Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
5137 commits 28 branches 35 tags 23 MiB
Commit graph

5137 commits

This branch
This branch
All branches
Author SHA1 Message Date
Martin Vrachev
d8808fbdcc SuccinctRoles: add zero padding to bins 
Add zero padding to bin names inside SuccinctRoles.
Zero padding ensures that the bin names always have the same length.

This characteristic is implied in the example given by TAP 15 where
the third bin is named "alice.hbd-03". For context read TAP 15:
https://github.com/theupdateframework/taps/blob/master/tap15.md

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
 2022-06-14 18:26:08 +03:00
Martin Vrachev
9259ced68a Add SuccinctRole class 
Add SuccinctRoles class containing the information from the
succint_roles dict described in TAP 15.
This allows for easy mypy checks on the types, easy enforcement on
TAP 15 restrictions (as for example that "bit_length" must be between 1
and 32) and support for unrecognized fields inside succinct_roles
without much of a hassle.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
 2022-06-09 20:30:30 +03:00
Lukas Pühringer
b8360a2f69
Merge pull request #2017 from MVrachev/fix-eq-tests 
Tests: simplify and shorten test_metadata_eq_.py
 2022-06-08 14:48:08 +02:00
Martin Vrachev
6c2952fc2c Tests: simplify and shorten test_metadata_eq_.py 
There is a lot of repetitive code inside test_metadata_eq_.py.
Remove it by using the decorator.

I am initializing the object instances in setUpClass instead of doing it
inside the test function in order to escape the need for
reinitialization of the instances on each attribute.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
 2022-06-08 14:31:41 +03:00
Jussi Kukkonen
5910e37c54
Merge pull request #2018 from theupdateframework/dependabot/pip/pylint-2.14.1 
build(deps): bump pylint from 2.14.0 to 2.14.1
 2022-06-07 13:43:58 +03:00
dependabot[bot]
57a4e57940
build(deps): bump pylint from 2.14.0 to 2.14.1 
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.14.0 to 2.14.1.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.14.0...v2.14.1)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 10:22:22 +00:00
Jussi Kukkonen
bd9cb3b654
Merge pull request #2019 from theupdateframework/dependabot/pip/mypy-0.961 
build(deps): bump mypy from 0.960 to 0.961
 2022-06-07 13:21:45 +03:00
dependabot[bot]
ffdec52762
build(deps): bump mypy from 0.960 to 0.961 
Bumps [mypy](https://github.com/python/mypy) from 0.960 to 0.961.
- [Release notes](https://github.com/python/mypy/releases)
- [Commits](https://github.com/python/mypy/compare/v0.960...v0.961)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 10:07:37 +00:00
Jussi Kukkonen
cfcc0c3f0f
Merge pull request #1974 from naveensrinivasan/Dependency-Review-Action 
chore: Dependency Review Action
 2022-06-06 16:30:12 +03:00
Jussi Kukkonen
f31c090c6b
Merge pull request #2016 from theupdateframework/dependabot/pip/coverage-6.4.1 
build(deps): bump coverage from 6.4 to 6.4.1
 2022-06-06 09:23:26 +03:00
dependabot[bot]
6a589754c2
build(deps): bump coverage from 6.4 to 6.4.1 
Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4 to 6.4.1.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/6.4...6.4.1)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-03 10:22:08 +00:00
Marina Moore
2f2c9b20f4
Merge pull request #2015 from theupdateframework/dependabot/pip/pylint-2.14.0 
build(deps): bump pylint from 2.13.9 to 2.14.0
 2022-06-02 10:36:05 -04:00
naveensrinivasan
a5afebd1ab
Changed the tags to SHA 
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
 2022-06-02 07:01:45 -05:00
dependabot[bot]
0b3da181ff
build(deps): bump pylint from 2.13.9 to 2.14.0 
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.9 to 2.14.0.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.9...v2.14.0)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 10:06:32 +00:00
Jussi Kukkonen
46979bb46d
Merge pull request #2002 from abs007/patch-1916 
Appending Fetcher docs to state the method to be implemented.
 2022-05-31 15:17:52 +03:00
Jussi Kukkonen
e78b1aaa7d
Merge pull request #2003 from dhavalgshah/kceu22_bugbash/issue1999 
fix:  ngclient: temp_file could be undefined #1999
 2022-05-31 10:04:07 +03:00
Jussi Kukkonen
12833b08d8
Merge pull request #2013 from theupdateframework/dependabot/pip/mypy-0.960 
build(deps): bump mypy from 0.950 to 0.960
 2022-05-31 10:00:38 +03:00
dependabot[bot]
6949db0a45
build(deps): bump mypy from 0.950 to 0.960 
Bumps [mypy](https://github.com/python/mypy) from 0.950 to 0.960.
- [Release notes](https://github.com/python/mypy/releases)
- [Commits](https://github.com/python/mypy/compare/v0.950...v0.960)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-26 10:05:42 +00:00
Lukas Pühringer
e9d11962b9
Merge pull request #2006 from theupdateframework/dependabot/github_actions/actions/github-script-6.1.0 
build(deps): bump actions/github-script from 6.0.0 to 6.1.0
 2022-05-24 11:20:33 +02:00
Lukas Pühringer
0a0f2dd6b5
Merge pull request #2011 from theupdateframework/dependabot/pip/coverage-6.4 
build(deps): bump coverage from 6.3.2 to 6.4
 2022-05-24 11:12:07 +02:00
Lukas Pühringer
a586fc0be0
Merge pull request #2009 from theupdateframework/dependabot/pip/certifi-2022.5.18.1 
build(deps): bump certifi from 2021.10.8 to 2022.5.18.1
 2022-05-24 11:03:54 +02:00
dependabot[bot]
38201fb7f3
build(deps): bump coverage from 6.3.2 to 6.4 
Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.3.2 to 6.4.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/6.3.2...6.4)

---
updated-dependencies:
- dependency-name: coverage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-24 08:39:11 +00:00
Lukas Pühringer
b26ed79c20
Merge pull request #2007 from theupdateframework/dependabot/pip/pylint-2.13.9 
build(deps): bump pylint from 2.13.8 to 2.13.9
 2022-05-24 10:38:20 +02:00
Lukas Pühringer
acfbe6836d
Merge pull request #2012 from theupdateframework/dependabot/github_actions/actions/upload-artifact-3.1.0 
build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.0
 2022-05-23 13:53:55 +02:00
dependabot[bot]
2ae099c140
build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.0 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](6673cd052c...3cea537223)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-23 10:23:02 +00:00
dependabot[bot]
4d310aa24c
build(deps): bump certifi from 2021.10.8 to 2022.5.18.1 
Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.10.8 to 2022.5.18.1.
- [Release notes](https://github.com/certifi/python-certifi/releases)
- [Commits](https://github.com/certifi/python-certifi/compare/2021.10.08...2022.05.18.1)

---
updated-dependencies:
- dependency-name: certifi
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-20 10:06:23 +00:00
Abhisman Sarkar
4a2fdabc2d Fixes #1916 
The class docstring for FetcherInterface needed to clearly state that
only _fetch() had to be implemented in it's implementation. This is
because the public API of the interface is implemented already.

Signed-off-by: Abhisman Sarkar <abhisman.sarkar@gmail.com>
 2022-05-17 09:40:16 +05:30
dependabot[bot]
e1b69498ad
build(deps): bump pylint from 2.13.8 to 2.13.9 
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.8 to 2.13.9.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.8...v2.13.9)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-16 10:09:51 +00:00
dependabot[bot]
78dc59bf8b
build(deps): bump actions/github-script from 6.0.0 to 6.1.0 
Bumps [actions/github-script](https://github.com/actions/github-script) from 6.0.0 to 6.1.0.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](9ac08808f9...7a5c598405)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-13 10:17:47 +00:00
Dhaval Shah
ac7ecfb8d5 fix: Uninitialized local #1999 
Annotating local temp_file_name variable is simple than
to annotate temp_file.

Fixes #1999

Signed-off-by: Dhaval Shah <30974879+dhavalgshah@users.noreply.github.com>
 2022-05-11 12:04:36 +05:30
Lukas Pühringer
80235093d2
Merge pull request #2004 from rdimitrov/dimitrovr/fix-typo 
docs: remove a duplicated word in refresh() doc comment
 2022-05-10 11:58:11 +02:00
Radoslav Dimitrov
9d441da73b docs: remove a duplicated word in refresh() doc comment 
Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
 2022-05-10 12:29:30 +03:00
Dhaval Shah
b23c5d9fe5
fix: ngclient: temp_file could be undefined #1999 
Fixes ngclient: temp_file could be undefined #1999

Signed-off-by: Dhaval Shah <30974879+dhavalgshah@users.noreply.github.com>
 2022-05-10 00:32:20 +05:30
Jussi Kukkonen
c5ca38f0ae
Merge pull request #1996 from theupdateframework/dependabot/pip/cryptography-37.0.2 
build(deps): bump cryptography from 37.0.1 to 37.0.2
 2022-05-06 10:14:33 +03:00
dependabot[bot]
adc5770e6c
build(deps): bump cryptography from 37.0.1 to 37.0.2 
Bumps [cryptography](https://github.com/pyca/cryptography) from 37.0.1 to 37.0.2.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/37.0.1...37.0.2)

---
updated-dependencies:
- dependency-name: cryptography
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-04 10:12:49 +00:00
Jussi Kukkonen
211f2afe56
Merge pull request #1914 from jku/blog-ngclient-design 
docs: Add a blog post about ngclient design
 2022-05-04 10:01:10 +03:00
Jussi Kukkonen
ac96114309 blog: Update post date, update sloccount 
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
 2022-05-04 09:53:46 +03:00
Jussi Kukkonen
7b593f3fdb docs: Add doc links to ngclient blog post 
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
 2022-05-04 09:50:56 +03:00
Jussi Kukkonen
2d52473dd3 docs: Add a blog post about ngclient design 
Try to explain some decisions made in ngclient.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
 2022-05-04 09:50:56 +03:00
Jussi Kukkonen
096152db03
Merge pull request #1994 from theupdateframework/dependabot/pip/pylint-2.13.8 
build(deps): bump pylint from 2.13.7 to 2.13.8
 2022-05-04 09:25:51 +03:00
dependabot[bot]
384b1ab590
build(deps): bump pylint from 2.13.7 to 2.13.8 
Bumps [pylint](https://github.com/PyCQA/pylint) from 2.13.7 to 2.13.8.
- [Release notes](https://github.com/PyCQA/pylint/releases)
- [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog)
- [Commits](https://github.com/PyCQA/pylint/compare/v2.13.7...v2.13.8)

---
updated-dependencies:
- dependency-name: pylint
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-03 10:08:54 +00:00
Jussi Kukkonen
4c872e3fa6
Merge pull request #1991 from jku/no-requests-type-checking 
lint: Stop using requests annotations
 2022-05-03 10:42:01 +03:00
Jussi Kukkonen
cdca321b67
Merge pull request #1986 from theupdateframework/dependabot/pip/mypy-0.950 
build(deps): bump mypy from 0.942 to 0.950
 2022-05-03 10:36:52 +03:00
Jussi Kukkonen
dc1d1e600a
Merge pull request #1985 from theupdateframework/dependabot/pip/cryptography-37.0.1 
build(deps): bump cryptography from 36.0.2 to 37.0.1
 2022-05-03 10:34:51 +03:00
Lukas Pühringer
1efd52c7c4
Merge pull request #1975 from abs007/1937 
Checking for None instead of falsyness
 2022-05-02 09:17:06 +02:00
Abhisman Sarkar
79d924a4df Metadata API: Checking for None instead of falsyness 
Fixes #1937

Initialization of unrecognized_fields acts surprisingly when the input
container is empty. Hence, We're checking for None instead of falsyness.

Signed-off-by: Abhisman Sarkar <abhisman.sarkar@gmail.com>
 2022-04-29 22:39:48 +05:30
Jussi Kukkonen
eb23fff3af lint: Stop using requests annotations 
requests project does not maintain annotations: typeshed project tries
to do it for them, and releases the annotations as "types-requests".

There's two main problems:
* typeshed releases constantly: this means a lot of test dependency
  updates
* typeshed releases are not tagged in git: updates are impossible to
  review

The benefit we get from types-requests is minimal as there is very
little requests-related code and it does not change often.

Remove annotations to lower the test dependency update churn.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
 2022-04-29 15:27:50 +03:00
Lukas Pühringer
83f2eee19f
Merge pull request #1983 from jku/update-maintainer-permissions-list 
Update maintainers permission checklist
 2022-04-28 15:40:29 +02:00
Lukas Pühringer
b1bbd6c8e2
Merge pull request #1989 from jku/pin-hatchling-version 
build: Pin hatchling version
 2022-04-28 15:35:01 +02:00
dependabot[bot]
7ffc5db30f
build(deps): bump mypy from 0.942 to 0.950 
Bumps [mypy](https://github.com/python/mypy) from 0.942 to 0.950.
- [Release notes](https://github.com/python/mypy/releases)
- [Commits](https://github.com/python/mypy/compare/v0.942...v0.950)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-28 10:06:32 +00:00