di
commented
2 years ago (Sorry, cc @kairoaraujo as well!)
Open di opened 2 years ago
di
commented
2 years ago (Sorry, cc @kairoaraujo as well!)
di
commented
2 years ago di
commented
2 years ago tuf==1.0.0 has been released: https://pypi.org/project/tuf/1.0.0/
brainwane
commented
2 years ago I may be mistaken, but it looks like movement on PEP 458 has slowed -- what can we do to help get it moving again? Should I be watching https://github.com/jku/repository-playground or helping test #10870 or #8955 or #7488? Thanks!
ofek
commented
2 years ago Please let me know if I can help.
kairoaraujo
commented
2 years ago Hi, @brainwane and @ofek. Helping to review and test PR #10870 for the TUF initialization for development would be great. 🙂
ncoghlan
commented
2 weeks ago Newer status updates:
This is a meta-issue to document the roadmap for PyPI's support for PEP 458. This top-level comment will be updated as the roadmap progresses. Comments on this issue should be limited to a discussion of this roadmap only, e.g. whether there are steps missing, discovered to be necessary or resolved.
Roadmap
[x] PEP 458 is accepted
[x] Key generation and signing ceremony for PyPI
[x] #8487
[ ] Initial TUF services
[x] Updates to
python-tufpython-tuf1.0.0 release: https://github.com/theupdateframework/python-tuf/projects/2[ ] Integrate with
python-tuf[ ] Populate top-level TUF roles
[ ] Bring TUF keys online
Downstream issues unblocked once this roadmap is complete:
This is likely incomplete, cc @ewdurbin @woodruffw @trishankatdatadog @JustinCappos @mnm678 @joshuagl @jku @pradyunsg @brainwane for your input & awareness.