Add version 0.10.1 changes to CHANGELOG.md

vladimir-v-diaz · vladimir-v-diaz · commit 0b2b497891c1 · 2017-11-13T16:07:10.000-05:00
Signed-off-by: Vladimir Diaz &lt;vladimir.v.diaz@gmail.com&gt;
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,11 +1,111 @@
 # Changelog
 ## v0.10.1
 
-*
+Note: This is a backwards-incompatible pre-release.
 
-*
+* Add CHANGELOG.md, MAINTAINERS.txt, CODE-OF-CONDUCT.md, GOVERNANCE.md,
+  ADOPTERS.md, DCO requirements, and instructions for submitting a vulnerability
+  report.
 
-*
+* Move specification to github.com/theupdateframework/specification.
+
+* Dual license the project: MIT license and Apache license, version 2.
+
+* Update to latest version of securesystemslib v0.10.8, which dropped PyCrypto
+  and multi-lib support.
+
+* Add ecdsa-sha2-nistp256 to specification.
+
+* Remove directory of example metadata.  Documentation now references unit test
+  metadata.
+
+* Implement TAP 9 (mandatory metadata signing schemes).
+  https://github.com/theupdateframework/taps/blob/master/tap9.md
+
+* Drop support for Python 2.6 and 3.3.
+
+* Support Python 3.6.
+
+* Improve code coverage to 99%.
+
+* Convert specification from text to Markdown format.
+
+* Add MERCURY paper, which covers protection against roleback attacks.
+
+* Implement TAP 6 (include specification version in metadata).
+
+* Implement TAP 10 (remove native support for compressed metadata).
+
+* Support ability to append an externally-generated signature to metadata.
+
+* Remove capitalization from rolenames listed in metadata.
+
+* Add a more detailed client workflow to specification.
+
+* Modify client workflow: A client must now fetch root first.  Intermediate
+  versions of Root must also be downloaded and verified by the client.  See
+  specification for modified workflow.
+
+* Fix bug with key IDs, where incorrect number of key IDs are detected.
+
+* Minor bug fixes, such as catching correct type and number of exceptions,
+  detection of slow retrieval attack, etc.
+
+* Do not list Root's hash and lenth in Snapshot (only its version number).
+
+* Allow user to configure hashing algorithm used to generate hashed bin delegations.
+
+* Fix Markdown errors in SECURITY.md.
+
+* Add fast-forward attack to specification
+
+* Remove simple-settings dependency
+
+* Move crypto-related code to external library (securesystemslib).
+
+* Allow replacement of already listed targets in metadata.  Fix issue #319.
+
+* Add instructions for contributors in README.
+
+* Copy (rather than link) target file to consistent target.  Fix issue #390.
+
+* Rename target() -> get_one_valid_targetinfo().
+
+* Ensure consistent Root is written if consistent snapshot = False.  Fix issue #391.
+
+* repository_tool.status(): Print status of only the top-level roles.
+
+* Document and demonstrate protection against repository attacks.
+
+* Add installation instructions for Fedora-based environments.
+
+* Exclude "private" dict key from metadata.
+
+* "backtrack" attribute renamed to "terminating".
+
+* Fix data loss that might occur during sudden power failure.  Pull requests #365, 367.
+
+* Add repository tool function that can mark roles as dirty.
+
+* Store all delegated roles in one flat directory.
+
+* Support Unix shell-style wildcards for paths listed in metadata.
+
+* Add draft of specification (version 1.0).
+
+* Sleep a short while during download.py while loop to release CPU.
+
+* Support multiple key ID hashing algorithms.
+
+* Prepend version number to filename of consistent metadata.
+
+* Remove updater method: refresh_targets_metadata_chain().
+
+* Add Diplomat paper.  It covers integrating TUF with community repositories.
+
+* Add project logo.
+
+* Delegations now resemble a graph, rather than a tree.
 
 
 ## v0.10.0
