It seems that repo is not validated when it is opened

vmware-archive / repository-editor-for-tuf

Command line tool for editing and maintaining a TUF repository

Apache License 2.0

5 stars 3 forks source link

It seems that repo is not validated when it is opened #62

Closed KOLANICH closed 1 year ago

KOLANICH commented 1 year ago

Despite the first step of the most tuf update actions prescribes to fetch the data and validating it.

jku commented 1 year ago

this is a repository tool and has to be able to work with metadata that a client considers invalid: The TUF spec should preferably describe repository operations but it does not -- and applying client workflow rules to repository processes isn't directly useful.

jku commented 1 year ago

Specific validations may well make sense: If you have a specific suggestion, please reopen