Closed MVrachev closed 3 years ago
Thank you for filing, we can definitely work on making this clearer. A valid DELEGATIONS object can have one or none of paths
or path_hash_prefixes
(bullets two and three from your list).
valid DELEGATIONS object can have one or none of
paths
orpath_hash_prefixes
(bullets two and three from your list).
I agree this seems logical but will also point out that the current/legacy updater will currently raise an error if neither is defined.
Maybe this was not news to anyone else but after working with this thing for a year I realized this:
Spec says
PATHPATTERN can include shell-style wildcards and supports the Unix filename pattern matching convention
python-tuf uses fnmatch module to handle that and:
the filename separator ('/' on Unix) is not special to this module.
If the python-tuf interpretation is correct (that "" should match "files/file.txt") then it's not really that useful to allow paths is None and path_hash_prefixes is None
(as `paths=[""]` already allows delegating everything)
But is that really how other implementations have done this -- I would have thought "Unix filename pattern matching" would not match subdirectories with "*"?
Filed #173 for the pattern matching issue
In the specification here, it's said:
This is confusing because it doesn't properly define which of these options is valid:
paths
andpath_hash_prefixes
paths
andpath_hash_prefixes
paths
andpath_hash_prefixes