Closed MVrachev closed 3 years ago
joshuagl
commented
3 years ago Thank you for filing, we can definitely work on making this clearer. A valid DELEGATIONS object can have one or none of paths or path_hash_prefixes (bullets two and three from your list).
jku
commented
3 years ago valid DELEGATIONS object can have one or none of
pathsorpath_hash_prefixes(bullets two and three from your list).
I agree this seems logical but will also point out that the current/legacy updater will currently raise an error if neither is defined.
jku
commented
3 years ago Maybe this was not news to anyone else but after working with this thing for a year I realized this:
Spec says
PATHPATTERN can include shell-style wildcards and supports the Unix filename pattern matching convention
python-tuf uses fnmatch module to handle that and:
the filename separator ('/' on Unix) is not special to this module.
If the python-tuf interpretation is correct (that "" should match "files/file.txt") then it's not really that useful to allow paths is None and path_hash_prefixes is None (as `paths=[""]` already allows delegating everything)
But is that really how other implementations have done this -- I would have thought "Unix filename pattern matching" would not match subdirectories with "*"?
Filed #173 for the pattern matching issue
In the specification here, it's said:
This is confusing because it doesn't properly define which of these options is valid:
pathsandpath_hash_prefixespathsandpath_hash_prefixespathsandpath_hash_prefixes