Lukas Pühringer
2ee1cc2540
Merge pull request #2061 from theupdateframework/dependabot/pip/urllib3-1.26.11
...
build(deps): bump urllib3 from 1.26.10 to 1.26.11
2022-08-01 11:46:37 +02:00
dependabot[bot]
3e1fa8b47e
build(deps): bump github/codeql-action from 2.1.16 to 2.1.17
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3e7e3b32d0...0c670bbf04 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-29 10:19:57 +00:00
dependabot[bot]
6edf9191de
build(deps): bump pypa/gh-action-pypi-publish from 1.5.0 to 1.5.1
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](717ba43cfb...37f50c210e )
---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-27 16:36:56 +00:00
Joshua Lock
3516cc36b6
Merge pull request #2063 from joshuagl/joshuagl/gitattr
...
Update gitattributes for test data
2022-07-26 19:25:08 +01:00
Joshua Lock
9b16160d16
Merge pull request #2064 from joshuagl/joshuagl/promo
...
Make the developer docs and blog more discoverable
2022-07-26 19:24:50 +01:00
dependabot[bot]
139749779c
build(deps): bump urllib3 from 1.26.10 to 1.26.11
...
Bumps [urllib3](https://github.com/urllib3/urllib3 ) from 1.26.10 to 1.26.11.
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/1.26.11/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.10...1.26.11 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-26 17:16:37 +00:00
Joshua Lock
f8df202323
Link to python-tuf blog from README
...
Signed-off-by: Joshua Lock <jlock@vmware.com>
2022-07-26 17:38:14 +01:00
Joshua Lock
689c37b90e
Link to developer docs from python-tuf blog
...
Signed-off-by: Joshua Lock <jlock@vmware.com>
2022-07-26 17:38:14 +01:00
Joshua Lock
588ba82a5e
Update gitattributes for test data
...
The test data should not be modified, regardless of host and settings
Signed-off-by: Joshua Lock <jlock@vmware.com>
2022-07-26 17:37:55 +01:00
Joshua Lock
ff6ec11b3b
Fix pyproject.toml license field ( #2065 )
...
Per PEP 621 this should be a table, not a string. This resolves failures
installing on systems with newer setuptools (v61.3.0 or newer:
https://setuptools.pypa.io/en/latest/history.html#v61-3-0 ).
Signed-off-by: Joshua Lock <jlock@vmware.com>
2022-07-26 12:00:18 -04:00
Martin Vrachev
addb199100
Fix comment about SuccinctRoles zero-padding
...
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2022-07-21 22:39:31 +03:00
Martin Vrachev
a872eb5b6d
Hash bin delegation example: save versioned files
...
If we have a goal of making metadata that can just be served to clients,
then these (and the parent metadata) should have versioned filenames.
Change the file names of the delegated files in the
hashed_bin_delegation.py to versioned.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2022-07-21 22:39:31 +03:00
Martin Vrachev
b8ea2fb9b9
Add an example script about succinct roles usage
...
Add a basic example script showing all features of the succinct hash bin
delegations and the available API calls of SuccinctRoles.
The explanations are used to promote the usage of succinct hash bin
delegations by explaining it well enough so our users can understand
the API limitations and how to use them and at the same time I tried not
going into too many details of the SuccinctRoles math as its
implementation is inside tuf/api/metadata.py and there there are
explanations about that.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2022-07-21 22:39:31 +03:00
Martin Vrachev
bfcd3a54a2
Simplifications on hashed_bin_delegatio example
...
We no longer need or use SPEC_VERSION variable defined in the
begging of the script.
Additionally, I decided to add a small addition to the "roles"
type annotation as that gives better context to the syntax highlighter
of VS code.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2022-07-21 22:33:46 +03:00
Martin Vrachev
7d389f3fcd
Downloading from a repository with many targets
...
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2022-07-20 19:09:51 +03:00
Martin Vrachev
e94dca6d1a
Tests: download a target with succonct_roles
...
Add test downloading a target file when succonct_roles is used and as
such test the whole updater downloading workflow.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2022-07-20 17:42:47 +03:00
dependabot[bot]
5d3c436620
build(deps): bump mypy from 0.961 to 0.971
...
Bumps [mypy](https://github.com/python/mypy ) from 0.961 to 0.971.
- [Release notes](https://github.com/python/mypy/releases )
- [Commits](https://github.com/python/mypy/compare/v0.961...v0.971 )
---
updated-dependencies:
- dependency-name: mypy
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-20 10:10:22 +00:00
Lukas Pühringer
e07fa27762
Merge pull request #2050 from theupdateframework/dependabot/pip/cryptography-37.0.4
...
build(deps): bump cryptography from 37.0.3 to 37.0.4
2022-07-19 12:00:02 +02:00
Lukas Pühringer
e3ed9e156b
Merge pull request #2053 from theupdateframework/dependabot/pip/urllib3-1.26.10
...
build(deps): bump urllib3 from 1.26.9 to 1.26.10
2022-07-19 11:40:42 +02:00
Lukas Pühringer
507b6725fb
Merge pull request #2055 from theupdateframework/dependabot/pip/coverage-6.4.2
...
build(deps): bump coverage from 6.4.1 to 6.4.2
2022-07-19 11:29:04 +02:00
Lukas Pühringer
e00e854841
Merge pull request #2054 from theupdateframework/dependabot/github_actions/actions/setup-python-4.1.0
...
build(deps): bump actions/setup-python from 4.0.0 to 4.1.0
2022-07-19 11:26:37 +02:00
Lukas Pühringer
43f5db694d
Merge pull request #2057 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-2.0.4
...
build(deps): bump actions/dependency-review-action from 2.0.2 to 2.0.4
2022-07-19 11:23:47 +02:00
Lukas Pühringer
2e11651151
Merge pull request #2058 from theupdateframework/dependabot/github_actions/github/codeql-action-2.1.16
...
build(deps): bump github/codeql-action from 2.1.15 to 2.1.16
2022-07-19 11:22:08 +02:00
dependabot[bot]
559136132e
build(deps): bump coverage from 6.4.1 to 6.4.2
...
Bumps [coverage](https://github.com/nedbat/coveragepy ) from 6.4.1 to 6.4.2.
- [Release notes](https://github.com/nedbat/coveragepy/releases )
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst )
- [Commits](https://github.com/nedbat/coveragepy/compare/6.4.1...6.4.2 )
---
updated-dependencies:
- dependency-name: coverage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-19 09:21:00 +00:00
Lukas Pühringer
764414aa87
Merge pull request #2059 from theupdateframework/dependabot/pip/pylint-2.14.5
...
build(deps): bump pylint from 2.14.4 to 2.14.5
2022-07-19 11:20:10 +02:00
dependabot[bot]
5f047e0bac
build(deps): bump pylint from 2.14.4 to 2.14.5
...
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.14.4 to 2.14.5.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.14.4...v2.14.5 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-18 10:08:05 +00:00
dependabot[bot]
a49d8cbc8d
build(deps): bump github/codeql-action from 2.1.15 to 2.1.16
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.15 to 2.1.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3f62b754e2...3e7e3b32d0 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-14 10:21:41 +00:00
dependabot[bot]
f617ae5d77
build(deps): bump actions/dependency-review-action from 2.0.2 to 2.0.4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.0.2 to 2.0.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](1c59cdf2a9...94145f3150 )
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-14 10:21:36 +00:00
dependabot[bot]
deb9633879
build(deps): bump actions/setup-python from 4.0.0 to 4.1.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d09bd5e600...c4e89fac7e )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-12 10:20:32 +00:00
Lukas Pühringer
c12be4857d
Merge pull request #2051 from abs007/patch-3
...
Updated updater.py
2022-07-12 09:34:38 +02:00
dependabot[bot]
24d14a40d6
build(deps): bump urllib3 from 1.26.9 to 1.26.10
...
Bumps [urllib3](https://github.com/urllib3/urllib3 ) from 1.26.9 to 1.26.10.
- [Release notes](https://github.com/urllib3/urllib3/releases )
- [Changelog](https://github.com/urllib3/urllib3/blob/1.26.10/CHANGES.rst )
- [Commits](https://github.com/urllib3/urllib3/compare/1.26.9...1.26.10 )
---
updated-dependencies:
- dependency-name: urllib3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-08 10:15:11 +00:00
Abhisman Sarkar
c9505ae3cc
Updated updater.py
...
Changed None to ``None`` in the docstring
Signed-off-by: Abhisman Sarkar <abhisman.sarkar@gmail.com>
2022-07-07 08:17:39 +05:30
dependabot[bot]
bd1292f5b1
build(deps): bump cryptography from 37.0.3 to 37.0.4
...
Bumps [cryptography](https://github.com/pyca/cryptography ) from 37.0.3 to 37.0.4.
- [Release notes](https://github.com/pyca/cryptography/releases )
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst )
- [Commits](https://github.com/pyca/cryptography/compare/37.0.3...37.0.4 )
---
updated-dependencies:
- dependency-name: cryptography
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-06 10:08:57 +00:00
Jussi Kukkonen
b5e952cee3
Merge pull request #2046 from theupdateframework/dependabot/pip/cffi-1.15.1
...
build(deps): bump cffi from 1.15.0 to 1.15.1
2022-07-04 12:18:10 +03:00
Jussi Kukkonen
b68df2ba65
Merge pull request #2035 from MVrachev/bump-spec-version
...
Bump supported spec version to 1.0.30
2022-07-04 12:07:11 +03:00
dependabot[bot]
0eafff56f0
build(deps): bump cffi from 1.15.0 to 1.15.1
...
Bumps [cffi](http://cffi.readthedocs.org ) from 1.15.0 to 1.15.1.
---
updated-dependencies:
- dependency-name: cffi
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 10:10:46 +00:00
Jussi Kukkonen
1aed4bd80e
Merge pull request #2033 from theupdateframework/dependabot/pip/charset-normalizer-2.1.0
...
build(deps): bump charset-normalizer from 2.0.12 to 2.1.0
2022-07-01 09:39:04 +03:00
dependabot[bot]
533bbbd5cd
build(deps): bump charset-normalizer from 2.0.12 to 2.1.0
...
Bumps [charset-normalizer](https://github.com/ousret/charset_normalizer ) from 2.0.12 to 2.1.0.
- [Release notes](https://github.com/ousret/charset_normalizer/releases )
- [Changelog](https://github.com/Ousret/charset_normalizer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/ousret/charset_normalizer/compare/2.0.12...2.1.0 )
---
updated-dependencies:
- dependency-name: charset-normalizer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 06:32:47 +00:00
Jussi Kukkonen
a40c47ef27
Merge pull request #2044 from theupdateframework/dependabot/pip/requests-2.28.1
...
build(deps): bump requests from 2.28.0 to 2.28.1
2022-07-01 09:31:40 +03:00
Jussi Kukkonen
155a2d5a30
Merge pull request #2045 from theupdateframework/dependabot/pip/pylint-2.14.4
...
build(deps): bump pylint from 2.14.3 to 2.14.4
2022-07-01 09:29:23 +03:00
dependabot[bot]
d673b5bb61
build(deps): bump pylint from 2.14.3 to 2.14.4
...
Bumps [pylint](https://github.com/PyCQA/pylint ) from 2.14.3 to 2.14.4.
- [Release notes](https://github.com/PyCQA/pylint/releases )
- [Commits](https://github.com/PyCQA/pylint/compare/v2.14.3...v2.14.4 )
---
updated-dependencies:
- dependency-name: pylint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-30 11:01:13 +00:00
dependabot[bot]
89ef9d386e
build(deps): bump requests from 2.28.0 to 2.28.1
...
Bumps [requests](https://github.com/psf/requests ) from 2.28.0 to 2.28.1.
- [Release notes](https://github.com/psf/requests/releases )
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md )
- [Commits](https://github.com/psf/requests/compare/v2.28.0...v2.28.1 )
---
updated-dependencies:
- dependency-name: requests
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-30 11:01:05 +00:00
Jussi Kukkonen
80d6e737a3
Merge pull request #2043 from theupdateframework/dependabot/github_actions/github/codeql-action-2.1.15
...
build(deps): bump github/codeql-action from 2.1.14 to 2.1.15
2022-06-29 14:53:36 +03:00
dependabot[bot]
b869320624
build(deps): bump github/codeql-action from 2.1.14 to 2.1.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.14 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](41a4ada31b...3f62b754e2 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-29 10:37:50 +00:00
Jussi Kukkonen
1796947059
Merge pull request #2042 from theupdateframework/dependabot/pip/black-22.6.0
...
build(deps): bump black from 22.3.0 to 22.6.0
2022-06-29 11:25:58 +03:00
Jussi Kukkonen
ff4879e7a8
Merge pull request #2036 from theupdateframework/dependabot/pip/cryptography-37.0.3
...
build(deps): bump cryptography from 37.0.2 to 37.0.3
2022-06-29 11:21:52 +03:00
dependabot[bot]
dfe51f921c
build(deps): bump black from 22.3.0 to 22.6.0
...
Bumps [black](https://github.com/psf/black ) from 22.3.0 to 22.6.0.
- [Release notes](https://github.com/psf/black/releases )
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md )
- [Commits](https://github.com/psf/black/compare/22.3.0...22.6.0 )
---
updated-dependencies:
- dependency-name: black
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-28 10:07:12 +00:00
Jussi Kukkonen
8a03abfdeb
Merge pull request #2039 from MVrachev/add-test-case
...
SuccinctRoles.is_delegated_role() add a test case
2022-06-27 22:14:19 +03:00
Jussi Kukkonen
c5f74c6a9b
Merge pull request #2041 from abs007/develop
...
Grammar fix
2022-06-27 15:47:33 +03:00
Abhisman Sarkar
9f1c86f4a9
Grammar Fix
...
Fixed a grammatical error in a comment in utils.py
Signed-off-by: Abhisman Sarkar <abhisman.sarkar@gmail.com>
2022-06-27 18:09:43 +05:30