Closed jku closed 1 week ago
@flavio any ideas on what path we should take going forward? This change is imminent and will break sigstore-rs' TUF code.
I made an attempt at switching to rust-tuf and encountered a different issue: https://github.com/theupdateframework/rust-tuf/issues/408
Trail of Bits is out of time on sigstore-rs
, so I won't be taking this on in the short term.
Sorry, I was swamped during the last weeks. I'm going to look into that.
@jku I've run into the keyid issue you reported. Please ping me once the staging repo is fixed :pray:
Thanks again for this heads up!
This wasn't updated since June so it's clearly time:
We can close it, sigstore-rs 0.10.0 has all the fixes we need :partying_face:
@tnytown found some compatibility issues with root-signing-staging during https://github.com/sigstore/sigstore-rs/pull/354:
This issue is about the second item above: . Some more context: