python-tuf

mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00

Author	SHA1	Message	Date
Lukas Pühringer	6d7cac4ea3	Merge pull request #2250 from jku/not-so-optional ngclient: Remove "Optional" from helper props	2023-01-10 12:23:17 +01:00
Lukas Pühringer	d8e7b8c81e	Merge pull request #2252 from jku/tox4 tox: Add python3 to allow list, bump tox to 4.x	2023-01-09 13:35:00 +01:00
Jussi Kukkonen	27bf9c61d6	tox: Add python3 to allow list, bump tox to 4.x Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2023-01-02 12:58:43 +02:00
Jussi Kukkonen	6e90bc99bb	Merge pull request #2253 from theupdateframework/dependabot/pip/cryptography-39.0.0 build(deps): bump cryptography from 38.0.4 to 39.0.0	2023-01-02 12:19:00 +02:00
dependabot[bot]	5e1947b662	build(deps): bump cryptography from 38.0.4 to 39.0.0 Bumps [cryptography](https://github.com/pyca/cryptography) from 38.0.4 to 39.0.0. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/38.0.4...39.0.0) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-01-02 10:02:46 +00:00
Jussi Kukkonen	e1d15887a8	ngclient: Remove "Optional" from helper props The properties in TrustedMetadataSet are a bit difficult to use with static typing since they return Optional but in many cases we know the "None"-case is impossible. Remove None from annotation: the idea is that calling the property getter too early is a programming error: it will result in KeyError which is consistent: * trusted_set["timestamp"] raises KeyError if timestamp is not set * trusted_set.timestamp raises KeyError if timestamp is not set Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2022-12-27 16:56:32 +02:00
Jussi Kukkonen	26e872ad4c	Merge pull request #2215 from aditya-shrivastavv/metaclass-fix changed depreciated __metaclass__ to metaclass	2022-12-27 13:48:36 +02:00
Aditya Shrivastav	42cb50b15b	Merge branch 'theupdateframework:develop' into metaclass-fix	2022-12-27 16:28:43 +05:30
adityashrivastav1	086216f7cc	unused variable removed, inheritance fixed Signed-off-by: adityashrivastav1 <aditya.shri9981@gmail.com>	2022-12-27 16:27:17 +05:30
adityashrivastav1	2c15c75e50	class FetcherInterface() changed to FetchterInterface(abc.ABC) Signed-off-by: adityashrivastav1 <aditya.shri9981@gmail.com> signed off Signed-off-by: adityashrivastav1 <aditya.shri9981@gmail.com>	2022-12-27 15:44:54 +05:30
Jussi Kukkonen	ba9ea5b88c	Merge pull request #2230 from fridex/pydocstyle-imperative-mood Fix pydocstyle D401: first line should be in imperative mood	2022-12-27 11:47:46 +02:00
Jussi Kukkonen	e5856f7c91	Merge pull request #2233 from fridex/tuf-ngclient-api Provide __all__ for tuf.ngclient module	2022-12-27 11:28:33 +02:00
Jussi Kukkonen	47add9758f	Merge pull request #2240 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-3.0.2 build(deps): bump actions/dependency-review-action from 3.0.1 to 3.0.2	2022-12-27 11:03:58 +02:00
dependabot[bot]	6c07c7c414	build(deps): bump actions/dependency-review-action from 3.0.1 to 3.0.2 Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.0.1 to 3.0.2. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](`11310527b4...0ff3da6f81`) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-27 08:47:28 +00:00
Jussi Kukkonen	41a20350d9	Merge pull request #2243 from trail-of-forks/ww/recategorize-logs tuf: move INFO logs to DEBUG or WARNING	2022-12-27 10:43:26 +02:00
Jussi Kukkonen	0fb59246ff	Merge pull request #2249 from theupdateframework/dependabot/pip/coverage-7.0.1 build(deps): bump coverage from 6.5.0 to 7.0.1	2022-12-27 10:34:35 +02:00
dependabot[bot]	1d2408a6f6	build(deps): bump coverage from 6.5.0 to 7.0.1 Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.5.0 to 7.0.1. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.5.0...7.0.1) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-26 10:02:34 +00:00
Jussi Kukkonen	2acea003fc	Merge pull request #2245 from theupdateframework/dependabot/github_actions/ossf/scorecard-action-2.1.2 build(deps): bump ossf/scorecard-action from 2.1.0 to 2.1.2	2022-12-23 12:37:01 +02:00
Jussi Kukkonen	8a0b7f85e4	Merge pull request #2244 from theupdateframework/dependabot/pip/isort-5.11.4 build(deps): bump isort from 5.11.3 to 5.11.4	2022-12-23 12:36:02 +02:00
Jussi Kukkonen	a814319e87	Merge pull request #2248 from theupdateframework/dependabot/github_actions/actions/setup-python-4.4.0 build(deps): bump actions/setup-python from 4.3.1 to 4.4.0	2022-12-23 12:34:47 +02:00
dependabot[bot]	681c134e09	build(deps): bump actions/setup-python from 4.3.1 to 4.4.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.3.1 to 4.4.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](`2c3dd9e7e2...5ccb29d877`) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-23 10:22:10 +00:00
William Woodruff	7b89dd9532	api/metadata: third time's the charm Signed-off-by: William Woodruff <william@trailofbits.com>	2022-12-22 09:56:35 -05:00
dependabot[bot]	483d31c7a9	build(deps): bump ossf/scorecard-action from 2.1.0 to 2.1.2 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.0 to 2.1.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](`937ffa90d7...e38b1902ae`) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-22 10:06:51 +00:00
dependabot[bot]	d2264118d2	build(deps): bump isort from 5.11.3 to 5.11.4 Bumps [isort](https://github.com/pycqa/isort) from 5.11.3 to 5.11.4. - [Release notes](https://github.com/pycqa/isort/releases) - [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md) - [Commits](https://github.com/pycqa/isort/compare/5.11.3...5.11.4) --- updated-dependencies: - dependency-name: isort dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-22 10:02:19 +00:00
William Woodruff	d44fe52ce1	api/metadata: use debug logging Signed-off-by: William Woodruff <william@trailofbits.com>	2022-12-21 10:34:32 -05:00
William Woodruff	408bf9ba20	api/metadata: blacken Signed-off-by: William Woodruff <william@trailofbits.com>	2022-12-20 16:44:21 -05:00
William Woodruff	2876bfd764	tuf: move INFO logs to DEBUG or WARNING Signed-off-by: William Woodruff <william@trailofbits.com>	2022-12-20 16:36:04 -05:00
Fridolin Pokorny	9ffb4a4474	Provide __all__ for tuf.ngclient module Signed-off-by: Fridolin Pokorny <fridolin.pokorny@datadoghq.com>	2022-12-20 00:17:31 +01:00
Lukas Pühringer	ea448eaed7	Merge pull request #2237 from theupdateframework/dependabot/pip/isort-5.11.3 build(deps): bump isort from 5.11.2 to 5.11.3	2022-12-19 13:28:43 +01:00
dependabot[bot]	f87d5805ca	build(deps): bump isort from 5.11.2 to 5.11.3 Bumps [isort](https://github.com/pycqa/isort) from 5.11.2 to 5.11.3. - [Release notes](https://github.com/pycqa/isort/releases) - [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md) - [Commits](https://github.com/pycqa/isort/compare/5.11.2...5.11.3) --- updated-dependencies: - dependency-name: isort dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-19 10:30:54 +00:00
Lukas Pühringer	b998297fba	Merge pull request #2238 from theupdateframework/dependabot/pip/pylint-2.15.9 build(deps): bump pylint from 2.15.8 to 2.15.9	2022-12-19 11:30:03 +01:00
Lukas Pühringer	0f404d96f4	Merge pull request #2236 from theupdateframework/dependabot/pip/tox-3.28.0 build(deps): bump tox from 3.27.1 to 3.28.0	2022-12-19 11:29:14 +01:00
dependabot[bot]	7e1c58df9d	build(deps): bump pylint from 2.15.8 to 2.15.9 Bumps [pylint](https://github.com/PyCQA/pylint) from 2.15.8 to 2.15.9. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Commits](https://github.com/PyCQA/pylint/compare/v2.15.8...v2.15.9) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-19 10:02:58 +00:00
dependabot[bot]	53c673ef12	build(deps): bump tox from 3.27.1 to 3.28.0 Bumps [tox](https://github.com/tox-dev/tox) from 3.27.1 to 3.28.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/3.28.0/docs/changelog.rst) - [Commits](https://github.com/tox-dev/tox/compare/3.27.1...3.28.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-19 10:02:49 +00:00
Lukas Pühringer	216ae641f7	Merge pull request #2193 from jku/repository-lib Repository module and example	2022-12-19 09:28:05 +01:00
Fridolin Pokorny	c4e1479003	Fix pydocstyle D401: first line should be in imperative mood Signed-off-by: Fridolin Pokorny <fridolin.pokorny@datadoghq.com>	2022-12-18 13:13:35 +01:00
Jussi Kukkonen	fd02226acb	repository: Improve dosctrings Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2022-12-17 23:09:11 +02:00
Lukas Pühringer	c6f8b5817b	Merge pull request #2197 from jku/client-robustness ngclient: Fail gracefully on missing role	2022-12-16 10:23:08 +01:00
Lukas Pühringer	99b200eff8	Merge pull request #2226 from theupdateframework/dependabot/github_actions/github/codeql-action-2.1.37 build(deps): bump github/codeql-action from 2.1.36 to 2.1.37	2022-12-16 10:19:00 +01:00
Lukas Pühringer	de802b79cc	Merge pull request #2227 from theupdateframework/dependabot/github_actions/ossf/scorecard-action-2.1.0 build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.0	2022-12-16 10:15:28 +01:00
dependabot[bot]	ca67ed9f62	build(deps): bump ossf/scorecard-action from 2.0.6 to 2.1.0 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.1.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](`99c53751e0...937ffa90d7`) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-15 10:04:26 +00:00
dependabot[bot]	8f3f5713c6	build(deps): bump github/codeql-action from 2.1.36 to 2.1.37 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.36 to 2.1.37. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`a669cc5936...959cbb7472`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-15 10:04:23 +00:00
Jussi Kukkonen	48865aede9	repository: Remove sign_only argument from close() This is only needed for threshold signing and not even used in the example: leave it to the implementations to handle for now. Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2022-12-14 20:05:56 +02:00
Jussi Kukkonen	9e9c156288	repository: remove init argument from open() This no longer seems needed: if the metadata store does not contain a single version of role, then open() can assume it is initializing. Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>	2022-12-14 19:53:43 +02:00
Lukas Pühringer	92afaaf50d	Merge pull request #2224 from theupdateframework/dependabot/pip/isort-5.11.2 build(deps): bump isort from 5.11.1 to 5.11.2	2022-12-14 11:15:15 +01:00
dependabot[bot]	09a4cc52fc	build(deps): bump isort from 5.11.1 to 5.11.2 Bumps [isort](https://github.com/pycqa/isort) from 5.11.1 to 5.11.2. - [Release notes](https://github.com/pycqa/isort/releases) - [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md) - [Commits](https://github.com/pycqa/isort/compare/5.11.1...5.11.2) --- updated-dependencies: - dependency-name: isort dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-14 10:02:10 +00:00
Lukas Pühringer	7291411ad9	Merge pull request #2222 from theupdateframework/dependabot/pip/isort-5.11.1 build(deps): bump isort from 5.10.1 to 5.11.1	2022-12-13 12:14:43 +01:00
Lukas Pühringer	9ccd4f8767	Merge pull request #2223 from theupdateframework/dependabot/github_actions/actions/checkout-3.2.0 build(deps): bump actions/checkout from 3.1.0 to 3.2.0	2022-12-13 12:11:40 +01:00
dependabot[bot]	98991d8f50	build(deps): bump actions/checkout from 3.1.0 to 3.2.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](`93ea575cb5...755da8c3cf`) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-13 10:04:50 +00:00
dependabot[bot]	8103632f76	build(deps): bump isort from 5.10.1 to 5.11.1 Bumps [isort](https://github.com/pycqa/isort) from 5.10.1 to 5.11.1. - [Release notes](https://github.com/pycqa/isort/releases) - [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md) - [Commits](https://github.com/pycqa/isort/compare/5.10.1...5.11.1) --- updated-dependencies: - dependency-name: isort dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-12-13 10:02:19 +00:00

1 2 3 4 5 ...

5499 commits