This repository has been archived by the owner on Nov 3, 2023. It is now read-only.
consider implementing update logic #9
Comments
|
This might give more flexibility WRT verification: #2 (comment) -- we should be able to recognise many different repo states, not just valid/invalid |
|
IMHO: an abstraction layer should be used for this. The metadata dicts can be not real ones, but synthetic ones. And the layer should probably be changed to allow working with raw dicts. It can allow eliminate some metadata files, if we rely on content-addressible filesystems like IPFS or repos like git ones for integrity and signing. I'm going to raise an issue about it in tuf spec repo. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
currently tufrepo uses ngclient to do the initial update workflow (with the FilesystemFetcher hack), and then steals the internal TrustedMetadataSet for additional use...
It might make more sense to just implement a simplified version of update workflow in tufrepo itself (it's not as complex since there's no remote files required, just loading local files). TrustedMetadataSet still makes sense to use though
The text was updated successfully, but these errors were encountered: