0.0.1

jku released this 25 Jul 09:20

· 599 commits to main since this release

08eeb65

initial release of TUF-on-CI.

TUF-on-CI is a repository and signer implementation of
https://theupdateframework.io/ that runs on a Continuous Integration platform.

Features include:

Threshold signing with hardware keys and Sigstore
Automated online signing with multiple KMSs
Polished signing user experience
No custom code required

The signer is not available from PyPI in this release but will be in future releases.
See README.md for repository and signer setup instructions.

Upgrading an existing repository installation

Start pinning tuf-on-ci actions in your workflows (see example in theupdateframework/tuf-on-ci-template#3)
Use Dependabot in your GitHub project to get automatic update PRs in the future

Assets 2