add_key() -> add_verification_key()
remove_key() -> remove_verification_key()
release.json -> snapshot.json
Update repository_tool-diagram.png
Update README following the renamed functions and release role changes.
Minor edits, such as removing lint left over from a previous merge conflict.
Allow leading os.sep for target and restricted paths listed in metadata. Previously, '{repository directory}/targets/file.txt' was listed as 'file.txt' and unsuccessfully compared against '/', or the root-most targets directory. Now, '/file.txt' & '/' and similar examples may be compared and verified.
Fix issue where a hashed bin with empty targets was flagged as invalid because its targets did not produce a path hash prefix that matched any of those listed in the parent role. Uncovered with _ensure_all_targets_allowed().
Minor edits to code that compared paths and and used path separators.
Changed behavior:
Write metadata only if the uncompressed version has not been written, has changed, or if
compressed versions are missing (if requested). Not only is re-saving unmodified metadata not ideal, it also forces a new version of the release file if compressed metadata is rewritten. gzip attaches a timestamp to compressed files, which may cause compressed content to generate different digests if independently written.
Update libtuf.py comments.
Minor edit to docstrings of previous commit that addressed interposition issues.
Move 'tuf.client.updater.Updater.refresh()' call in interposition to its updater's __init__(). The refresh() was previously executed on every target request.
Add tuf.interposition.refresh() for integrations that may require a manual refresh of top-level metadata (rare).
