Tuf

Added
* Simple TUF role metadata model in the `tuf.api` package for interacting with
metadata files directly, per-file without the overheads of reading and
writing the entire repository at once (1112, 1177, 1183)
* Raise `MissingLocalRepositoryError` in updater when local repository can not
be found (1173)
* Tests for targets metadata generation with existing `fileinfo` (1078)
* Test-verbosity documentation (1151)

Changed
* Raise an error in `tuf.client.updater` when metadata is loaded without a
signature (1100)
* Print a warning in `tuf.repository_tool` when metadata is written without a
signature (1100)
* Remove iso8661 dependency (1176)
* Bump dependencies: cffi (1146), cryptography (1149), urllib (1179),
securesystemslib (1183)
* Overhauled logging to be less verbose and less alarming, by removing logging
in the library when an exception is raised (including the same information
that was logged) and using more appropriate log levels (1145)
* Make test output more useful by reducing and improving logging (1145, 1104, 1170)
* Make the `targets_path`, `metadata_path` and `confined_target_dirs` fields in
`tuf.client.updater`s mirror configuration optional (1153, 1166)
* Include LICENSE files with source distributions (1162)
* Update Python version to be used in release instructions (1163)
* Remove direct use of `colorama` and dependency (1180)

Fixed
* Ensure file objects and `requests.Responses` are closed during tests (1147)
* Auto-test against `securesystemslib` head of development (1185)
* Fix parameter name in `tuf.repository_lib` error message (1078)

Added
* Added a mechanism to the Updater to disable the hash prefix for target files
even when `consistent_snapshot` is enabled for a repository (1102)

Changed
* Updater now uses keyids provided in the metadata, rather than re-calculating
keyids using `keyid_hash_algorithms` (1014, 1121)
* When loading an existing repository the keyids provided in the metadata will
be used, rather than re-calculating keyids using `keyid_hash_algorithms` (1014, 1121)
* Improve reliability and performance of tests by removing sleep calls, instead
use polling to check whether the simple_server is ready to accept
connections (1096)
* Only calculate lengths and hashes of files listed by timestamp and snapshot
metadata when those lengths and hashes will be included in the metadata (1097)
* Re-raise chained exceptions explicitly per PEP 3134 (1116)
* Remove use of `securesystemslib.settings.HASH_ALGORITHMS`, instead pass
desired algorithms explicitly to securesystemslib's
`keys.format_metadata_to_key` (1016)

Fixed
* Better adhere to the detailed client workflow in the specification by
ensuring that a newly downloaded root metadata file is verified with a
threshold of its own signatures (1101)
* Update a delegating role's metadata when adding a new verification key to a
delegated role (1037)

Added
* Add support for BLAKE hash functions (993)
* Don't list root metadata in snapshot metadata, per latest spec (988)
* Enable targets metadata to be generated without access to the target files (1007, 1020)
* Implement support for abstract files and directories (1024, 1034)
* Make lengths and hashes optional for timestamp and snapshot roles (1031)

Changed
* Revise requirements files to have layered requirements (978, 982)
* Update tutorial instructions (981, 992) and documentation (1054, 1001)
* Replace hard-coded logger names (989)
* Fix target file path hashing to ensure paths are hashed as they appear in targets metadata (1007)
* Refactor code handling hashed bins (1007, 1013, 1040, 1058)
* Improve performance when delegating to a large number of hashed bins (1012)
* Improve path handling consistency when adding targets and paths (1008)
* Clarify error message and docstring for custom parameter of add_target() (1027)
* Ensure each key applies to signature threshold only once (1091)

Fixed
* Fix broken CI (985)
* Fix tests (1029, 1064, 1067)
* Fix loading of delegated targets during repository load (1049, 1052, 1071)
* Fix key loading in repo.py (1066)
* Remove redundant code in downloader (1073)
* Fix alarming logging in updater (1092)

* Fix incorrect threshold signature computation (974)
* Drop support for python 3.4 (966)
* Improve documentation (970, 960, 962, 961, 972)
* Improve test suite and tutorial scripts (775)

* Relax spec version format check for backwards compatibility (950)
* Update project metadata (937, 939, 944, 947, 948, 953, 954)
* Update misc dependencies (936, 941, 942, 945, 956)

* Add backwards incompatible TUF spec version checks (842, 844, 854, 914)
* Adopt securesystemslib v0.12.0 update (909, 910, 855, 912, 934)
* Fix multi-root rotation (885, 930)
* Fix duplicate schema definitions (929)
* Refactor metadata generation (836)
* Refactor securesystemslib interface (919)
* Update implementation roadmap (833)
* Improve tests and testing infrastructure (825, 839, 890, 915, 892, 923)
* Improve documentation (824, 849, 852, 853, 893, 924, 928, et al.)
* Update misc dependencies (850, 851, 916, 922, 926, 931)