tuf v0.10.1
Pre-releaseNote: This is a backwards-incompatible pre-release.
-
Add CHANGELOG.md, MAINTAINERS.txt, CODE-OF-CONDUCT.md, GOVERNANCE.md,
ADOPTERS.md, DCO requirements, and instructions for submitting a vulnerability
report. -
Move specification to github.com/theupdateframework/specification.
-
Dual license the project: MIT license and Apache license, version 2.
-
Update to latest version of securesystemslib v0.10.8, which dropped PyCrypto
and multi-lib support. -
Add ecdsa-sha2-nistp256 to specification.
-
Remove directory of example metadata. Documentation now references unit test
metadata. -
Implement TAP 9 (mandatory metadata signing schemes).
https://github.com/theupdateframework/taps/blob/master/tap9.md -
Drop support for Python 2.6 and 3.3.
-
Support Python 3.6.
-
Improve code coverage to 99%.
-
Convert specification from text to Markdown format.
-
Add MERCURY paper, which covers protection against roleback attacks.
-
Implement TAP 6 (include specification version in metadata).
-
Implement TAP 10 (remove native support for compressed metadata).
-
Support ability to append an externally-generated signature to metadata.
-
Remove capitalization from rolenames listed in metadata.
-
Add a more detailed client workflow to specification.
-
Modify client workflow: A client must now fetch root first. Intermediate
versions of Root must also be downloaded and verified by the client. See
specification for modified workflow. -
Fix bug with key IDs, where incorrect number of key IDs are detected.
-
Minor bug fixes, such as catching correct type and number of exceptions,
detection of slow retrieval attack, etc. -
Do not list Root's hash and lenth in Snapshot (only its version number).
-
Allow user to configure hashing algorithm used to generate hashed bin delegations.
-
Fix Markdown errors in SECURITY.md.
-
Add fast-forward attack to specification
-
Remove simple-settings dependency
-
Move crypto-related code to external library (securesystemslib).
-
Allow replacement of already listed targets in metadata. Fix issue #319.
-
Add instructions for contributors in README.
-
Copy (rather than link) target file to consistent target. Fix issue #390.
-
Rename target() -> get_one_valid_targetinfo().
-
Ensure consistent Root is written if consistent snapshot = False. Fix issue #391.
-
repository_tool.status(): Print status of only the top-level roles.
-
Document and demonstrate protection against repository attacks.
-
Add installation instructions for Fedora-based environments.
-
Exclude "private" dict key from metadata.
-
"backtrack" attribute renamed to "terminating".
-
Fix data loss that might occur during sudden power failure. Pull requests #365, 367.
-
Add repository tool function that can mark roles as dirty.
-
Store all delegated roles in one flat directory.
-
Support Unix shell-style wildcards for paths listed in metadata.
-
Add draft of specification (version 1.0).
-
Sleep a short while during download.py while loop to release CPU.
-
Support multiple key ID hashing algorithms.
-
Prepend version number to filename of consistent metadata.
-
Remove updater method: refresh_targets_metadata_chain().
-
Add Diplomat paper. It covers integrating TUF with community repositories.
-
Add project logo.
-
Delegations now resemble a graph, rather than a tree.