-03-23 12:21:57 +02:00
1seal
d5fa0b0594 address review feedback: remove redundant root.json writes, rename docs section 
Signed-off-by: 1seal <security@1seal.org>
 2026-02-19 14:46:40 +01:00
1seal
c49bdb9322 feat(ngclient): require explicit bootstrap argument 
make bootstrap required and explicit: callers must pass bootstrap=<root_bytes> or bootstrap=None.

also tighten docs, examples, and tests to reflect the explicit trust anchor choice.

Signed-off-by: 1seal <security@1seal.org>
 2026-01-25 11:58:09 +00:00
Jussi Kukkonen
b690d8f573 docs: Include version number in docs 
Otherwise on readthedocs it's not clear what version "latest" is.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2025-03-14 15:00:33 +02:00
Jussi Kukkonen
44eed614f0 Prepare v6.0 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2025-03-11 11:41:10 +02:00
Dimitri Papadopoulos
4a28307270
Fix typos 
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
 2025-03-10 22:06:30 +01:00
Jussi Kukkonen
98fcd7160c Changelog: Add missing entries 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2025-02-20 10:56:23 +02:00
Nicholas Tanzillo
326529bf99
Merge branch 'theupdateframework:develop' into switchUrlLib3 2025-01-29 16:38:21 -05:00
Kairo Araujo
467e806614
Merge pull request #2749 from jku/test-fixes 
Unit test infrastructure fixes
 2025-01-06 15:25:55 +01:00
NicholasTanz
18e42cea52 replacing RequestsFecther with Urllib3Fetcher in .rst 
Signed-off-by: NicholasTanz <nicholastanzillo@gmail.com>
 2025-01-06 02:55:15 -05:00
Jussi Kukkonen
6d5c5cd867 requirements: pynacl is no longer needed 
This is obsolete by now.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2024-12-31 11:05:43 +02:00
Jussi Kukkonen
28a031f039 tests: Remove aggregate_tests.py 
This was essentially unused now (originally it was used to
randomize the test order).

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2024-12-11 10:11:49 +02:00
Joshua Lock
a52d8f4902 docs: Joshua retiring as a maintainer 
Stepping down as I have insufficient bandwidth to meaningfully contribute.

Signed-off-by: Joshua Lock <joshuagloe@gmail.com>
 2024-11-12 18:40:47 +00:00
Jussi Kukkonen
72d0cea91b Prepare v5.1.0 release 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2024-10-07 10:12:15 +03:00
Kairo de Araujo
107cd2a258 docs: include kairoaraujo info in MAINTAINERS.txt 
Add Kairo de Araujo information to the docs/MAINTAINERS.txt

Including my PGP fingerprint for future signatures.

Signed-off-by: Kairo de Araujo <kairo@dearaujo.nl>
 2024-09-24 08:15:39 +02:00
Jussi Kukkonen
34744cd753
docs: Add CODEOWNERS file (#2701) 2024-09-16 16:00:16 +03:00
Trishank Karthik Kuppusamy
bcfefce5c3
Update MAINTAINERS.txt 
Removing myself because, just like with go-tuf, I unfortunately do not have the bandwidth for active maintenance, and do not wish to be in the way. I thank you all very much for the opportunity, and your continued service.

Signed-off-by: Trishank Karthik Kuppusamy <trishank.kuppusamy@datadoghq.com>
 2024-07-24 13:23:43 -04:00
Kapil Sharma
292fb0f774
Updating Contributing guidelines and copy-pastable code (#2642) 
* Make commands easier to copy

Signed-off-by: h4l0gen <ks3913688@gmail.com>
Signed-off-by: Kapil Sharma <ks3913688@gmail.com>
 2024-06-04 09:33:49 +03:00
h4l0gen
35a29bbf1d
fix url link 
Signed-off-by: h4l0gen <ks3913688@gmail.com>
 2024-05-21 17:09:14 +05:30
Lukas Pühringer
d3d2ac187a
Update docs/CHANGELOG.md 
Co-authored-by: Jussi Kukkonen <jku@goto.fi>
Signed-off-by: Lukas Pühringer <luk.puehringer@gmail.com>
 2024-05-14 10:38:38 +02:00
Lukas Puehringer
bce5039196 Rlease v5.0.0 
* Bump version
* Add changelog

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2024-05-14 10:16:41 +02:00
Jussi Kukkonen
928702a8ac Release v4.0.0 
This is a major bump only because of Metadata API, ngclient is
compatible with 3.x.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2024-04-04 10:25:18 +03:00
Jussi Kukkonen
10841c6a23 tox: Add auto-format and and auto-fix 
"tox -e fix" will fix whatever ruff knows how to fix automatically.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2024-03-07 12:01:03 +02:00
Jussi Kukkonen
f82e0bb88d docs: Incorporate review suggestions 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2024-02-29 15:54:18 +02:00
Jussi Kukkonen
1b03ac240e docs: Improve CONTRIBUTING 
* Remove outdated info on linters
* Move DCO info to the top: no-one will find it in the bottom

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2024-02-27 16:38:29 +02:00
Lukas Puehringer
c0c21ca52f Release python-tuf 3.1.0 
* Update changelog
* Bump version

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2023-10-13 10:23:07 +02:00
Lukas Pühringer
9316a45662
Merge pull request #2392 from joshuagl/joshuagl/affiliation 
Update Joshua's affiliation
 2023-05-15 09:24:43 +02:00
Joshua Lock
cca3ce1026 Update Joshua's affiliation 
Recently changed employer

Signed-off-by: Joshua Lock <joshua.lock@uk.verizon.com>
 2023-05-12 12:01:38 +01:00
Jussi Kukkonen
85cbb1c7b2 docs: Document PyPI Trusted Publishing 
Fixes #2386

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2023-05-10 10:31:35 +03:00
Jussi Kukkonen
0c107c6a8b Release python-tuf 3.0.0 
* Update changelog
* Bump version

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2023-05-09 11:42:49 +03:00
Jussi Kukkonen
70555f6e1b build: shorten requirements file names 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2023-02-06 14:52:07 +02:00
Jussi Kukkonen
33829fdbab build: Move requirements file to a directory 
We already have 6 files and I'm planning to add another one: maybe it's
time to move these out of the top level directory.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2023-02-06 14:50:47 +02:00
Lukas Pühringer
d2c12f2d14
Merge pull request #2165 from jku/no-key 
Move (most of) Key to Securesystemslib
 2023-01-31 09:20:44 +01:00
Lukas Puehringer
9811ac3568 python-tuf 2.1.0 
* update changelog
* bump version

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2023-01-26 16:26:38 +01:00
Jussi Kukkonen
7f04a6e888
Merge pull request #2276 from jku/securesystemslib-blog 
Add new blog post about the signer API
 2023-01-26 14:35:43 +02:00
Jussi Kukkonen
388768db3d Add new blog post about the signer API 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2023-01-26 11:37:47 +02:00
Jussi Kukkonen
236bc9f070 docs: Tweak API docs to include RequestsFetcher 
This only documents the configurable attributes
and not the inherited methods.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2023-01-25 16:07:12 +02:00
Jussi Kukkonen
2202a83d82 docs: Remove securesystemslib mock import 
We want to document some securesystemslib classes (Key gets documented
with this change already as it's part of the metadata API).

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2023-01-17 17:45:28 +02:00
gkum99
791879d6a6 fixes #1568 Include python-tuf version in documentation 
Signed-off-by: gkum99 <h20220014@goa.bits-pilani.ac.in>
 2022-11-30 19:17:28 +05:30
Lukas Puehringer
9a54677ee9 Update security policy to use new reporting 
- Enabled new GitHub feature (beta) to privately report security
  issues to all maintainers in repo settings.
  https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability

- Updated security policy document to instruct reporters to use the
  new reporting mechanism instead of email+pgp.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2022-11-15 17:01:16 +01:00
Lukas Puehringer
e4d0c6d6df Fix wrong count in security audit blog post 
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2022-10-26 16:59:57 +02:00
Joshua Lock
8bb117a739 Add post on python-tuf security audit by x41 
Signed-off-by: Joshua Lock <jlock@vmware.com>
 2022-10-26 09:02:37 -04:00
Lukas Pühringer
f0e08bac6d
Merge pull request #2098 from mnm678/securitymd 
Add SECURITY.md
 2022-09-09 10:06:04 +02:00
Marina Moore
9c099972ed move security.md to docs folder 
Signed-off-by: Marina Moore <mnm678@gmail.com>
 2022-09-08 15:12:13 -04:00
Jussi Kukkonen
f4c70cc2d3 Update my maintainer email 
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
 2022-09-05 13:39:22 +03:00
Lukas Puehringer
6874747268 python-tuf 2.0.0 
* Update Changelog
* bump version

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Co-authored-by: Joshua Lock <jlock@vmware.com>
 2022-08-16 09:36:40 +02:00
Joshua Lock
689c37b90e Link to developer docs from python-tuf blog 
Signed-off-by: Joshua Lock <jlock@vmware.com>
 2022-07-26 17:38:14 +01:00
Lukas Pühringer
f2609aba7d
Merge pull request #2010 from MVrachev/tap15-final-design 2022-06-17 13:24:18 +02:00
Martin Vrachev
c6488f0588 SuccinctRoles: add readme information 
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
 2022-06-17 13:33:01 +03:00