diff --git a/README.md b/README.md new file mode 100644 index 0000000000..9f873155c5 --- /dev/null +++ b/README.md @@ -0,0 +1,90 @@ +A Framework for Securing Software Update Systems +------------------------------------------------ + +[![Travis-CI](https://travis-ci.org/theupdateframework/tuf.svg?branch=develop)](https://travis-ci.org/theupdateframework/tuf) +[![Coveralls](https://coveralls.io/repos/theupdateframework/tuf/badge.svg?branch=develop)](https://coveralls.io/r/theupdateframework/tuf?branch=develop) +[![PyUp](https://pyup.io/repos/github/theupdateframework/tuf/shield.svg)](https://pyup.io/repos/github/theupdateframework/tuf/) +[![Python 3](https://pyup.io/repos/github/theupdateframework/tuf/python-3-shield.svg)](https://pyup.io/repos/github/theupdateframework/tuf/) +[![FOSSA](https://app.fossa.io/api/projects/git%2Bgithub.com%2Ftheupdateframework%2Ftuf.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Ftheupdateframework%2Ftuf?ref=badge_shield) +[![CII](https://bestpractices.coreinfrastructure.org/projects/1351/badge)](https://bestpractices.coreinfrastructure.org/projects/1351) + +# TUF + +The Update Framework (TUF) helps developers maintain the security of a software +update system, even against attackers that compromise the repository or signing +keys. TUF provides a flexible framework and specification that developers can +adopt into any software update system. + +TUF is hosted by the [Linux Foundation](https://www.linuxfoundation.org/) as +part of the [Cloud Native Computing Foundation](https://www.cncf.io/) (CNCF) +and is used [in production](docs/ADOPTERS.md) by companies such as Docker, +DigitalOcean, Flynn, LEAP, Kolide, Cloudflare, and VMware. A variant of TUF +called [Uptane](https://uptane.github.io/) is widely used to secure +over-the-air updates in automobiles. + + +Documentation +------------- +* [Overview](docs/OVERVIEW.rst) +* [Specification](https://github.com/theupdateframework/specification/blob/master/tuf-spec.md) +* [Getting Started](docs/GETTING_STARTED.rst) +* [Governance](docs/GOVERNANCE.md) and [Maintainers](docs/MAINTAINERS.txt) +* [Miscellaneous Docs](docs/) + + +Contact +------- +Please contact us via our [mailing +list](https://groups.google.com/forum/?fromgroups#!forum/theupdateframework). +Questions, feedback, and suggestions are welcomed on this low volume mailing +list. + +We strive to make the specification easy to implement, so if you come across +any inconsistencies or experience any difficulty, do let us know by sending an +email, or by reporting an issue in the GitHub [specification +repo](https://github.com/theupdateframework/specification/issues). + +Security Issues and Bugs +------------------------ + +Security issues can be reported by emailing jcappos@nyu.edu. + +At a minimum, the report must contain the following: + +* Description of the vulnerability. +* Steps to reproduce the issue. + +Optionally, reports that are emailed can be encrypted with PGP. You should use +PGP key fingerprint **E9C0 59EC 0D32 64FA B35F 94AD 465B F9F6 F8EB 475A**. + +Please do not use the GitHub issue tracker to submit vulnerability reports. +The issue tracker is intended for bug reports and to make feature requests. +Major feature requests, such as design changes to the specification, should +be proposed via a [TUF Augmentation Proposal](docs/TAP.rst) (TAP). + +License +------- + +This work is [dual-licensed](https://en.wikipedia.org/wiki/Multi-licensing) and +distributed under the (1) MIT License and (2) Apache License, Version 2.0. +Please see [LICENSE-MIT](LICENSE-MIT) and [LICENSE](LICENSE). + + +Acknowledgements +---------------- + +This project is managed by Prof. [Justin +Cappos](https://ssl.engineering.nyu.edu/personalpages/jcappos/) and other +members of the [Secure Systems Lab](https://ssl.engineering.nyu.edu/) at [New +York University](https://engineering.nyu.edu/). +[Contributors](https://github.com/theupdateframework/tuf/blob/develop/docs/AUTHORS.txt) +and +[maintainers](https://github.com/theupdateframework/tuf/blob/develop/docs/MAINTAINERS.txt) +are governed by the [CNCF Community Code of +Conduct](https://github.com/cncf/foundation/blob/master/code-of-conduct.md). + +This material is based upon work supported by the National Science Foundation +under Grant Nos. CNS-1345049 and CNS-0959138. Any opinions, findings, and +conclusions or recommendations expressed in this material are those of the +author(s) and do not necessarily reflect the views of the National Science +Foundation. diff --git a/README.rst b/README.rst deleted file mode 100644 index b288042311..0000000000 --- a/README.rst +++ /dev/null @@ -1,114 +0,0 @@ -A Framework for Securing Software Update Systems ------------------------------------------------- - -.. image:: https://travis-ci.org/theupdateframework/tuf.svg?branch=develop - :target: https://travis-ci.org/theupdateframework/tuf - :alt: Travis - -.. image:: https://coveralls.io/repos/theupdateframework/tuf/badge.svg?branch=develop - :target: https://coveralls.io/r/theupdateframework/tuf?branch=develop - :alt: Coveralls - -.. image:: https://pyup.io/repos/github/theupdateframework/tuf/shield.svg - :target: https://pyup.io/repos/github/theupdateframework/tuf/ - :alt: pyup - -.. image:: https://pyup.io/repos/github/theupdateframework/tuf/python-3-shield.svg - :target: https://pyup.io/repos/github/theupdateframework/tuf/ - :alt: Python 3 - -.. image:: https://app.fossa.io/api/projects/git%2Bgithub.com%2Ftheupdateframework%2Ftuf.svg?type=shield - :target: https://app.fossa.io/projects/git%2Bgithub.com%2Ftheupdateframework%2Ftuf?ref=badge_shield - :alt: FOSSA - -.. image:: https://bestpractices.coreinfrastructure.org/projects/1351/badge - :target: https://bestpractices.coreinfrastructure.org/projects/1351 - :alt: CII - -.. raw:: html - - - ---------------------------------------------------------------- - -The Update Framework (TUF) helps developers maintain the security of a software -update system, even against attackers that compromise the repository or signing -keys. TUF provides a flexible framework and specification that developers can -adopt into any software update system. - -TUF is hosted by the `Linux Foundation `_ as -part of the `Cloud Native Computing Foundation `_ (CNCF) -and is used `in production `_ by companies such as Docker, -DigitalOcean, Flynn, LEAP, Kolide, Cloudflare, and VMware. A variant of TUF -called `Uptane `_ is widely used to secure -over-the-air updates in automobiles. - - -Documentation -------------- -* `Overview `_ -* `Specification `_ -* `Getting Started `_ -* `Governance `_ and `Maintainers `_ -* `Miscellaneous Docs `_ - - -Contact -------- -Please contact us via our `mailing list -`_. -Questions, feedback, and suggestions are welcomed on this low volume mailing -list. - -We strive to make the specification easy to implement, so if you come -across any inconsistencies or experience any difficulty, do let us know by -sending an email, or by reporting an issue in the `specification -repo `_. - -Security Issues and Bugs ------------------------- - -Security issues can be reported by emailing jcappos@nyu.edu. - -At a minimum, the report must contain the following: - -* Description of the vulnerability. -* Steps to reproduce the issue. - -Optionally, reports that are emailed can be encrypted with PGP. You should use -PGP key fingerprint **E9C0 59EC 0D32 64FA B35F 94AD 465B F9F6 F8EB 475A**. - -Please do not use the GitHub issue tracker to submit vulnerability reports. -The issue tracker is intended for bug reports and to make feature requests. -Major feature requests, such as design changes to the specification, should -be proposed via a `TUF Augmentation Proposal `_. - -License -------- - -This work is `dual-licensed `_ -and distributed under the (1) MIT License and (2) Apache License, Version 2.0. -Please see `LICENSE-MIT `_ and `LICENSE -`_. - - -Acknowledgements ----------------- - -This project is managed by Prof. `Justin Cappos -`_ and other members of -the `Secure Systems Lab `_ at `New York -University `_. `Contributors -`_ and -`maintainers -`_ -are governed by the `CNCF Community Code of Conduct -`_. - -This material is based upon work supported by the National Science Foundation -under Grant Nos. CNS-1345049 and CNS-0959138. Any opinions, findings, and -conclusions or recommendations expressed in this material are those of the -author(s) and do not necessarily reflect the views of the National Science -Foundation. diff --git a/dev-requirements.txt b/dev-requirements.txt index 59a2cebe75..75c4b7c00c 100644 --- a/dev-requirements.txt +++ b/dev-requirements.txt @@ -35,5 +35,5 @@ six==1.11.0 smmap2==2.0.3 stevedore==1.28.0 tox==3.0.0 -virtualenv==15.2.0 +virtualenv==16.0.0 wrapt==1.10.11 diff --git a/setup.py b/setup.py index 67a6e6e006..70df01aeb8 100755 --- a/setup.py +++ b/setup.py @@ -75,7 +75,7 @@ from setuptools import find_packages -with open('README.rst') as file_object: +with open('README.md') as file_object: long_description = file_object.read() setup(