Closed udf2457 closed 8 months ago
Closing since the code base changed and the goal of the project would be to focus on being a library first and not so much on providing a CLI client.
There might be a CLI based on this, but it will live in a separate repository.
Thanks for raising this 👍
The readme describes an offline flow that uses
tuf payload root.json > root.json.payload
as a starting point.However for reasons I don't understand
tuf payload
appears to require the directory structure to be present (i.e.root.json
instaged/root.json
).If you run
tuf payload root.json
on a file on its own, you are given an errorERROR: tuf: missing metadata file root.json
.However if you
tuf init
and copy the sameroot.json
intostaged/root.json
, thentuf payload root.json
returns as expected.My understanding is that
tuf payload
is doing little more than parsingroot.json
and outputting the payload for signing. If this is the case, then surely as long asroot.json
is correctly formatted then the dependency on a TUF directory structure should be optional, not mandatory ?