Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
6224 commits 28 branches 35 tags 23 MiB
Commit graph

6 commits

Author SHA1 Message Date
Lukas Puehringer
9a54677ee9 Update security policy to use new reporting 
- Enabled new GitHub feature (beta) to privately report security
  issues to all maintainers in repo settings.
  https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability

- Updated security policy document to instruct reporters to use the
  new reporting mechanism instead of email+pgp.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2022-11-15 17:01:16 +01:00
Marina Moore
9c099972ed move security.md to docs folder 
Signed-off-by: Marina Moore <mnm678@gmail.com>
 2022-09-08 15:12:13 -04:00
Lukas Puehringer
3533d8aa98 doc: remove duplicate outdated docs 
These documents are also hosted on our website and in a better
shape too (kudos to @jhdalek55!). There is no need to maintain
outdated duplicates.

This patch removes the documents and updates references as needed.

Note, the full history of these docs can be tracked in the old
archived website repo and in the new one (filenames may vary in
case and extension):
old: https://github.com/theupdateframework/theupdateframework.github.io
new: https://github.com/theupdateframework/theupdateframework.io/tree/master/content

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
 2022-01-13 17:02:53 +01:00
Joshua Lock
3dc5594242 Update links to account for repository rename 
We have renamed the repository from tuf->python-tuf

Signed-off-by: Joshua Lock <jlock@vmware.com>
 2021-09-01 11:15:33 +01:00
Lukas Puehringer
42a4cee56c Add slow retrieval disclaimer 
Since https://github.com/theupdateframework/tuf/pull/781 we
only provide limited protection against slow retrieval attacks.
So far this has only been discussed in above issue and hinted at
by a disabled test and a code comment in that test.

This change adds a corresponding disclaimer to a more prominent
place, i.e. the list of attacks in SECURITY.md.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Co-Authored-By: Trishank K Kuppusamy <33133073+trishankatdatadog@users.noreply.github.com>
 2019-10-10 16:43:46 +02:00
Vladimir Diaz
5aecea70b9
Move docs to the docs/ directory 
Signed-off-by: Vladimir Diaz <vladimir.v.diaz@gmail.com>
 2018-01-24 10:57:01 -05:00
Renamed from SECURITY.md (Browse further)