Python-TUF development blog

This is the development blog for the Python-TUF project, welcome! If you want to learn how to use Python-TUF, check out our developer documentation.


  • New signing API

    Things should be made as simple as possible – but no simpler.

    - sometimes attributed to Einstein

  • Python-tuf source code audit

    We are pleased to announce completion of a source code audit of the recently refactored python-tuf codebase.

  • Testing Tricky Edge Cases in a TUF Client

    Usually the TUF Specification creates an impression of simple and straightforward approach to address software update systems security gaps. In the next few paragraphs we’ll try to convince you that the devil is in the details.

  • What's new in Python-TUF ngclient?

    We recently released a new TUF client implementation, ngclient, in Python-TUF. This post explains why we ended up doing that when a client already existed.

  • Python-TUF reaches version 1.0.0

    The Python-TUF community is proud to announce the release of Python-TUF 1.0.0. The release, which is available on PyPI and GitHub, introduces new stable and more ergonomic APIs.

subscribe via RSS