python3-conda-content-trust Subpackage of python-conda-content-trust
Signing and verification tools for conda
Based on The Update Framework (TUF), conda-content-trust is intended to ensure that when users in the conda ecosystem obtain a package or data about that package, they can know whether or not it is trustworthy (e.g. originally comes from a reliable source and has not been tampered with). A basic library and basic CLI are included to provide signing, verification, and trust delegation functionality. This exists as an alteration of TUF because of the very particular needs of the conda ecosystem. (Developers are encouraged to just use TUF whenever possible!) This tool is general purpose. It is currently used in conda 4.10.1+ to verify package metadata signatures when they are available.
Releases Overview
| Release | Stable | Testing |
|---|---|---|
| Fedora Rawhide | 0.2.0-1.fc42 | - |
Package Info
- Upstream: https://github.com/conda/conda-content-trust
- License(s): BSD-3-Clause
- Maintainer: orion
You can contact the maintainers of this package via email at
python-conda-content-trust dash maintainers at fedoraproject dot org.
Sources on Pagure