Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 18 commits
- 29 files changed
- 9 contributors
Commits on Oct 30, 2024
-
Move the repository package under examples/repository (#656)
Signed-off-by: Radoslav Dimitrov <radoslav@stacklok.com>
Commits on Nov 12, 2024
-
docs: Joshua retiring as a maintainer (#657)
Stepping down as I have insufficient bandwidth to meaningfully contribute. Signed-off-by: Joshua Lock <joshuagloe@gmail.com>
Commits on Nov 20, 2024
-
fix: multirepo potential nil pointer dereference (#658)
potential nil pointer dereference Signed-off-by: mrdan4es <mrdan4es@gmail.com>
Commits on Dec 12, 2024
-
chore(deps): bump golang.org/x/crypto from 0.23.0 to 0.31.0 (#661)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.23.0 to 0.31.0. - [Commits](golang/crypto@v0.23.0...v0.31.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Commits on Dec 16, 2024
-
chore(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0 (#662
) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.9.0...v1.10.0) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
-
chore(deps): bump github.com/secure-systems-lab/go-securesystemslib f…
…rom 0.8.0 to 0.9.0 (#663) chore(deps): bump github.com/secure-systems-lab/go-securesystemslib Bumps [github.com/secure-systems-lab/go-securesystemslib](https://github.com/secure-systems-lab/go-securesystemslib) from 0.8.0 to 0.9.0. - [Release notes](https://github.com/secure-systems-lab/go-securesystemslib/releases) - [Commits](secure-systems-lab/go-securesystemslib@v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: github.com/secure-systems-lab/go-securesystemslib dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Commits on Dec 17, 2024
-
Use the correct verifier for RSA PSS scheme keys (#625)
* Explicitly use LoadRSAPSSVerifier for RSASSA_PSS_SHA256 keys Signed-off-by: Radoslav Dimitrov <radoslav@stacklok.com> * Update the basic_repository.go example to work with RSA PSS key scheme Signed-off-by: Radoslav Dimitrov <radoslav@stacklok.com> * added a simple tool that can resign test metadata and updated signatures to be pss and not pkcs1 v1.5 Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> * Fixed failing unit tests Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> --------- Signed-off-by: Radoslav Dimitrov <radoslav@stacklok.com> Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>
Commits on Jan 22, 2025
-
updater.go: replace os.WriteFile with file.Write() (#669)
* Update updater.go replace os.WriteFile with file.Write() Signed-off-by: udf2457 <udf2457@users.noreply.github.com> * Update metadata/updater/updater.go File is closed on all branches in the code, removing this. Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> --------- Signed-off-by: udf2457 <udf2457@users.noreply.github.com> Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> Co-authored-by: Fredrik Skogman <kommendorkapten@github.com>
Commits on Jan 24, 2025
-
Remove readFile() and reverseSlice() in favour of stdlib (#671)
* Update updater.go remove readFile() as it appears to essentially be a re-implementation of stdlib's os.ReadFile Signed-off-by: udf2457 <udf2457@users.noreply.github.com> * Remove ReadFile from cli/tuf-client/cmd/root.go Another instance of re-implementing os.ReadFile. This one does not even appear to be used by the cli code. Signed-off-by: udf2457 <udf2457@users.noreply.github.com> * Update init.go Reference os.Readfile instead of the re-implementation Signed-off-by: udf2457 <udf2457@users.noreply.github.com> * Update root.go Remove ReadFile re-implementation Signed-off-by: udf2457 <udf2457@users.noreply.github.com> * Update metadata.go to use os.ReadFile Don't reinvent the wheel, use stdlib os.ReadFile 😉 Signed-off-by: udf2457 <udf2457@users.noreply.github.com> * Update updater.go - remove reimplementation of slices.Reverse() Remive the reimplementation of stdlib slices.Reverse() Signed-off-by: udf2457 <udf2457@users.noreply.github.com> * Update root.go remove un-necessary io import Signed-off-by: udf2457 <udf2457@users.noreply.github.com> * Update root.go Remove io import Signed-off-by: udf2457 <udf2457@users.noreply.github.com> --------- Signed-off-by: udf2457 <udf2457@users.noreply.github.com>
Commits on Jan 27, 2025
-
updater.go: replace url.QueryEscape() with url.PathEscape()
Signed-off-by: udf2457 <udf2457@users.noreply.github.com>
Commits on Jan 28, 2025
Commits on Feb 17, 2025
-
chore(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 (#679)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.1 to 1.9.1. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.8.1...v1.9.1) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Commits on Mar 13, 2025
-
chore: make function comment match function name (#680)
Signed-off-by: suchsoon <silverjadebeauty@gmail.com>
Commits on Mar 31, 2025
-
Point to v2 of API for Go Doc Signed-off-by: Trishank Karthik Kuppusamy <trishank.kuppusamy@datadoghq.com>
Commits on Apr 15, 2025
-
chore(deps): bump golang.org/x/crypto from 0.31.0 to 0.35.0 (#683)
* chore(deps): bump golang.org/x/crypto from 0.31.0 to 0.35.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.31.0 to 0.35.0. - [Commits](golang/crypto@v0.31.0...v0.35.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.35.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Run go mod tidy Signed-off-by: Radoslav Dimitrov <radoslav@stacklok.com> * Do not pin the toolchain version Signed-off-by: Radoslav Dimitrov <radoslav@stacklok.com> * Fix the linting failure bumping golangci-lint Signed-off-by: Radoslav Dimitrov <radoslav@stacklok.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Radoslav Dimitrov <radoslav@stacklok.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Radoslav Dimitrov <radoslav@stacklok.com>
Commits on Apr 16, 2025
-
Allow users to configure custom http.Client or http.RoundTripper in D…
…efaultFetcher (#682) * optionally set override request timeout parameter Signed-off-by: Meredith Lancaster <malancas@github.com> * add UpdaterConfig setter for default fetcher timeout Signed-off-by: Meredith Lancaster <malancas@github.com> * Fetcher sets http client as field, remove timeout param from Fetcher method Signed-off-by: Meredith Lancaster <malancas@github.com> * add some additional fields andconsotructors Signed-off-by: Meredith Lancaster <malancas@github.com> * add fetcher setters for use in config Signed-off-by: Meredith Lancaster <malancas@github.com> * fix test Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com>
Commits on Apr 24, 2025
-
Allow users to configure retry behavior in DefaultFetcher (#684)
* allow users to set request timeout as struct field Signed-off-by: Meredith Lancaster <malancas@github.com> * add optional request retry and backoff Signed-off-by: Meredith Lancaster <malancas@github.com> * add retry setters Signed-off-by: Meredith Lancaster <malancas@github.com> * use v5 of backoff library Signed-off-by: Meredith Lancaster <malancas@github.com> * add more flexible retry option setters Signed-off-by: Meredith Lancaster <malancas@github.com> * move request setup out of retry operation func Signed-off-by: Meredith Lancaster <malancas@github.com> * add tests for retry config Signed-off-by: Meredith Lancaster <malancas@github.com> * comments Signed-off-by: Meredith Lancaster <malancas@github.com> --------- Signed-off-by: Meredith Lancaster <malancas@github.com>
Commits on May 7, 2025
-
Added back timeout to the fetcher DownloadFile method to avoid a brea…
…king change. (#685) * Added back timeout to the fetcher DownloadFile method to avoid a breaking change. The argument is documented as not used/deprecated. Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> * Fixed a spelling error Signed-off-by: Fredrik Skogman <kommendorkapten@github.com> --------- Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v2.0.2...v2.1.0