Upgrade to tuf 4.0 (or cap securesystemslib version)

jku commented 6 months ago

Hi,

I suggest updating your tuf dependency to 4.x:

python-tuf did not cap the securesystemslib dependency before this release (sorry about that)
we know there will be incompatible API changes in securesystemslib in future as we get closer to securesystemslib 1.0

So ideally python-tuf users make releases that require (or at least allow) tuf 4.x before securesystemslib makes their next release (https://github.com/secure-systems-lab/securesystemslib/pull/767). If you don't want to bump tuf version you could alternatively cap securesystemslib to < 0.32 yourself: this would be the minimal change that should prevent future breakage.

dennisvang commented 6 months ago

@jku Thanks for the warning. I'll have a look at it a.s.a.p.

dennisvang commented 5 months ago

@jku Our latest v0.8.0 release now includes the upgraded tuf 4.0 dependency.

Sorry this took so long, I haven't had much time lately.

dennisvang / tufup

Upgrade to tuf 4.0 (or cap securesystemslib version) #133