Comments (4)
I vote for a global lock for expediency.
On Tue, Mar 19, 2013 at 2:17 AM, TKK [email protected] wrote:
Presently, there is no thread-safety for some important things, such as:
- Switching tuf.conf global configuration variables between different
TUF clients.- Downloading the same target files with the same TUF client.
—
Reply to this email directly or view it on GitHubhttps://github.com/akonst/tuf/issues/49
.
from python-tuf.
I wonder whether we would like to extend concurrence-safety to the repository tools (e.g. making a delegation).
Why would we want this? Well, suppose a developer wants to generate TUF metadata for tens of thousands of packages. It would be nice if she could parallelize her automation without worrying about whether the TUF repository tools would be concurrence-safe (e.g. ensuring that the parent/delegator metadata is safely updated).
Anyway, even if we wanted to do this, it would be at the end of our priority queue.
from python-tuf.
Quick fix: Note in the readme that TUF might behave unexpectedly when concurrently downloading from the same location to the same location.
from python-tuf.
#972 added an explanation of this limitation to the readme.
from python-tuf.
Related Issues (20)
- tests: remove obsolete test metadata HOT 1
- repository: redesign needed after recent verify_delegate changes
- build: Enable python 3.12 HOT 4
- investigate alternative hatchling version pinning HOT 2
- Consider including `securesystemslib[crypto]` as a dependency in TUF HOT 4
- VerificationResult should include keys for keyids HOT 4
- Replace most linting tools with ruff HOT 1
- repository: maybe provide a Repository.get_delegating_role() HOT 2
- Yearly maintainer permissions review HOT 1
- Change `securesystemslib.dsse.Envelope.signatures` to dict upstream HOT 2
- Test all components with DSSE
- Test "ruff check --output-format=github" HOT 2
- linting: Enable more ruff rulesets HOT 7
- linting: enable pycodestyle for tests
- datetime.utcnow() is deprecated: stop using it HOT 1
- SimpleEnvelope._DEFAULT_PAYLOAD_TYPE should be public? HOT 1
- should build job require prior test job to pass? HOT 3
- possible blog post: Caching TUF metadata HOT 3
- provide user-agent customization?
- workflows: macos runners are missing older pythons
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from python-tuf.