[Bug 2223452] New: Review Request: python-conda-content-trust - Signing and verification tools for conda

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.redhat.com/show_bug.cgi?id=2223452

            Bug ID: 2223452
           Summary: Review Request: python-conda-content-trust - Signing
                    and verification tools for conda
           Product: Fedora
           Version: rawhide
          Hardware: All
                OS: Linux
            Status: NEW
         Component: Package Review
          Severity: medium
          Assignee: nobody@xxxxxxxxxxxxxxxxx
          Reporter: orion@xxxxxxxx
        QA Contact: extras-qa@xxxxxxxxxxxxxxxxx
                CC: package-review@xxxxxxxxxxxxxxxxxxxxxxx
  Target Milestone: ---
    Classification: Fedora



Spec URL: https://orion.fedorapeople.org/python-conda-content-trust.spec
SRPM URL:
https://orion.fedorapeople.org/python-conda-content-trust-0.1.3-1.fc39.src.rpm
Description:
Based on The Update Framework (TUF), conda-content-trust is intended to ensure
that when users in the conda ecosystem obtain a package or data about that
package, they can know whether or not it is trustworthy (e.g. originally comes
from a reliable source and has not been tampered with). A basic library and
basic CLI are included to provide signing, verification, and trust delegation
functionality.

This exists as an alteration of TUF because of the very particular needs of
the conda ecosystem. (Developers are encouraged to just use TUF whenever
possible!)

This tool is general purpose. It is currently used in conda 4.10.1+ to verify
package metadata signatures when they are available.

Fedora Account System Username: orion

Scratch build: https://koji.fedoraproject.org/koji/taskinfo?taskID=103499544


-- 
You are receiving this mail because:
You are always notified about changes to this product and component
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2223452

Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202223452%23c0
_______________________________________________
package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite Conditions]     [KDE Users]

  Powered by Linux