vcswatch reports that
this package seems to have a new changelog entry (version
0.4.1-1, distribution
unstable) and new commits
in its VCS. You should consider whether it's time to make
an upload.
Here are the relevant commit messages:
commit efeeafd303ade777c16ffe1b8f6de86c9577af2c
Merge: b15b5ea 8091d9b
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Mon Mar 16 10:02:33 2020 +0100
Merge pull request #354 from in-toto/dependabot/pip/enum34-1.1.10
Bump enum34 from 1.1.9 to 1.1.10
commit 8091d9bf5fa1386cb0d898630d217ef4fec9102b
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Mar 16 08:19:33 2020 +0000
Bump enum34 from 1.1.9 to 1.1.10
Bumps [enum34](https://bitbucket.org/stoneleaf/enum34) from 1.1.9 to 1.1.10.
- [Commits](https://bitbucket.org/stoneleaf/enum34/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit b15b5ead549e5f8ca82f85fc47239e6ff8143c6e
Merge: d3d8fc3 11bfbc3
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Mon Mar 9 09:46:15 2020 +0100
Merge pull request #353 from in-toto/dependabot/pip/pycparser-2.20
Bump pycparser from 2.19 to 2.20
commit 11bfbc3ca13d27d7e49abefc14b77ca01c9c2a64
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Mar 9 08:30:14 2020 +0000
Bump pycparser from 2.19 to 2.20
Bumps [pycparser](https://github.com/eliben/pycparser) from 2.19 to 2.20.
- [Release notes](https://github.com/eliben/pycparser/releases)
- [Changelog](https://github.com/eliben/pycparser/blob/master/CHANGES)
- [Commits](https://github.com/eliben/pycparser/compare/release_v2.19...release_v2.20)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit d3d8fc3b13df8f3d8ddb913570d6deef2a1116ee
Merge: 3e21997 99a336d
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Fri Feb 28 14:18:34 2020 +0100
Merge pull request #352 from joshuagl/joshuagl/gpg-check
Use constant from securesystemslib to detect GPG in tests
commit 99a336d2c7d39fbea81a8f03ea28c19653a8f10a
Author: Joshua Lock <jlock@vmware.com>
Date: Fri Feb 28 11:59:06 2020 +0000
Use constant from securesystemslib to detect GPG in tests
Use the new constant in securesystemslib 0.14.1 to check for the
presence of GPG while running tests.
Signed-off-by: Joshua Lock <jlock@vmware.com>
commit 3e219975f0534f362c3ac4c6b462b73670f96f48
Merge: ba378ff d9176e8
Author: Santiago Torres <santiago@nyu.edu>
Date: Wed Feb 26 15:48:52 2020 -0500
Merge pull request #341 from lukpueh/auto-cli-docs
Major CLI documentation overhaul and automation
commit d9176e86237039d3a4fad8c6a049faa29d52e944
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Wed Feb 26 17:02:36 2020 +0100
Polish installation instructions
Following @SantiagoTorres' review, this commit updates the
installation instructions to:
- disambiguate GPG (the tool) and PGP (the standard), and
- shorten another phrase.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit ba378ff1b3d3752ed1e438048891374b59598bcf
Merge: f1024d6 6175199
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Mon Feb 24 09:33:03 2020 +0100
Merge pull request #350 from in-toto/dependabot/pip/enum34-1.1.9
Bump enum34 from 1.1.6 to 1.1.9
commit 6175199eebcd9a0a0a5930640e1acdc68e27b9fa
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Feb 24 08:04:43 2020 +0000
Bump enum34 from 1.1.6 to 1.1.9
Bumps [enum34](https://bitbucket.org/stoneleaf/enum34) from 1.1.6 to 1.1.9.
- [Commits](https://bitbucket.org/stoneleaf/enum34/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit f1024d6b22632ed4b23891112d18b1b840642069
Merge: 6ddaa0c c7ce674
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Mon Feb 10 09:32:31 2020 +0100
Merge pull request #349 from in-toto/dependabot/pip/cffi-1.14.0
Bump cffi from 1.13.2 to 1.14.0
commit c7ce6741ee0f8c46da67577c0afd0b37fe8d3de7
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Feb 10 07:52:59 2020 +0000
Bump cffi from 1.13.2 to 1.14.0
Bumps [cffi](https://bitbucket.org/cffi/release-doc) from 1.13.2 to 1.14.0.
- [Commits](https://bitbucket.org/cffi/release-doc/commits)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit 6ddaa0c32e6653beb35babe5e0dcd1585e0a9ab3
Merge: c8f0d5d 38ab21d
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Wed Feb 5 13:57:25 2020 +0100
Merge pull request #346 from in-toto/dependabot/pip/securesystemslib-cryptopynacl--0.14.0
Bump securesystemslib[crypto,pynacl] from 0.13.1 to 0.14.0
commit 38ab21d566c3f24efd3af8d96444b3c077ccb209
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Wed Feb 5 10:38:25 2020 +0000
Bump securesystemslib[crypto,pynacl] from 0.13.1 to 0.14.0
Bumps [securesystemslib[crypto,pynacl]](https://github.com/secure-systems-lab/securesystemslib) from 0.13.1 to 0.14.0.
- [Release notes](https://github.com/secure-systems-lab/securesystemslib/releases)
- [Changelog](https://github.com/secure-systems-lab/securesystemslib/blob/master/CHANGELOG.md)
- [Commits](https://github.com/secure-systems-lab/securesystemslib/compare/v0.13.1...v0.14.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit c8f0d5d649467e8a8a5d0c90497d339215819bec
Merge: 00076fd e62b1d9
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Tue Jan 28 10:18:46 2020 +0100
Merge pull request #342 from in-toto/dependabot/pip/six-1.14.0
Bump six from 1.13.0 to 1.14.0
commit e62b1d904bc05b309a02ea5e67be02b45c440a7b
Author: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Mon Jan 20 07:47:36 2020 +0000
Bump six from 1.13.0 to 1.14.0
Bumps [six](https://github.com/benjaminp/six) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/benjaminp/six/releases)
- [Changelog](https://github.com/benjaminp/six/blob/master/CHANGES)
- [Commits](https://github.com/benjaminp/six/compare/1.13.0...1.14.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
commit 5baafcdbe6e1e2bf55d5b67be79b78660cc9091b
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Jan 20 12:41:55 2020 +0100
Refine install and CLI docs
Reinfe CLI and installation docs as shown on readthedocs following
an out-of-band review by @jhdalek55.
This mostly adds missing preposition and fixes wording.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit d41520baeee5b88663c88e3144afa4bc753b43bb
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Jan 20 11:47:41 2020 +0100
Change order of argument sections in CLI docs
Change the section order of argument types to show "position
arguments" (required) before "optional arguments" (not required).
Further update in_toto_record to make the ordering and naming
consistent, following advice from @jhdalek55.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit a2a6d19a59899cb404401c6216a426c188ddd06d
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Fri Jan 17 09:52:13 2020 +0100
Check type and not instance in test_common_args
When testing the undocumented (protected) attribute
'_action_groups' from 'argparse', it is safer to do a type and not
an instance check, because in 'common_args.sort_action_groups' we
replace what '_action_groups' references with a list. So if argparse
were to change its type to something list-ish, it could lead to
unexpected behavior on our side and we might not detect it in the
test here.
Kudos to @SantiagoTorres for pointing this out.
Pylint claims that this is an unidiomatic-typecheck. We beg to
differ.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit ea6214696e1eefe4f5041cda9da2eabccd161514
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Thu Jan 16 14:31:33 2020 +0100
Update cli documentation links in README.md
Point to readthedocs pages instead of document header of the
individual CLI modules.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit ac8a43207285d938038ecda54b07226731ad5561
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Wed Jan 15 17:21:55 2020 +0100
Remove help text from cli doc headers
Remove output of calling cli tools with the --help flag from all
cli modules' document headers as it needs to be copied/updated
manually and thus is prone to get out of sync.
The same (single-sourced) information can be found
- in the code,
- by installing the in-toto and running the cli command with
the --help flag, and soon
- on in-toto.readthedocs.io
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 5ab7e65c7982326c35e30b58bf63da4415e4488e
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Tue Jan 14 13:57:17 2020 +0100
Add sphinx auto cli doc configuration
Use sphinx-argparse and custom argparse-epilog sphinx extensions
to auto-generate cli documentation.
The directives provided by the two extensions are used in the newly
created doc/source/command-line-tools/in-toto-*.rst files, and
insert the output of the corresponding cli tool's help messages when
generating documentation with sphinx.
This commit further
- updates the table of context,
- adds a docs specific requirements file to install the 3rd-party
extension)
- patches the path to make available the custom extension
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Add requirements file to build docs
Sphinx installs in-toto with its runtime dependencies, and
extra packages, e.g. the sphinx-argparse.
This file should be chosen via the readthedocs dashboard.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 87a71fbae45c479c88a5f697f2bdca1406c134d6
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Tue Jan 14 12:51:23 2020 +0100
Add custom sphinx argparse-example-epilog extension
The in_toto command line tools use argparse epilog to add an
example usage section to the help message. The epilog does not
render nicely when using the sphinx-argparse extension.
This commit adds a custom extension to properly render the title
(expected to be 'EXAMPLE USAGE') and code blocks of a command line
tools epilog.
See ArgparseUsageEpilog docstring for details about the extension.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit ef7a02988128680083f5ccbb8be7ff484ffa5620
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Tue Jan 14 13:48:50 2020 +0100
Enhance CLI descriptions, help and usage examples
Major overhaul of all CLI help texts, in an attempt to make them
more informative and render nicely and uniformly on
sphinx/readthedocs.
Kudos to @SantiagoTorres and his work in
https://github.com/in-toto/in-toto/pull/332, which I've been
integrating here.
Changes includes:
- add more usage examples to arpgarse.epilog field of cli tools
- Unify title and indentation in all usage examples to render nicely
with the custom argparse-example-epilog sphinx extension
- uniformly start option help texts with lowercase
- uniformly start options with arguments with a noun (the argument)
and options without arguments with a verb (what the option does)
- unify argument groups, i.e. use defaults (positional arguments,
optional arguments) and one custom (required named arguments)
where applicable
- uniformly use single quotes instead of backticks for emphasis in
help texts
- move more common arguments (must be exactly the same!) to
common_args.py
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 592e454cc2b4febd3569bd88e24811c823167e3f
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Wed Jan 15 14:55:57 2020 +0100
Disambiguate gpg home dir and keyring
Some functions in securesystemslib.gpg support a homedir argument.
This corresponds to the gpg `--homedir` option, which is different
from the gpg `--keyring` option. However, in-toto documentation
inaccurately refers to the `homedir` as keyring in some places.
This commit fixes the relevant parts in the code and cli docs.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit c67a03d96af49383da99de33e4738c0f178c3b85
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Tue Jan 14 15:16:00 2020 +0100
Manually check mutual exclusion in in-toto-record
Switch to manual mutual exclusion check for --key and --gpg
arguments (as in in_toto_run).
The `add_mutually_exclusive_group` used for the --key and --gpg
options can not be called on a custom argument group, such as the
"required named arguments" group. As a consequence the options
are listed in the "optional arguments" section. Since at least one
of them is required it is better to list both of them in the
"required named arguments" group (in addition to clarifying their
use in via the per-argument description.
This commit removes the use of add_mutually_exclusive_group and
siwtches to manual mutual exclusion check for --key and --gpg
arguments (as in in_toto_run) for better help message/cli docs.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit f2fc26db383b9fbe5b9c86cc91ed47ceae107556
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Tue Jan 14 13:45:01 2020 +0100
Customize cli action group titles and order
Call helper functions to make argparse action group titles tile
case and to create a action group order for all in-toto cli tools.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit c7053045d2adc4653748d32f17a6515fa597be08
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Tue Jan 14 13:26:07 2020 +0100
Add argparse action group helper functions
Default argparse action groups are "optional arguments" and
"positional arguments". Most in-toto command line tools also use a
custom "required named arguments" action group.
This commit adds two helper function, one to make all group titles
title case, e.g. for consistency when using the sphinx argparse
extension, which title-cases default action groups only; and one
function to customize the order in which action groups are
displayed in the help message or in sphinx, to e.g. show required
arguments before optional arguments.
Note that the helpers access protected members of argparse.
Although not part of the official API these seem pretty stable, and
we don't heavily rely on them, in case they disappear, unit tests
will catch it and we can remove/replace the feature, for which they
are currently used.
This commit also adds tests for the two helpers.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 1e51f4475e02b6450520d2a2fd8930f0020c7d86
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Tue Jan 14 13:41:44 2020 +0100
Move argparser creation to separate function
Separate argument parser creation and configuration into a
create_parser function in all in-toto command line tools. This is
required to auto-generate sphinx documentation.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 00076fd1168108bc7025c1220bce5e7b3d83099d
Merge: 802cecd cc98289
Author: lukpueh <lukas.puehringer@nyu.edu>
Date: Tue Jan 28 09:35:39 2020 +0100
Merge pull request #345 from lukpueh/test-mixins
Add tmp dir and gpg key test mixins.
commit cc982897b17bbbbcc8d542a851c7c549d29daf9e
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Jan 27 17:18:00 2020 +0100
Remove unnused imports in tests
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit fdca9b0d3eb838c659110d32a72bf167d4452a68
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Jan 27 16:54:33 2020 +0100
Define gpg keyids for tests in GPGKeyMixin
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit de8b7622b8e2fea6515d5b17e77b7ad06e6ef060
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Jan 27 16:26:14 2020 +0100
Add GPGKeysMixin for test cases
- Add GPGKeysMixin with classmethod to locate the test gpg rsa
keyrings and copy them to the cwd (e.g. a temporary directory
when used after TmpDirMixin.set_up_test_dir).
- Configure relevant test cases to use the mixin in their
set up methods.
Note the mixin has a class variable gnupg_home which contains the
path to the keyring relative to cwd. This fixes an issue with gpg
on windows that has troubles migrating old keyrings if the homedir
is an absolute path with drive prefix (e.g. C:/path/to/keyring).
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 00eaf8d82361073a579514f0c40bdf25ff35f7f9
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Mon Jan 27 16:11:26 2020 +0100
Add TmpDirMixin for test cases
- Add TmpDirMixin with class methods to create and change to
temporary directory, and to change back to original cwd and
remove the temporary directory.
- Configure relevant test cases to use the mixin in their
set up and tear down methods.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 802cecded6b0e8aca1c76c15baaafd77af32a1b5
Merge: 55b0526 64d2bd6
Author: Santiago Torres <santiago@nyu.edu>
Date: Wed Jan 15 13:37:50 2020 -0500
Merge pull request #339 from lukpueh/test-with-py38
Add Python 3.8 to tested versions
commit 55b0526af68f42f1182ba69940d03a3948296d95
Merge: e7c0009 820f53b
Author: Santiago Torres <santiago@nyu.edu>
Date: Wed Jan 15 13:36:36 2020 -0500
Merge pull request #340 from lukpueh/fix-lstrip-cli-bug
Use kwargs in in-toto-run to fix lstrip-paths bug
commit 820f53b629dd60e46e0f1973342f72f84cfb4743
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Wed Jan 15 14:43:42 2020 +0100
Use kwargs in in-toto-run to fix lstrip bug
The in_toto_run cli does not support all of in_toto_run's
arguments. By passing the kwargs as args and omitting some
intermediate args the lstrip_paths argument is wrongly passed
as compact_json argument.
This commit fixes the bug by passing all kwargs with their keyword
from the in_toto_run cli to the corresponding function in runlib.
It also fixes the existing test.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit 64d2bd66e5df3871440e006096ac2f368b07a8b8
Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
Date: Fri Jan 10 12:18:38 2020 +0100
Add Python 3.8 to tested versions
- Enable Py 3.8 for tox
- Enable Py 3.8 for travis
- Bump linting tox build Py version from 3.7 to 3.8
- Re-compile requirements-pinned.txt to combine pinned deps for
all supported Python versions:
- Removes obsolete transitive dep 'asn1crypto'
- Updates securesystemslib to latest version
- Re-adds transitive dependency subprocess
- Add Py 3.8 language classifier to setup.py
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
commit e7c0009e219ae935cc52eadab8df523d1f04ceab
Merge: 91ff647 97a2c88
Author: Santiago Torres <santiago@nyu.edu>
Date: Wed Jan 8 13:53:09 2020 -0500
Merge pull request #336 from SantiagoTorres/roadmap-review-2-2019
roadmap-reviews: december '19
commit 97a2c8837699591c153fec8306a143bbb59ba8df
Author: Santiago Torres <santiago@archlinux.org>
Date: Thu Jan 2 11:47:53 2020 -0500
roadmap-reviews: december '19
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Signed-off-by: Santiago Torres <santiago@archlinux.org>
![[bug history graph]](https://qa.debian.org/data/bts/graphs/i/in-toto.png){kind=link}