fleet

empayre/fleet

Fork 0

mirror of https://github.com/empayre/fleet.git synced 2024-11-06 08:55:24 +00:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Lucas Manuel Rodriguez	832b29f8c7	Update `go-tuf` to v0.5.0 (bis) (#8112 ) * Update go-tuf to v0.5.0 This was triggered by the security advisory [GHSA-3633-5h82-39pq](https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-3633-5h82-39pq). Fleet's use of go-tuf is not vulnerable to this issue due to not using key thresholds greater than 1. There were some API changes that necessitate changing the initialization code for the TUF client. See https://github.com/theupdateframework/go-tuf/issues/379 for further discussion. * Add changes file * Update default root metadata * Add review changes to update-go-tuf branch * Update tests * Add more checks to roots output Co-authored-by: Zach Wasserman <zach@fleetdm.com>	2022-10-07 17:03:39 -03:00
Lucas Manuel Rodriguez	7d8c38751d	Add TUF update guide (#7368 ) * Add TUF guide * Move docs to orbit/docs * Add fixes	2022-08-25 10:17:20 -05:00

Lucas Manuel Rodriguez

832b29f8c7

Update go-tuf to v0.5.0 (bis) (#8112 )

* Update go-tuf to v0.5.0

This was triggered by the security advisory
[GHSA-3633-5h82-39pq](https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-3633-5h82-39pq).
Fleet's use of go-tuf is not vulnerable to this issue due to not using
key thresholds greater than 1.

There were some API changes that necessitate changing the initialization
code for the TUF client. See
https://github.com/theupdateframework/go-tuf/issues/379 for further
discussion.

* Add changes file

* Update default root metadata

* Add review changes to update-go-tuf branch

* Update tests

* Add more checks to roots output

Co-authored-by: Zach Wasserman <zach@fleetdm.com>

2022-10-07 17:03:39 -03:00

Lucas Manuel Rodriguez

7d8c38751d

Add TUF update guide (#7368 )

* Add TUF guide

* Move docs to orbit/docs

* Add fixes

2022-08-25 10:17:20 -05:00

2 Commits