[Bug 2223452] New: Review Request: python-conda-content-trust - Signing and verification tools for conda

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=2223452

            Bug ID: 2223452
           Summary: Review Request: python-conda-content-trust - Signing
                    and verification tools for conda
           Product: Fedora
           Version: rawhide
          Hardware: All
                OS: Linux
            Status: NEW
         Component: Package Review
          Severity: medium
          Assignee: nob...@fedoraproject.org
          Reporter: or...@nwra.com
        QA Contact: extras...@fedoraproject.org
                CC: package-review@lists.fedoraproject.org
  Target Milestone: ---
    Classification: Fedora



Spec URL: https://orion.fedorapeople.org/python-conda-content-trust.spec
SRPM URL:
https://orion.fedorapeople.org/python-conda-content-trust-0.1.3-1.fc39.src.rpm
Description:
Based on The Update Framework (TUF), conda-content-trust is intended to ensure
that when users in the conda ecosystem obtain a package or data about that
package, they can know whether or not it is trustworthy (e.g. originally comes
from a reliable source and has not been tampered with). A basic library and
basic CLI are included to provide signing, verification, and trust delegation
functionality.

This exists as an alteration of TUF because of the very particular needs of
the conda ecosystem. (Developers are encouraged to just use TUF whenever
possible!)

This tool is general purpose. It is currently used in conda 4.10.1+ to verify
package metadata signatures when they are available.

Fedora Account System Username: orion

Scratch build: https://koji.fedoraproject.org/koji/taskinfo?taskID=103499544


-- 
You are receiving this mail because:
You are always notified about changes to this product and component
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2223452

Report this comment as SPAM: 
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202223452%23c0
_______________________________________________
package-review mailing list -- package-review@lists.fedoraproject.org
To unsubscribe send an email to package-review-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/package-review@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue