Ukukhutshwa kwe-TUF 1.0 (I-Framework yoHlaziyo) ishicilelwe, ibonelela ngezixhobo zokujonga ngokukhuselekileyo kunye nokukhuphela ukuhlaziywa. Injongo ephambili yeprojekthi kukukhusela umxhasi ekuhlaselweni okuqhelekileyo kwii-repositories kunye neziseko zophuhliso, kubandakanywa ukubala ukukhuthazwa ngabahlaseli bohlaziyo oluyinkohliso olwenziwe emva kokufumana ukufikelela kwizitshixo zokuvelisa iisignesha zedijithali okanye ukuphazamisa indawo yokugcina. Le projekthi iphuhliswe phantsi kwesiseko seLinux Foundation kwaye isetyenziselwa ukuphucula ukhuseleko lonikezelo lohlaziyo kwiiprojekthi ezifana neDocker, Fuchsia, Automotive Grade Linux, Bottlerocket kunye nePyPI (ukufakwa kokuqinisekiswa kokukhuphela kunye nemetadata kwiPyPI kulindeleke kwi kwixesha elizayo elikufutshane). Ikhowudi yokusetyenziswa kwereferensi ye-TUF ibhalwe kwiPython kwaye isasazwe phantsi kwelayisensi ye-Apache 2.0.
Le projekthi iphuhlisa uluhlu lwamathala eencwadi, iifomathi zefayile kunye nezixhobo ezinokudityaniswa lula kwiinkqubo zohlaziyo lwezicelo ezikhoyo, ukubonelela ngokhuseleko xa kwenzeka ukuphazamiseka okuphambili kwicala labaphuhlisi besoftware. Ukusebenzisa i-TUF, kwanele ukongeza imethadatha efunekayo kwindawo yokugcina, kwaye udibanise iinkqubo ezinikezelweyo kwi-TUF yokukhuphela kunye nokuqinisekisa iifayile kwikhowudi yomxhasi.
Isakhelo se-TUF sithatha imisebenzi yokujonga uhlaziyo, ukukhuphela uhlaziyo, kunye nokuqinisekisa ukuthembeka kwayo. Inkqubo yokufakela uhlaziyo ayiphazamisi ngokuthe ngqo imethadatha eyongezelelweyo, ukuqinisekiswa kunye nokulayisha okwenziwa yi-TUF. Ukudibanisa kunye nezicelo kunye neenkqubo zokufakela uhlaziyo, i-API ephantsi yokufikelela kwimethadatha kunye nokuphunyezwa kwe-API ngclient yomthengi ophezulu, elungele ukuhlanganiswa kunye nezicelo, inikezelwa.
Phakathi kohlaselo olunokuthi i-TUF ikwazi ukulwa nayo kukutshintshwa kwezinto ezikhutshwayo ezidala phantsi kwengubo yohlaziyo ukuze kuthintelwe ukulungiswa kobuthathaka besofthiwe okanye ukubuyisela umva komsebenzisi kuguqulelo oludala olusemngciphekweni, kunye nokukhuthaza uhlaziyo olubi olusayinwe ngokuchanekileyo usebenzisa i-compromised. isitshixo, i-DoS ihlasela abathengi, njengokuzalisa idiski ngohlaziyo olungenasiphelo.
Ukukhuselwa ekuthotyweni kweziseko ezingundoqo zomboneleli wekhompyutha kufezekiswa ngokugcina iirekhodi ezahlukileyo, ezingqinisisekayo zesimo sogcino okanye isicelo. I-Metadata eqinisekisiwe yi-TUF iquka ulwazi malunga nezitshixo ezinokuthenjwa, i-cryptographic hashes ukuvavanya ukunyaniseka kweefayile, iisignesha ezongezelelweyo zedijithali zokuqinisekisa imethadatha, ulwazi malunga neenombolo zenguqu, kunye nolwazi malunga nexesha lokuphila kweerekhodi. Izitshixo ezisetyenziselwa ukuqinisekiswa zinobomi obulinganiselweyo kwaye zifuna uhlaziyo oluqhubekayo ukukhusela ngokuchasene nokwakhiwa kwesiginitsha ngamaqhosha amadala.
Ukunciphisa umngcipheko wokuthotyelwa kwenkqubo yonke kufezekiswa ngokusetyenziswa kwemodeli yokuthembana okwabelwana ngayo, apho iqela ngalinye lilinganiselwe kuphela kwindawo elijongene nayo ngokuthe ngqo. Inkqubo isebenzisa i-hierarchy yeendima kunye nezitshixo zabo, umzekelo, indima yengcambu izibonakaliso izitshixo zeendima ezijongene nemetadata kwindawo yokugcina, idatha ngexesha lokuveliswa kohlaziyo kunye neendibano ekujoliswe kuzo, ngokulandelelana, indima ejongene neempawu zeendibano. iindima ezinxulumene nokuqinisekiswa kweefayile ezizisiweyo.
Ukukhusela ekuthomalaliseni okungundoqo, kusetyenziswe indlela yokurhoxiswa ngokukhawuleza nokutshintshwa kwezitshixo. Isitshixo ngasinye siqulethe kuphela amagunya afunekayo amancinci, kwaye imisebenzi yokuqinisekisa ifuna ukusetyenziswa kwezitshixo ezininzi (ukuvuza kweqhosha elilodwa akuvumeli ukuhlaselwa ngoko nangoko kumxhasi, kwaye ukuthomalalisa inkqubo yonke, izitshixo zabo bonke abathathi-nxaxheba kufuneka babe nesibindi. banjiwe). Umxhasi unokwamkela kuphela iifayile zamva nje kuneefayile ezifunyenwe ngaphambili, kwaye idatha ikhutshelwa kuphela ngokobungakanani obuchazwe kwimethadatha eqinisekisiweyo.
Ukukhutshwa okupapashiweyo kwe-TUF 1.0.0 kunika ukuphunyezwa kwereferensi ebhalwe ngokutsha ngokupheleleyo kwaye izinzile yenkcazo ye-TUF ongayisebenzisa njengomzekelo osele ulungile xa udala ukuphunyezwa kwakho okanye ukudibanisa kwiiprojekthi zakho. Ukuphunyezwa okutsha kuqulethe ikhowudi encinci kakhulu (imigca ye-1400 endaweni ye-4700), kulula ukuyigcina kwaye inokwandiswa ngokulula, umzekelo, ukuba kuyimfuneko ukongeza inkxaso ye-stacks yenethiwekhi ethile, iinkqubo zokugcina okanye i-encryption algorithms.
umthombo: opennet.ru