TUF should be handled via a grant from Facebook this year once Ernest and I get this underway: https://pyfound.blogspot.com/2018/12/upcoming-pypi-improvements-for-2019.html <https://pyfound.blogspot.com/2018/12/upcoming-pypi-improvements-for-2019.html>
We will take all the help we can get, but we'll have Project management and some funds! Cooper > On Feb 12, 2019, at 9:42 AM, Wes Turner <wes.tur...@gmail.com> wrote: > > ... The Update Framework (TUF) is in part derived from Thandy (the tor > updater). There's an automotive derivative of TUF called Uptane. > https://theupdateframework.github.io/ <https://theupdateframework.github.io/> > > "Roadmap update for TUF support" > https://github.com/pypa/warehouse/issues/5247 > <https://github.com/pypa/warehouse/issues/5247> > > "TUF deployment roadmap for PyPI" > https://github.com/theupdateframework/tuf/issues/816# > <https://github.com/theupdateframework/tuf/issues/816#> > > SHA-256 is not sufficient. GPG was removed because insufficient. > Does TUF need funding, person-hours, new code, or code-review?
-- Distutils-SIG mailing list -- distutils-sig@python.org To unsubscribe send an email to distutils-sig-le...@python.org https://mail.python.org/mailman3/lists/distutils-sig.python.org/ Message archived at https://mail.python.org/archives/list/distutils-sig@python.org/message/KZTUQGXDCSOI4XUK2IMY5I5GNFELJ3LB/