python-tuf/tuf/ngclient
Jussi Kukkonen f56d5267ed README: Remove limitations
There may be ways to unsafely use the client library but situation
should be significantly better now with ngclient:
  * metadata writing is safer, more atomic
  * non-root cached metadata is never trusted (so inconsistent
    cached repository is not a security issue)
  * the cache locations are now clearly application
    decisions (they are required Updater constructor args)

Move the notice to Updater module documentation.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
2022-11-18 13:16:41 +02:00
..
_internal RequestsFetcher: satisfy mypy with small fix 2022-10-31 21:25:02 +03:00
__init__.py Add client config module 2021-07-05 18:35:32 +03:00
config.py Unify wording of docstrings language in ngclient 2022-02-11 14:51:51 +02:00
fetcher.py Fixes #1916 2022-05-17 09:40:16 +05:30
README.md Improve README 2021-07-05 10:45:19 +03:00
updater.py README: Remove limitations 2022-11-18 13:16:41 +02:00

Next-gen TUF client for Python

This package provides modules for TUF client implementers.

tuf.ngclient.Updater is a class that implements the client workflow described in the TUF specification (see https://theupdateframework.github.io/specification/latest/#detailed-client-workflow)

tuf.ngclient.FetcherInterface is an abstract class that client implementers can implement a concrete class of in order to reuse their own networking/download libraries -- a Requests-based implementation is used by default.

This package:

  • Aims to be a clean, easy-to-validate reference client implementation written in modern Python
  • At the same time aims to be the library of choice for anyone implementing a TUF client in Python: light-weight, easy to integrate and with minimal required dependencies
  • Is still under development but is planned to become the default client in this implementation (i.e., the older tuf.client will be deprecated in the future)