-
Notifications
You must be signed in to change notification settings - Fork 113
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump TUF root version #1312
Bump TUF root version #1312
Conversation
Also update the embedded targets. Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
@asraa, I wanted to confirm, these target file names should not be prefixed with their hash, correct? I looked through the code and believe that's accurate, but wanted to double check. |
fyi @jku, since you had posted an issue about updating tuf metadata |
I'm pretty sure these are used to prepopulate the cache, and when you download to a local store TUF clients strip the hash prefix. I would test it out locally too. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would love instructions for doing this change (and for verifying it) to be documented somewhere. Also maybe how frequently we should be doing it and maybe even issues that get automatically filed.
None of that's blocking for now!
sigstore/root-signing#817 for tracking automation (across all client codebases too) To verify, in Cosign, I bumped go-tuf to 0.6.0 and replaced s/s with my local repo. Verified without the replace directive I've also removed |
Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Removing Edit: Other thing to note is the change that @kommendorkapten added recently to go-tuf to fix the noncompliant ecdsa identifier was not added to the deprecated ecdsa key handler. I'd rather not continue to support the deprecated path if we don't have to. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice!
Fixing tests now, this is from removing set_ecdsa... |
Signed-off-by: Hayden Blauzvern <hblauzvern@google.com>
Also update the embedded targets.
Summary
Release Note
Documentation