Make contributing document header sentence case for consistency
with other docs and shorten menu name in side navbar to stand out
less.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Replace custom installation section in contribution docs with
pointer to updated installation documentation.
Also configure sphinx autosectionlabel for cross-document refs.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Update severely outdated installation documentation.
- Simplify "Simple Installation" section
- Update "Release Verification" section to actually verify a tuf
release and with a key of an active maintainer
- Update and simplify section about non-python dependencies
(just point to installation instructions for underlying crypto
backends, they are up-to-date and have become a lot easier)
- Add "Development installation" section
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
If a securesystemslib.FormatError is raised inside
Key.from_securesystemslib_key() then reraise ValueError.
This is done so that our users don't have to import securesystemslib
in order to handle the error and because the securesystemslib error
itself is securesystemslib implementation-specific.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
docutils is a sphinx-rtd-theme requirement: pinning was done
to workaround a bug that seems to now be fixed.
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
This change updates some obvious and unnecessary fields docs in the
Metadata API with more despriptive details
Signed-off-by: Ivana Atanasova <iyovcheva@vmware.com>
This change unifies as mush as the context allows and improves the
use of definite vs. indefinite vs. no article across docs in the
Metadata API. It sticks to no article in most cases for simplisity
and readability, but leaves definite article where it's strictly
necessary
Signed-off-by: Ivana Atanasova <iyovcheva@vmware.com>
This change unifies wording across docs in the Metadata API, like
Args vs. Arguments and same repetitive descriptions written
differently in different classes/methods
Signed-off-by: Ivana Atanasova <iyovcheva@vmware.com>
This change unifies quotes to double backtick across docs in the
Metadata API in order to provide better visualisation
Signed-off-by: Ivana Atanasova <iyovcheva@vmware.com>
List our licenses in the license field of setup.cfg
While the PyPA packaging documentation states that the license field is
optional[1] and that classifiers should be the main way to indicate
license, this field is used to populate the License printed by pip show.
1. https://packaging.python.org/en/latest/guides/distributing-packages-using-setuptools/#licenseFixes#1833
Signed-off-by: Joshua Lock <jlock@vmware.com>
We should handle the possible SerializationError inside
Key.verify_signature(), because the user of this API is not interested
in SerializationError when he is trying to verify his signature.
Note that the SerializationError can be thrown when calling
signed_serializer.serialize() on the metadata signed part.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
This allows us to control when our workflows change.
Dependabot should now open PRs when the actions update.
This still leaves the actual OS image as a variable but Github does not
support pinning that: we'd have to start using our own containers (and
installing our own pythons, etc) to do that -- not worth the trouble.
Fixes#1826
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
Document ValueError, KeyError and TypeError exceptions for __init__ and
from_dict() methods in Metadata API.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
It's not obvious to casual reader that reading metadata and then
writing it might not always produce the same file. It's also not
immediately obvious why this matters.
Document both concepts.
Fixes#1392
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
This reverts commit 55d6cb47da.
According to changelog setup-python v2.3.2 should include a workaround
for the issue.
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
I looked into all changes between our current version 1.0.19 and the
current version of the specification 1.0.28 and I agree with Jussi that
the only one not fully resolved is:
"8dafd00 (tag: v1.0.24) Clarify optional attributes" and more precisely
the changes from commit:
4dd279bc31
It doesn't make sense to have a target file without "paths" or
"path_hash_prefixes", so our `python-tuf requirement to have at least
one of them set makes sense.
Both with Jussi we agreed that we can easily loosen this requirement if
when solving https://github.com/theupdateframework/specification/issues/200
it's decided that both of them can be omitted,
but for now, we decided it's better to stick to our current requirement
to have one of them set.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>