-
Notifications
You must be signed in to change notification settings - Fork 270
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Several incompatibilities with master branch of securesystemslib #913
Comments
Thanks for pointing this out, @joshuagl. Here are my 2 cents: The main branch, i.e.
I suggest to prepare these PRs but hold off on merging until If this strategy becomes to cumbersome, e.g. we end up having many PRs that adopt breaking changes from What do you think? And what do others think? @SantiagoTorres, @mnm678? |
I like this. Fully agreed that all tests must pass on the active development branch, I'll create some draft PRs. |
Just to round up the pending PRs which address this issue:
|
Fixed for and with https://github.com/theupdateframework/tuf/releases/tag/v0.12.0. Thanks for your contributions, @joshuagl! |
As part of my work to remove
securesystemslib.util.TempFile
in secure-systems-lab/securesystemslib#180 I need to be able to test tuf against a locally installed copy of securesystemslib.It turns out that there are several incompatibilities between tuf and the master branch of securesystemslib (perhaps unsurprisingly, there are 214 commits to ssl since the 0.11.3 release). I've started working through the errors, but wanted to file this so that there's a record of the work and to have a discussion area.
There are at least two existing PRs which address some of the issues:
These don't break compatibility with the testing against ssl 0.11.3 that's currently happening in CI, however I'm anticipating that some of the changes that will need to be made will either a) be incompatible or b) require different codepaths for different ssl versions.
I'd welcome thoughts on whether backward compatibility is a goal or whether we just need to request a release of ssl and require that version once the changes are ready?
It would be good to add some CI testing against ssl master as part of resolving this issue, but I haven't figure out how to handle that yet. My local testing is using a venv and pip installing my copy of securesystemslib and tuf, before running the tests against the venv with:
$ coverage run aggregate_tests.py
The text was updated successfully, but these errors were encountered: