Python reference implementation of The Update Framework (TUF)
APACHE-2.0 License
Bot releases are visible (Hide)
This release is a small API change for Metadata API users (see below).
ngclient API is compatible but optional DSSE support has been added.
Root.get_verification_result()
and Targets.get_verification_result()
Root.get_root_verification_result()
has been added to handle the specialPublished by github-actions[bot] 8 months ago
This is a security fix release to address advisory GHSA-77hh-43cm-v8j6. The issue does not affect tuf.ngclient
users, but could affect tuf.api.metadata
users.
Published by github-actions[bot] about 1 year ago
See CHANGELOG.md for details.
Published by github-actions[bot] over 1 year ago
See CHANGELOG.md for details.
Published by github-actions[bot] over 1 year ago
See CHANGELOG.md for details.
Published by github-actions[bot] about 2 years ago
See CHANGELOG.md for details.
Published by github-actions[bot] over 2 years ago
See CHANGELOG.md for details.
Published by jku over 2 years ago
This release makes ngclient and the Metadata API the supported python-tuf APIs.
It also removes the legacy implementation as documented in the 1.0.0 announcement:
all library code is now contained in tuf.api
or tuf.ngclient
.
See Python-TUF reaches version 1.0.0 for a blog post about this release.
Published by lukpueh almost 3 years ago
NOTE: This will be the final release of python-tuf that includes the legacy implementation code. Please see the 1.0.0 announcement page for more details about the next release and the deprecation of the legacy implementation, including migration instructions.
Published by jku almost 3 years ago
For users of legacy client (tuf.client module) this is purely a security fix
release with no API or functionality changes. For ngclient (tuf.ngclient) and
Metadata API (tuf.api.metadata), some API changes are included.
All users are advised to upgrade.
Note that python-tuf has required python>=3.5 since release 0.18.0.
Published by joshuagl about 3 years ago
Note: The v0.18.0 release was made with the changes from #1566, resulting in
a release with sources which don't match the git tag. We are rectifying this
with this v0.18.1 release.
0.18 is a big release with 3 main themes:
Additionally the Github project name changed: project is now "python-tuf"
instead of "tuf". Redirects are in place for the old name but updating links is
advised.
Please see https://github.com/theupdateframework/python-tuf/releases/tag/v0.18.0
Published by joshuagl about 3 years ago
0.18 is a big release with 3 main themes:
Additionally the Github project name changed: project is now "python-tuf"
instead of "tuf". Redirects are in place for the old name but updating links is
advised.
Published by joshuagl over 3 years ago
NOTE: this will be the final release of tuf that supports Python 2.7.
This is because Python 2.7 was marked end-of-life in January of 2020, and
since then several of tuf's direct and transient dependencies have stopped
supporting Python 2.7.
Published by joshuagl almost 4 years ago
tuf.api
(#1193)aggregate_tests
) and stop executing unit testsleep()
calls (#1194)Queue
s, rather than files,tuf.client.updater
(#1219)[]
) as the default argument in a test_verify_root_self_signed()
such thatPublished by lukpueh almost 4 years ago
tuf.api
package for interacting withMissingLocalRepositoryError
in updater when local repository can notfileinfo
(#1078)tuf.client.updater
when metadata is loaded without atuf.repository_tool
when metadata is written without atargets_path
, metadata_path
and confined_target_dirs
fields intuf.client.updater
s mirror configuration optional (#1153, #1166)colorama
and dependency (#1180)requests.Responses
are closed during tests (#1147)securesystemslib
head of development (#1185)tuf.repository_lib
error message (#1078)Published by joshuagl about 4 years ago
consistent_snapshot
is enabled for a repository (#1102)keyid_hash_algorithms
(#1014, #1121)keyid_hash_algorithms
(#1014, #1121)securesystemslib.settings.HASH_ALGORITHMS
, instead passkeys.format_metadata_to_key
(#1016)Published by joshuagl about 4 years ago
Published by SantiagoTorres almost 5 years ago
Published by lukpueh almost 5 years ago
Published by lukpueh about 5 years ago