Skip to content

Update Snap role section in Metadata from Spec file #122

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Apr 17, 2025
Merged

Update Snap role section in Metadata from Spec file #122

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
86b6ccc
update metadata from Spec file
Dindihub Apr 15, 2025
7bc8003
Fix file format checks
Dindihub Apr 15, 2025
181c5bb
Correct snapshot role update
Dindihub Apr 17, 2025
81bcb9e
fix file format
Dindihub Apr 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 6 additions & 5 deletions content/en/about.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,12 @@ To learn more, see [TUF overview](/docs/overview/) and

## Governance

The TUF project is managed by the [Linux Foundation] under the [Cloud Native Computing
Foundation][CNCF]. The consensus builder for TUF is [Prof. Justin Cappos] of the
[Secure Systems Lab] at [New York University](https://engineering.nyu.edu/). Project
maintainers <sup>[[1]][[2]]</sup> are comprised of collaborators from academia and
the industry. Contributors and maintainers are governed by the [CNCF Community Code
The TUF project is managed by the [Linux Foundation] under the [Cloud Native
Computing Foundation][CNCF]. The consensus builder for TUF is [Prof. Justin
Cappos] of the [Secure Systems Lab] at
[New York University](https://engineering.nyu.edu/). Project maintainers
<sup>[[1]][[2]]</sup> are comprised of collaborators from academia and the
industry. Contributors and maintainers are governed by the [CNCF Community Code
of Conduct][CoC]. For details, see [Governance].

## Funding
Expand Down
7 changes: 4 additions & 3 deletions content/en/docs/metadata.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,10 @@ There may also be any number of delegated target roles.

Signed by: Root role.

Specifies the other top-level roles. When specifying these roles, the trusted
keys for each are listed, along with the minimum number of those keys required
to sign the role's metadata. We call this number the signature threshold.
The snapshot role signs a metadata file that provides information about the
latest version of all targets metadata on the repository (the top-level targets
role and all delegated roles). This information allows clients to know which
metadata files have been updated and also prevents mix-and-match attacks.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like you accidentally updated the root role section.

Also, I don't think we need to completely change the snapshot section. The original text was actually quite okay, apart from the outdated "all but timestamp.json" info.

Actually, I just saw that there's already a pending fix for this (#120). Would you mind adopting that change into your PR, including @joshuagl's suggestion, and adding the file format fix? That would be really appreciated! :)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wow! Silly mistake! Thanks for noticing I'll update it with @joshuagl suggestion

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done the correction please review @lukpueh


See
[example](https://raw.githubusercontent.com/theupdateframework/tuf/develop/tests/repository_data/repository/metadata/root.json)
Expand Down
8 changes: 4 additions & 4 deletions content/en/docs/project/_index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,11 @@ The TUF project consists of three components:
- [Specification] – the detailed TUF specification describes how to add TUF
metadata to a repository and the process to arrange for clients to use that
metadata to download and verify targets.
- [Standardization process] – major changes to the specification, including new features,
are made as TUF Augmentation Proposals (TAPs).
- [Standardization process] – major changes to the specification, including new
features, are made as TUF Augmentation Proposals (TAPs).
- [Reference implementation] – python-tuf provides a reference implementation of
the TUF specification and is used as a vital part of the TAPs process to prototype
changes to the specification.
the TUF specification and is used as a vital part of the TAPs process to
prototype changes to the specification.

The project is currently managed by a team of collaborators from academia and
industry.
Expand Down