|
1 | 1 | # Changelog |
2 | 2 |
|
| 3 | +## v0.17.0 |
| 4 | +**NOTE**: this will be the final release of tuf that supports Python 2.7. |
| 5 | +This is because Python 2.7 was marked [end-of-life]( |
| 6 | +https://www.python.org/dev/peps/pep-0373/) in January of 2020, and |
| 7 | +since then several of tuf's direct and transient dependencies have stopped |
| 8 | +supporting Python 2.7. |
| 9 | + |
| 10 | +### Added |
| 11 | +* Added Architectural Decisions Records (ADRs) for: |
| 12 | + * where to develop python-tuf 1.0 (#1220) |
| 13 | + * to justify the extent of OOP in the metadata model (#1229) |
| 14 | + * to decide on a Python code style guide (#1232) |
| 15 | + |
| 16 | +### Changed |
| 17 | +* Switch to GitHub Actions for CI (#1242, #1283, #1252) |
| 18 | +* Switch to only running bandit on Python versions greater than 3.5 (#1234) |
| 19 | +* Bump dependencies: requests (#1245), chardet (#1239), urllib3 (#1268), |
| 20 | + cffi (#1280), securesystemslib (#1285), cryptography (#1282, #1286). |
| 21 | + **NOTE**: the latest version of cryptography is no longer used on |
| 22 | + Python 2, as that is not supported. |
| 23 | +* Moved from dependabot-preview to GitHub native Dependabot (#1258) |
| 24 | +* Configure dependabot to ignore idna, as it breaks Python 2.7 builds (#1259) |
| 25 | +* Install securesystemslib in tox in non-editable mode (#1228) |
| 26 | +* Change the editable venv installation order (#1271) |
| 27 | + |
| 28 | +### Fixed |
| 29 | +* Updated expiration check in Updater to better match the specification (#1235) |
| 30 | +* Ensure tempfile's are closed in Updater (#1226) |
| 31 | + |
| 32 | +### Removed |
| 33 | +* Dropped support for Python 3.5 (#1238) |
| 34 | + |
3 | 35 | ## v0.16.0 |
4 | 36 | ### Added |
5 | 37 | * Begin to document architectural and project-wide decisions as Architectural |
|
0 commit comments