Elgato_dark/python-tuf
1
0
Fork 0
mirror of https://github.com/theupdateframework/python-tuf synced 2026-05-24 10:08:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
python-tuf/tuf
History
Lukas Puehringer 3e249f5bdd Make Metadata a container class (WIP) 
This commit performs restructuring on the recently added metadata
class model architecture, which shall be part of a new simple TUF
API.

The key change is that the Metadata class is now used as container
for inner TUF metadata (Root, Timestamp, Snapshot, Targets) instead
of serving as base class for these, that means we use 'composition'
instead of 'inheritance'. Still, in order to aggregate common
attributes of the inner Metadata (expires, version, spec_version),
we use a new baseclass 'Signed', which also corresponds to the
signed field of the outer metadata container.

Based on prior observations in TUF's sister project in-toto, this
architecture seems to more closely represent the metadata model as
it is defined in the specification (see in-toto/in-toto#98 and
in-toto/in-toto#142 for related discussions).

Note that the proposed changes require us to now access some
attributes/methods via the signed attribute of a Metadata object
and not directly on the Metadata object, but it would be possible
to add short-cuts. (see todo notes in doc header).

Further changes include:
 - Add minimal doc header with TODO notes

 - Make attributes that correspond to fields in TUF JSON metadata
public again. There doesn't seem to be a good reason to protect
them with leading underscores and use setters/getters instead, it
just adds more code.

 - Generally try to reduce code.

 - Remove keyring and consistent_snapshot attributes from metadata
   class. As discussed in #1060 they are a better fit for extra
   management code (also see #660)

- Remove sslib schema checks (see TODO notes about validation in
  doc header)

 - Drop usage of build_dict_conforming_to_schema, it seems a lot
   simpler and more explicit to just code this here.

 - ... same goes for make_metadata_fileinfo

 - Adapt tests accordingly

TODO: Document!!!
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-07-10 16:05:53 +02:00
..
api Make Metadata a container class (WIP) 2020-07-10 16:05:53 +02:00
client Port to new securesystemslib w abstract filesystem 2020-05-12 22:16:50 +01:00
scripts Merge pull request #989 from joshuagl/logger 2020-03-11 14:33:35 +01:00
__init__.py release: 0.12.2 2020-01-10 15:43:44 -05:00
ATTACKS.md fix-up the document spelling mistake 2019-08-27 14:41:24 +08:00
developer_tool.py Port to new securesystemslib w abstract filesystem 2020-05-12 22:16:50 +01:00
download.py Use __name__ for loggers, per convention 2020-03-03 10:36:39 +00:00
exceptions.py Use __name__ for loggers, per convention 2020-03-03 10:36:39 +00:00
formats.py Skip an optional keyword in the schema 2020-07-02 10:32:19 +01:00
keydb.py Use __name__ for loggers, per convention 2020-03-03 10:36:39 +00:00
log.py Use __name__ for loggers, per convention 2020-03-03 10:36:39 +00:00
mirrors.py Remove deprecated securesystemslib.formats schemas 2019-09-17 10:28:10 +01:00
README-developer-tools.md Remove or edit remaining instances of 'restricted paths' 2018-01-19 14:20:38 -05:00
README.md Link to CLI.md from getting started and readme docs 2018-02-06 17:00:24 -05:00
repository_lib.py Load full target file info for delegated targets 2020-06-09 16:48:42 +03:00
repository_tool.py Load full target file info for delegated targets 2020-06-09 16:48:42 +03:00
roledb.py Use __name__ for loggers, per convention 2020-03-03 10:36:39 +00:00
settings.py Port to new securesystemslib w abstract filesystem 2020-05-12 22:16:50 +01:00
sig.py Use __name__ for loggers, per convention 2020-03-03 10:36:39 +00:00
unittest_toolbox.py Rename license files in modules 2018-02-05 11:31:19 -05:00

README.md

Quickstart

CLI

Tutorial