Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
3096 commits 28 branches 35 tags 23 MiB
Commit graph

3096 commits

This branch
This branch
All branches
Author SHA1 Message Date
Vladimir Diaz
2376ec7562
Update third-party deps in dev-requirements.txt 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-12 15:50:59 -04:00
Vladimir Diaz
677f7d3cfa
Merge pull request #743 from theupdateframework/edit_comment_test_indefinite 
Add test 3 to summary of conducted tests
 2018-06-12 11:16:15 -04:00
Vladimir Diaz
b48c974021
Merge branch 'develop' into edit_comment_test_indefinite 2018-06-12 09:19:26 -04:00
Vladimir Diaz
bc35b8ac3e
Add test 3 to the summary of conducted tests 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-12 09:18:47 -04:00
Vladimir Diaz
7403777117
Merge pull request #737 from theupdateframework/fix_736_freeze 
WIP: Fix 736: Rebuild roledb in refresh() even if root unchanged
 2018-06-12 09:14:23 -04:00
Sebastien Awwad
e9cd01e18a
DOC: Clarify comment on freeze attack test 
to indicate the source of the freeze issue

Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
 2018-06-11 16:10:21 -04:00
Vladimir Diaz
6373c26032
Merge branch 'develop' into fix_736_freeze 2018-06-11 13:03:54 -04:00
Vladimir Diaz
621ec3a76b
Add test condition for the persistent freeze attack 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-11 11:48:14 -04:00
Vladimir Diaz
f49316177f
Wrap the refresh() line that sets consistent snapshot 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-11 10:32:06 -04:00
Vladimir Diaz
9b6c91a015
Refresh delegated metadata to fix test_mix_and_match_attack.py failure 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-11 10:27:22 -04:00
Vladimir Diaz
e92680f850
Fix test_multiple_repositories_integration and edit whitespace in updater.py 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-11 10:02:11 -04:00
Vladimir Diaz
43efa42489
Document new refresh() change in its docstring 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-11 09:56:09 -04:00
Vladimir Diaz
18a5aa4809
Make slight revision to comment about always refreshing top-level metadata in refresh() 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-11 09:42:15 -04:00
Vladimir Diaz
47dbdbaf5c
Discuss the special case where metadata is marked obselete and deleted 
Also document the assumption that the metadata store is the latest and exists in _update_metadata()

Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-08 10:20:34 -04:00
Vladimir Diaz
c8fcab9d19
Merge pull request #740 from vladimir-v-diaz/option_auto_sign_release 
Add repo.py --no_release option to disable auto signing Snapshot and Timestamp
 2018-06-07 13:31:00 -04:00
Vladimir Diaz
d7feacbff5
Verify --no_release with --sign, edit comment in repo.py and document change in CLI.md 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-07 11:03:20 -04:00
Vladimir Diaz
81cc8e3fe7
Verify --no_release option and document/revise CLI sections for --delegate and --revoke 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-07 10:39:24 -04:00
Vladimir Diaz
d45ff75efe
Verify --no_release with --remove and document the behavior in CLI.md 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-07 09:33:10 -04:00
Vladimir Diaz
de9eb7f5ac
Document --no_release in CLI.md 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-07 09:20:21 -04:00
Vladimir Diaz
2e2b1dd232
Add --no_release option to repo.py 
The --no_release option applies to:
(1) delegate()
(2) revoke()
(3) sign_role()
(4) add_targets()
(5) remove_targets()

Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-06 17:14:58 -04:00
Vladimir Diaz
2d892f2ff9
Merge pull request #739 from vladimir-v-diaz/update_sslib_dependency 
Update SSLib dependency
 2018-06-04 16:05:22 -04:00
Vladimir Diaz
6efd0a46a7
Install extra SSLib dependencies in appveyor.yml 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-04 15:15:01 -04:00
Vladimir Diaz
be4e31c969
Update installation instructions to mention extra dependencies 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-04 14:52:05 -04:00
Vladimir Diaz
919f40a064
Add SSLib extra dependencies to ci-requirements.txt 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-04 14:43:01 -04:00
Vladimir Diaz
af8b117ad6
Upgrade SSLib dependency in setup.py (0.11.1 -> 0.11.2) 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-04 14:41:24 -04:00
Vladimir Diaz
6f3275b0f0
Upgrade SSLib dependency in setup.py (0.11.1 -> 0.11.2) 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-04 14:40:29 -04:00
Vladimir Diaz
2e03818d56
Add requirements.txt (generated by pip-compile, includes hashes) 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-04 14:36:03 -04:00
Vladimir Diaz
7c60134477
Add requirements.in, which we use with pip-tools to generate requirements.txt 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-06-04 14:34:56 -04:00
Sebastien Awwad
e18d3db1db
Fix 736: Rebuild roledb in refresh() even if root unchanged 
In order to avoid freezes if role info is deleted due to prior
validation failures, make sure that roledb is rebuilt during
client tuf.client.updater.refresh(), even if root did not need
to be updated.

See Issue 736 for more details.

Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
 2018-05-30 16:24:39 -04:00
Vladimir Diaz
76ca2e8364
Merge pull request #735 from vladimir-v-diaz/add_comment_for_socket_behavior 
Explain via comment how to deal with socket exceptions.  Address #728.
 2018-05-30 11:30:29 -04:00
Vladimir Diaz
0713648697
Explain via comment how to deal with function call that might raise socket exceptions 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-30 11:18:17 -04:00
Vladimir Diaz
7740beb644
Merge pull request #734 from vladimir-v-diaz/replace_percent_escapes_in_url 
Replace %xx escapes in urls
 2018-05-29 13:15:52 -04:00
Vladimir Diaz
ff120795fb
Replace %xx escapes in urls 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-25 10:54:53 -04:00
Vladimir Diaz
cc8e2ced12
Merge pull request #733 from vladimir-v-diaz/add_py3.4-5_appveyor 
Add Python 3.4 & 3.5 to appveyor.yml
 2018-05-22 14:59:48 -04:00
Vladimir Diaz
3937019229
Add Python 3.4 & 3.5 to appveyor.yml 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-22 13:43:08 -04:00
Vladimir Diaz
33b5420711
Merge pull request #731 from vladimir-v-diaz/update_dependency 
Update gitpython dependency in dev-requirements.txt
 2018-05-21 13:37:09 -04:00
Vladimir Diaz
0f587454b2
Merge pull request #730 from vladimir-v-diaz/tweak_settings.py 
Tweak settings.py for production environments
 2018-05-21 13:36:10 -04:00
Vladimir Diaz
f32c3466e0
Update gitpython dependency in dev-requirements.txt 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-21 12:13:10 -04:00
Vladimir Diaz
6322ed1530
Tweak settings.py for production environments 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-21 11:59:30 -04:00
Vladimir Diaz
a6068de996
Merge pull request #729 from vladimir-v-diaz/pure-python-crypto_issue#727 
Generate Ed25519 keys by default.  Address issue#727
 2018-05-21 10:41:33 -04:00
Vladimir Diaz
6031669984
Edit CLI.md to note that Ed25519 keys are generated by default 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-18 15:17:08 -04:00
Vladimir Diaz
6683d6e25f
Generate Ed25519 key with --key, by default 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-18 15:11:20 -04:00
Vladimir Diaz
55123ab73e
Generate Ed25519 keys in repo.py, by default 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-18 15:07:52 -04:00
Vladimir Diaz
625de9c401
Merge pull request #726 from vladimir-v-diaz/convert_README_markdown 
Convert README to markdown
 2018-05-17 13:01:58 -04:00
Vladimir Diaz
8986e9c773
Replace README.rst with README.md in setup.py 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-17 11:50:11 -04:00
Vladimir Diaz
c02e479209
Update virtualenv dependency 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-17 11:49:38 -04:00
Vladimir Diaz
d003275c3a
Use logo that doesn't include text 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-17 11:36:39 -04:00
Vladimir Diaz
68568d8b73
Minor edit to text and height of logo 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-17 11:32:49 -04:00
Vladimir Diaz
4ee8a52b67
Fix logo link 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-17 11:25:50 -04:00
Vladimir Diaz
bf07c21b16
Edit badge links 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-05-17 11:14:26 -04:00