TUF should be handled via a grant from Facebook this year once Ernest and I get this underway: https://pyfound.blogspot.com/2018/12/upcoming-pypi-improvements-for-2019.html <https://pyfound.blogspot.com/2018/12/upcoming-pypi-improvements-for-2019.html>
We will take all the help we can get, but we'll have Project management and some funds! Cooper > On Feb 12, 2019, at 9:42 AM, Wes Turner <[email protected]> wrote: > > ... The Update Framework (TUF) is in part derived from Thandy (the tor > updater). There's an automotive derivative of TUF called Uptane. > https://theupdateframework.github.io/ <https://theupdateframework.github.io/> > > "Roadmap update for TUF support" > https://github.com/pypa/warehouse/issues/5247 > <https://github.com/pypa/warehouse/issues/5247> > > "TUF deployment roadmap for PyPI" > https://github.com/theupdateframework/tuf/issues/816# > <https://github.com/theupdateframework/tuf/issues/816#> > > SHA-256 is not sufficient. GPG was removed because insufficient. > Does TUF need funding, person-hours, new code, or code-review?
-- Distutils-SIG mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/distutils-sig.python.org/ Message archived at https://mail.python.org/archives/list/[email protected]/message/KZTUQGXDCSOI4XUK2IMY5I5GNFELJ3LB/
