-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Removes unused and TUF-specific content from securesystemslib #165
Conversation
@lukpueh |
Removal of securesystemslib exceptions that are TUF-specific occurs in securesystemslib PR #165 secure-systems-lab/securesystemslib#165 This commit adapts to those changes. Exceptions that are specific to TUF should be in TUF and not in securesystemslib. This commit uses those already-existing TUF exceptions instead of pointing to securesystemslib exceptions that will be removed. For example, securesystemslib has no notion of repositories, so it's ridiculous to have a RepositoryError in securesystemslib and ridiculous for TUF to use securesystemslib.exceptions.RepositoryError. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Also closes #75 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apologies for the late review. This slipped under my radar. It mostly looks good. I'd like to double check a few more things before merging and update a few others (see TODO below).
- Confirming that
*Error
classes removed fromexceptions.py
are obsolete or TUF-specific and in the latter case already exist in TUF. - Confirming that
*_SCHEMA
definitions removed fromformats.py
are obsolete or TUF-specific and in the latter case already exist in TUF. Except for the following, which are not defined but used in TUF (tip ofdevelop
branch):- KEYDB_SCHEMA
- SIGNATURESTATUS_SCHEMA
- SIGNATURES_SCHEMA
- VERSIONINFO_SCHEMA
- Confirming that the functions removed from
util.py
are obsolete.
TODO:
Confirm whether existing TUF PRs add or re-write import paths for the used schemas, and create PRs otherwise- Created PR to add
KEYDB_SCHEMA
,SIGNATURESTATUS_SCHEMA
andVERSIONINFO_SCHEMA
back to TUF (see Add TUF-specific schemas removed in sslib theupdateframework/python-tuf#910) - Re-added
SIGNATURES_SCHEMA
here
- Created PR to add
Create TUF PR to transfer tuf specificutil.get_target_hash
and remove hereRemove compression related functions/exception, already marked for removal- deferred for a separate cleanup PR
Grep for tuf specific comments and consider removing them
The following functions in securesystemslib.util are not used anywhere, not in securesystemslib, not in TUF, and not in in-toto: - find_delegated_roles - ensure_all_targets_allowed - paths_are_consistent_with_hash_prefixes In addition, the first two are also clearly TUF-specific (and the third is a close call). So I'm removing them all. This commit also removes their tests. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
This follows from the commit with subject: "Removes TUF-specific formats from formats.py" It: - removes testing for schemas that were removed by that commit (TUF-specific or otherwise unnecessary schemas) - corrects uses of the deleted RELPATH_SCHEMA to PATH_SCHEMA and RELPATHS_SCHEMA to PATHS_SCHEMA Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
sys and fnmatch are no longer needed due to the removal of unused functions in prior commits. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
and also marks the DecompressionError exception for possible future removal (alongside the compression-related functions). Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
9e21c9b
to
d0811e0
Compare
d0811e0
to
318f90a
Compare
The function used to last be implemented in securesystemslib and repository_lib.get_taget_hash only served as wrapper. secure-systems-lab/securesystemslib#165 drops the function as TUF-specific. The used constant `securesystemslib.util.HASH_FUNCTION` is replaced with `tuf.settings.DEFAULT_HASH_ALGORITHM`, both of which default to 'sha256'. NOTE: repository_lib.get_taget_hash might be removed altogether in the future (see corresponding code comment). Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Also remove now obsolete util.HASH_FUNCTION and corresponding tests. The function is added back to tuf in theupdateframework/python-tuf#909.
Add schemas KEYDB_SCHEMA, SIGNATURESTATUS_SCHEMA and VERSIONINFO_SCHEMA, removed in secure-systems-lab/securesystemslib#165 as TUF specific, and adopt usage accordingly. NOTE: The usefulness of these schemas may be assessed in a different PR.
Add schemas KEYDB_SCHEMA, SIGNATURESTATUS_SCHEMA and VERSIONINFO_SCHEMA, removed in secure-systems-lab/securesystemslib#165 as TUF specific, and adopt usage accordingly. NOTE: The usefulness of these schemas may be assessed in a different PR. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
@awwad, I reviewed your code and made a couple of minor additions (see #165 (review)). |
Add schemas KEYDB_SCHEMA, SIGNATURESTATUS_SCHEMA and VERSIONINFO_SCHEMA, removed in secure-systems-lab/securesystemslib#165 as TUF specific, and adopt usage accordingly. NOTE: The usefulness of these schemas may be assessed in a different PR. Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Verified *Error
, *_SCHEMA
, and util.*
removed here have been moved to TUF / are no longer used.
Is there conversation around re-adding SIGNATURES_SCHEMA
to securesystemslib
for clarity?
Thanks for the review, @adityasaky. |
Yep, I saw that! I was just wondering because it was removed then added back in. Definitely doesn't hurt to keep it around. :) |
Removal of securesystemslib exceptions that are TUF-specific occurs in securesystemslib PR #165 secure-systems-lab/securesystemslib#165 This commit adapts to those changes. Exceptions that are specific to TUF should be in TUF and not in securesystemslib. This commit uses those already-existing TUF exceptions instead of pointing to securesystemslib exceptions that will be removed. For example, securesystemslib has no notion of repositories, so it's ridiculous to have a RepositoryError in securesystemslib and ridiculous for TUF to use securesystemslib.exceptions.RepositoryError. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
Removal of securesystemslib exceptions that are TUF-specific occurs in securesystemslib PR #165 secure-systems-lab/securesystemslib#165 This commit adapts to those changes. Exceptions that are specific to TUF should be in TUF and not in securesystemslib. This commit uses those already-existing TUF exceptions instead of pointing to securesystemslib exceptions that will be removed. For example, securesystemslib has no notion of repositories, so it's ridiculous to have a RepositoryError in securesystemslib and ridiculous for TUF to use securesystemslib.exceptions.RepositoryError. Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
This PR carves out lots of unnecessary content in securesystemslib. It:
get_targets_hash
)RELPATH_SCHEMA
andRELPATHS_SCHEMA
, which were unnecessary/misleading and are replaced by the existingPATH_SCHEMA
andPATHS_SCHEMA
(appears not to require changes in in-toto; requires changes in TUF that will already be made in TUF PR 846)It also removes or corrects relevant tests.
This largely resolves Issue #161, especially given the prior merge of PR #162.