v0.17.0

Added

• Add interface.import_publickeys_from_file() convenience function (#278, #285)
• Add gpg.export_pubkeys() convenience function (#277)
• Add support to hash module for blake2b-256 algorithm (#283)

Changed

• Use ecdsa as keytype for ECDSA keys to better distinguish between keytype
  and scheme (#267)
• Bump dependencies: cffi (#266, #273), cryptography (#269, #274),
  and colorama (#284)
• Removed python-dateutil dependency (#268)
• Prepare Debian downstream releases (#198)
• Remove unused helper (_prompt) and global (SUPPORTED_KEY_TYPES) from
  interface module (#276)
• Refactored and extended interface tests (#279, #287)

v0.16.0

Added

• Added new, self-explanatory, AnyNonEmptyString schema (#244)
• Separate functions for getting a file's length, util.get_file_length(), and
  a file's hashes, util.get_file_hashes() (#259)

Changed

• Improved documentation for abstract storage interface (#240)
• Change PATHS_SCHEMA to be any non-empty string (#244)
• Updated keys.format_metadata_to_key() to take an optional list of hashing
  algorithms rather than requiring users modify settings.HASH_ALGORITHMS to
  change this behaviour (#227)
• Rather than silently ignoring empty paths, throw an exception on empty file
  path in storage.FileSystemBackend.create_folder (#252)

Fixed

• Proper tearing down of storage tests (#249)
• Handle empty directories in util.ensure_parent_dir() (#260)
• Fix tests to work with newer versions (3.0 or newer) of the cryptography
  module (#264)

v0.15.0

• Allow Blake (blake2s and blake2b) hashing algorithms (#218)
• new features
  • Add nistp384 signature verification support (#228)
  • Allow callers to provide a default keyid in format_metadata_to_key, rather than using the default keyid value of a hash of the canonical JSON of the key metadata (#225)
  • Implement files and directories abstraction as an abstract base class; StorageBackendInterface, with a concrete implementation for local filesystems; FilesystemBackend (#232). This enables users, such as tuf, to support non-local/non-traditional filesystems, so long as they provide an object implementing securesystemslib.storage.StorageBackendInterface. All functions which take a StorageBackendInterface default to creating a filesystemBackend object for local filesystem interaction when an object isn't provided. This means that behaviour remains the same as in prior (0.14.x) releases of securesystemslib, only instead of throwing exceptions rom the Python standard library a custom, generic, error is thrown: securesystemslib.exceptions.StorageError
• removed features
  • Remove support for gzipped files in load_json_file (#230)

Secure Systems Lib v0.14.2

• Re-enable OpenPGP signature verification without GnuPG (#215)

Secure Systems Lib v0.14.1

• Improve logging (#212, #211)
• Fix dependency monitoring and revise requirements files (#209)
• Further improve optional dependency handling (#206)
• Update release metadata (#205)

Secure Systems Lib v0.14.0

• behavior change
  • Default to pure Python ed25519 signature verification when nacl is unavailable (#200)
  • Fix settings.SUBPROCESS_TIMEOUT access in process module (#202)
• Improve schema-related error message (#199)
• Generally improve optional dependency handling (#200)
• Enhance test configuration, fix typos and remove unused code (#201)
• Fix improper identity check (#203)

Secure Systems Lib v0.13.1

• Fix MANIFEST.in to include all test data in source release (#196)

Secure Systems Lib v0.13.0

• Add support for OpenPGP EdDSA/ed25519 keys and signatures (#188)

Secure Systems Lib v0.12.2

• Remove unnecessary python-dateutil==2.8.0 version pinning to not cause downstream dependency conflicts (#192)

Secure Systems Lib v0.12.1

• Fix stream duplication race conditions in subprocess interface (#186)