Kwabhengezwa ukukhutshwa kwenguqulo entsha ye-1.0 yeSikhokelo soHlaziyo, eyaziwa ngokuba yiTUF kwaye ibonakala ngokuba sisikhokelo esibonelela ngeendlela zokujonga nokukhuphela uhlaziyo ngokukhuselekileyo.
Injongo ephambili yeprojekthi kukukhusela umxhasi kuhlaselo oluqhelekileyo kwiindawo zokugcina kunye neziseko ezingundoqo, kuquka ukubala ukukhuthazwa kohlaziyo olungeyonyani ngabahlaseli abadalwe emva kokufumana ukufikelela kwizitshixo zokuvelisa iisignesha zedijithali okanye ukuthomalalisa indawo yokugcina.
Malunga neTUF
Le projekthi iphuhlisa inani lamathala eencwadi, iifomati zefayile, kunye nezinto eziluncedo enokuthi idibaniswe lula kwiinkqubo zokuhlaziywa kwesicelo esele ikhona, inika ukhuseleko xa kwenzeka ukuphazamiseka okubalulekileyo ngabaphuhlisi besoftware. Ukusebenzisa i-TUF, kwanele ukongeza imethadatha efunekayo kwindawo yokugcina kunye nokudibanisa iinkqubo ezinikezelweyo kwi-TUF ukulayisha nokuqinisekisa iifayile kwikhowudi yomxhasi.
Isakhelo seTUF ithatha umsebenzi wokukhangela uhlaziyo, ikhuphela iukuhlaziya kwaye uqinisekise imfezeko yayo. Inkqubo yokufakela uhlaziyo ayiphambanisi ngokuthe ngqo kunye nemetadata eyongezelelweyo, eqinisekisiweyo kwaye ilayishwe yiTUF.
Ukudibanisa kunye nezicelo kunye neenkqubo zokufakela uhlaziyo, i-API ephantsi yokufikelela kwimethadatha kunye nokuphunyezwa kwe-API ngclient yomthengi ophezulu, elungele ukuhlanganiswa kwesicelo, inikezelwa.
Phakathi kohlaselo olunokuthi i-TUF ikwazi ukumelana nayo zi uguqulelo endaweni phantsi komkhusane wohlaziyo ukubhloka ukulungiswa kubuthathaka kwisoftware okanye ukubuyisela umsebenzisi kuguqulelo olusesichengeni lwangaphambili, ngokunjalo ukukhuthaza uhlaziyo olulunya isayinwe ngokuchanekileyo kusetyenziswa isitshixo esithotyiweyo, ukwenza uhlaselo lweDoS kubathengi, njengokuzalisa idiski ngohlaziyo olungenasiphelo.
Ukukhuselwa ekuthotyweni kweziseko zophuhliso yomthengisi wesoftware iphunyezwa ngokugcina iirekhodi ezahlukeneyo ezingqinisisekayo zommandla wogcino okanye isicelo.
Los Imetadata eqinisekisiweyo ye-TUF ibandakanya ulwazi oluphambili enokuthenjwa, i-cryptographic hashes ukuvavanya ukuthembeka kwefayile, iisignesha ezongezelelweyo zedijithali zokuqinisekisa imethadatha, ulwazi lwenombolo yenguqulo, kunye nolwazi lwerekhodi lobomi. Izitshixo ezisetyenziselwa ukuqinisekiswa zinobomi obulinganiselweyo kwaye zifuna uhlaziyo oluqhubekayo ukukhusela ngokuchasene nokusayina ngezitshixo ezindala.
Ukunciphisa umngcipheko wokuthotyelwa kwenkqubo yonke kufezekiswa ngokusetyenziswa kwemodeli yokwahlula ukuthembela, apho iqela ngalinye lilinganiselwe kuphela kwindawo elijongene nayo ngokuthe ngqo.
Inkqubo isebenzisa uluhlu lweendima ezinezitshixo zazo, umzekelo, indima yengcambu ibonakalisa izitshixo zeendima ezijongene nemetadata kwindawo yokugcina, idatha malunga nexesha lokwenziwa kohlaziyo kunye nolwakhiwo olujoliswe kuyo, ngokunjalo, indima enoxanduva lokwakha imiqondiso yeendima ezihambelana nokuqinisekiswa kweefayile ezinikezelweyo. .
Ukukhusela kwisivumelwano esiphambili, isebenzisa isixhobo sokurhoxisa isitshixo esikhawulezileyo kunye nokutshintshwa. Isitshixo ngasinye sigxininisa kuphela amagunya afunekayo amancinci, kwaye imisebenzi ye-notarization ifuna ukusetyenziswa kwezitshixo ezininzi (ukuvuza kweqhosha elilodwa akuvumeli ukuhlaselwa ngoko nangoko kumxhasi, kwaye ukuthobela inkqubo yonke, kuyimfuneko ukubamba izitshixo ze bonke abathathi-nxaxheba).
Umxhasi unokwamkela kuphela iifayile ezenziwe emva kwexesha kuneefayile ezifunyenwe ngaphambili, kwaye idatha ikhutshelwa kuphela ngokobungakanani obuchazwe kwimethadatha eqinisekisiweyo.
Ushicilelo olupapashiweyo lwe I-TUF 1.0.0 ibonelela ngokuphunyezwa kwereferensi ebhalwe ngokutsha ngokupheleleyo kunye noguqulelo oluzinzile lwenkcazo ye-TUF onokuyisebenzisa njengomzekelo ongaphandle kwebhokisi xa udala ukuphunyezwa kwakho okanye ukudibanisa kwiiprojekthi zakho.
Ukuphunyezwa okutsha iqulethe ikhowudi encinci kakhulu (imigca ye-1400 endaweni ye-4700), kulula ukuyigcina kwaye inokwandiswa ngokulula, umzekelo, ukuba ufuna ukongeza inkxaso kwi-stacks yenethiwekhi ethile, iinkqubo zokugcina, okanye i-encryption algorithms.
Le projekthi iphuhliswe phantsi kwenkxaso yeLinux Foundation kwaye isetyenziselwa ukuphucula ukhuseleko lokunikezelwa kohlaziyo kwiiprojekthi ezifana ne-Docker, i-Fuchsia, i-Automotive Grade Linux, i-Bottlerocket, kunye ne-PyPI (ukufakwa kokuqinisekiswa kokukhuphela kunye nemethadatha kwi-PyPI kulindeleke kungekudala).
Okokugqibela, ukuba unomdla wokwazi ngakumbi malunga nayo, ungajonga iinkcukacha Kule khonkco ilandelayo.