Source: golang-github-theupdateframework-go-tuf
Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
Uploaders: Reinhard Tartler <siretart@tauware.de>,
           Simon Josefsson <simon@josefsson.org>,
Section: golang
Testsuite: autopkgtest-pkg-go
Build-Depends: debhelper-compat (= 13),
               dh-sequence-golang,
               golang-any,
               golang-github-cenkalti-backoff-dev,
               golang-github-docopt-docopt-go-dev,
               golang-github-go-logr-stdr-dev,
               golang-github-secure-systems-lab-go-securesystemslib-dev,
               golang-github-sigstore-sigstore-dev,
               golang-github-spf13-cobra-dev,
               golang-github-stretchr-testify-dev,
Standards-Version: 4.7.3
Vcs-Browser: https://salsa.debian.org/go-team/packages/golang-github-theupdateframework-go-tuf
Vcs-Git: https://salsa.debian.org/go-team/packages/golang-github-theupdateframework-go-tuf.git
Homepage: https://github.com/theupdateframework/go-tuf
XS-Go-Import-Path: github.com/theupdateframework/go-tuf

Package: golang-github-theupdateframework-go-tuf-dev
Architecture: all
Multi-Arch: foreign
Depends: golang-github-cenkalti-backoff-dev,
         golang-github-docopt-docopt-go-dev,
         golang-github-go-logr-stdr-dev,
         golang-github-secure-systems-lab-go-securesystemslib-dev,
         golang-github-sigstore-sigstore-dev,
         golang-github-spf13-cobra-dev,
         golang-github-stretchr-testify-dev,
         ${misc:Depends},
Description: Securing software in golang (library)
 The Update Framework (TUF) helps developers maintain the security of software
 update systems, providing protection even against attackers that compromise
 the repository or signing keys. TUF provides a flexible framework and
 specification that developers can adopt into any software update system.

Package: go-tuf
Section: devel
Architecture: any
Depends: ${misc:Depends},
         ${shlibs:Depends},
Static-Built-Using: ${misc:Static-Built-Using}
Description: framework for Securing Software Update Systems (program)
 The Update Framework (TUF) (https://theupdateframework.io/) is a
 framework for secure content delivery and updates. It protects against
 various types of supply chain attacks and provides resilience to
 compromise.
 .
 The Update Framework (TUF) design helps developers maintain the security
 of a software update system, even against attackers that compromise the
 repository or signing keys. TUF provides a flexible specification
 (https://github.com/theupdateframework/specification/blob/master/tuf-
 spec.md) defining functionality that developers can use in any software
 update system or re-implement to fit their needs.
 .
 The go-tuf v2 project provides a lightweight library with the following
 functionality:
 .
  * creation, reading, and writing of TUF metadata
  * an easy object-oriented approach for interacting with TUF metadata
  * consistent snapshots
  * signing and verifying TUF metadata
  * ED25519, RSA, and ECDSA key types referenced by the latest TUF
    specification
  * top-level role delegation
  * target delegation via standard and hash bin delegations
  * support of succinct hash bin delegations (https://github.
    com/theupdateframework/taps/blob/master/tap15.md) which significantly
    reduce the size of the TUF metadata
  * support for unrecognized fields within the metadata (i.e. preserved
    and accessible through root.Signed.UnrecognizedFields["some-unknown-
    field"], also used for verifying/signing (if included in the Signed
    portion of the metadata))
  * TUF client API
  * TUF multi-repository client API (implements TAP 4 - Multiple
    repository consensus on entrusted targets (https://github.
    com/theupdateframework/taps/blob/master/tap4.md))
 .
 This package contains the command-line tool 'tuf-client'.
