Add a 'Documentation' entry to project_urls pointing to our stable docs
on readthedocs.io. This will result in a 'Documentation' entry under the
'Project links' section on PyPI.
Signed-off-by: Joshua Lock <jlock@vmware.com>
Invoking setup.py directly is deprecated, see:
https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.html
Therefore:
* remove the executable bit from setup.py's permissions
* remove the shebang entry from setup.py
* update the comments in setup.py to recommend using build to create dists
and pip to install them
Signed-off-by: Joshua Lock <jlock@vmware.com>
Python 3.10 is released on October 4-th 2021 and it seems
logical to add support for it as it doesn't require any major effort
from the project.
For reference read:
https://www.python.org/downloads/release/python-3100/
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
For users of legacy client (tuf/client/) this is purely a security fix
release with no API or functionality changes. For ngclient and Metadata
API, some API changes are included.
All users are advised to upgrade.
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
The v0.18.0 release was made with the changes from #1566, resulting in
a release with sources which don't match the git tag. Rectify this with
a brown bag point release.
Signed-off-by: Joshua Lock <jlock@vmware.com>
Updated/removed documented commands and comments which were referencing Python2. Also updated links to documentation referencing Python2 docs (unchanged where needed)
Signed-off-by: Samuel Gregorovic <samuelgregorovic@gmail.com>
Signed-off-by: samuelgregorovic <samuelgregorovic@gmail.com>
Remove use of six
Signed-off-by: Velichka Atanasova <avelichka@vmware.com>
Replace the use of dict.items(mydict) with mydict.items(), dict.keys(mydict) with mydict.keys() and dict.values(mydict) with mydict.values()
Signed-off-by: Velichka Atanasova <avelichka@vmware.com>
Replace 'import urllib' and 'import urllib.x' with 'from urllib import x' for vendor compatibility
Signed-off-by: Velichka Atanasova <avelichka@vmware.com>
In the securesystemslib pr https://github.com/secure-systems-lab/securesystemslib/pull/319
I added a new Signer interface with the purpose of supporting multiple
signing implementations.
Additionally, I added the SSlibSigner implementation of that interface
which implements the signing operation for rsa, ed25519 and ecdsa
schemes.
With this commit, I integrate the SSlibSigner into the new API in tuf.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
While doing packaging works I noticed that
pypi file 'tuf.egg-info/requires.txt' was modified on build.
Let's sort dependencies alphabetically
to avoid lint to change sources files.
Signed-off-by: Philippe Coval <rzr@users.sf.net>
Remove references to, and handling of, Python 2.7 in our project scaffolding:
- updated python_requires in setup.py to state our intent to support
Python 3.6 and above (but not Python 4, yet)
- Drop no longer required dependencies in setup.py, and requirements-*.txt
(further refinement of requirements files will be handled in #1161)
- Remove Python 2.7 from our tox environments
Signed-off-by: Joshua Lock <jlock@vmware.com>
Python 3.5 has now reached its end-of-life and has been retired.
https://www.python.org/dev/peps/pep-0478/
The optional (but highly recommended) 'cryptography' dependency
has also just dropped support for 3.5. Continuing support for 3.5
in TUF does not seem worth the effort.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Python 3.9 is released on October 5-th 2020 and it seems
logical to add support for it.
For reference read:
https://docs.python.org/3/whatsnew/3.9.html
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Our 'expires' strings are constrained by the ISO8601_DATETIME_SCHEMA
which matches regex '\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z'. This can be
parsed with just a datetime.strptime(): iso8601 module is not needed.
* Add formats.expiry_string_to_datetime() helper function
* Modify the 3 locations that used iso8601 and the api/metadata.py usage
of datetime.strptime()
* Remove related unnecessary logger setup
* Add the missing exception documentation to relevant functions (in many
cases the exception is rather unlikely as the schema has been verified
many times before this though...)
Fixes#1065
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
tests/simple_server.py was copied to tuf/scripts/ to "make testing
easier" (cf84d3f51f), although with
the current test setup the original (and recently patched to fix an
Windows/Py2 test issue) test simple_server.py can be used just as
well.
This commit:
- removes tuf/scripts/simple_server.py
Note: that version slightly differed from the original test
server, probably due to demands by the linter that is only executed
on the tuf core code and not on the tests. However, for the testing
purposes of simple_server.py these changes (i.e., `SystemRandom()`,
`if __name__ =='__main__':`) are not necessary.
- updates the tests that used tuf.scripts.simple_server to instead
use tests.simple_server,
- updates setup.py to not install the simple_server module as
script, when installing tuf, as it is only a testing script and
not meant for end-user usage.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
- Drop 3.4 (due to end-of-life) and add 3.7 and 3.8 to tox, travis
and appveyor configuration for automated testing.
- Adapt classifiers in setup.py accordingly.
- Add python_requires field in setup.py to reflect supported
versions. This will prevent pip from trying to install tuf on
a non-supported version.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Previous commit isn't going to work: read wasn't defined. Code
provided was from here:
https://packaging.python.org/guides/single-sourcing-package-version/
and is a little more complicated than is ideal. It'll also match
comment lines if they exist. Single-sourcing version number isn't
necessary for this pull request, but if I was going to do it, I'd
probably add a VERSION file and have tuf/__init__.py and setup.py
each read that in. There could be problems with that, too. I'm
going to punt on this and keep the version in two places and we
can fix that less urgently. (Also, the user agent reporting a
version seems less critical in any case than the rest of the PR.)
Version info will now be in two locations and require update in
tandem.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
