diff --git a/appveyor.yml b/appveyor.yml index a480c5fc2e..5c6c4cf07e 100644 --- a/appveyor.yml +++ b/appveyor.yml @@ -27,7 +27,7 @@ install: - set PATH=%PYTHON%;%PYTHON%\\Scripts;%PATH% - python -m pip install -U pip setuptools - pip install -e . - - pip install securesystemslib[crypto,pynacl] + - pip install securesystemslib[crypto,pynacl] python-dateutil - if %PYTHON_VERSION%==2.7 pip install mock build: false diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md index ad158955cb..fd4c662c81 100644 --- a/docs/CHANGELOG.md +++ b/docs/CHANGELOG.md @@ -1,5 +1,38 @@ # Changelog +## v0.15.0 +### Added +* Simple TUF role metadata model in the `tuf.api` package for interacting with + metadata files directly, per-file without the overheads of reading and + writing the entire repository at once (#1112, #1177, #1183) +* Raise `MissingLocalRepositoryError` in updater when local repository can not + be found (#1173) +* Tests for targets metadata generation with existing `fileinfo` (#1078) +* Test-verbosity documentation (#1151) + +### Changed +* Raise an error in `tuf.client.updater` when metadata is loaded without a + signature (#1100) +* Print a warning in `tuf.repository_tool` when metadata is written without a + signature (#1100) +* Remove iso8661 dependency (#1176) +* Bump dependencies: cffi (#1146), cryptography (#1149), urllib (#1179), + securesystemslib (#1183) +* Overhauled logging to be less verbose and less alarming, by removing logging + in the library when an exception is raised (including the same information + that was logged) and using more appropriate log levels (#1145) +* Make test output more useful by reducing and improving logging (#1145, #1104, #1170) +* Make the `targets_path`, `metadata_path` and `confined_target_dirs` fields in + `tuf.client.updater`s mirror configuration optional (#1153, #1166) +* Include LICENSE files with source distributions (#1162) +* Update Python version to be used in release instructions (#1163) +* Remove direct use of `colorama` and dependency (#1180) + +### Fixed +* Ensure file objects and `requests.Responses` are closed during tests (#1147) +* Auto-test against `securesystemslib` head of development (#1185) +* Fix parameter name in `tuf.repository_lib` error message (#1078) + ## v0.14.0 ### Added * Added a mechanism to the Updater to disable the hash prefix for target files diff --git a/requirements-pinned.txt b/requirements-pinned.txt index 0ad9636ecf..84c01e05c1 100644 --- a/requirements-pinned.txt +++ b/requirements-pinned.txt @@ -7,9 +7,8 @@ idna==2.10 # via requests ipaddress==1.0.23 ; python_version < '3' # via cryptography pycparser==2.20 # via cffi pynacl==1.4.0 # via securesystemslib -python-dateutil==2.8.1 # via securesystemslib requests==2.24.0 -securesystemslib[crypto,pynacl]==0.16.0 +securesystemslib[crypto,pynacl]==0.17.0 six==1.15.0 subprocess32==3.5.4 ; python_version < '3' # via securesystemslib urllib3==1.25.11 # via requests diff --git a/requirements-test.txt b/requirements-test.txt index b3ee09c4f2..d6cc7fc565 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -6,6 +6,9 @@ # test runtime dependencies (see 'tests_require' field in setup.py) mock; python_version < "3.3" +# tuf.api tests use python-dateutil +python-dateutil + # additional test tools for linting and coverage measurement coverage pylint diff --git a/setup.py b/setup.py index 4d6f523cbf..d245823c52 100755 --- a/setup.py +++ b/setup.py @@ -78,7 +78,7 @@ setup( name = 'tuf', - version = '0.14.0', # If updating version, also update it in tuf/__init__.py + version = '0.15.0', # If updating version, also update it in tuf/__init__.py description = 'A secure updater framework for Python', long_description = long_description, long_description_content_type='text/markdown', diff --git a/tuf/__init__.py b/tuf/__init__.py index 681f31e74d..6ae8b31db5 100755 --- a/tuf/__init__.py +++ b/tuf/__init__.py @@ -2,7 +2,7 @@ # setup.py has it hard-coded separately. # Currently, when the version is changed, it must be set in both locations. # TODO: Single-source the version number. -__version__ = "0.14.0" +__version__ = "0.15.0" # This reference implementation produces metadata intended to conform to # version 1.0.0 of the TUF specification, and is expected to consume metadata