theupdateframework · jku · Mar 11, 2025 · Mar 10, 2025 · DimitriPapadopoulos · Mar 10, 2025
@@ -13,7 +13,7 @@ This release is API compatible but contains a major internal change in the HTTP
     the fetcher at Updater initialization and explicitly depending on requests
 * ngclient: TLS certificate source was changed. Certificates now come from operating
   system certificate store instead of `certifi` (#2762)
-* Test infrastucture has improved and should now be more usable externally, e.g. in
+* Test infrastructure has improved and should now be more usable externally, e.g. in
   distro test suites (#2749)
 
 ## v5.1.0
@@ -789,7 +789,7 @@ Note: This is a backwards-incompatible pre-release.
 * Minor bug fixes, such as catching correct type and number of exceptions,
   detection of slow retrieval attack, etc.
 
-* Do not list Root's hash and lenth in Snapshot (only its version number).
+* Do not list Root's hash and length in Snapshot (only its version number).
 
 * Allow user to configure hashing algorithm used to generate hashed bin delegations.
 

@@ -7,7 +7,7 @@ We recently released a new TUF client implementation, `ngclient`, in Python-TUF.
 
 # Simpler implementation, "correct" abstractions
 
-The legacy code had a few problems that could be summarized as non-optimal abstractions: Significant effort had been put to code re-use, but not enough attention had been paid to ensure the expectations and promises of that shared code were the same in all cases of re-use. This combined with Pythons type ambiguity, use of dictionaries as "blob"-like data structures and extensive use of global state meant touching the shared functions was a gamble: there was no way to be sure something wouldn't break.
+The legacy code had a few problems that could be summarized as non-optimal abstractions: Significant effort had been put to code reuse, but not enough attention had been paid to ensure the expectations and promises of that shared code were the same in all cases of reuse. This combined with Pythons type ambiguity, use of dictionaries as "blob"-like data structures and extensive use of global state meant touching the shared functions was a gamble: there was no way to be sure something wouldn't break.
 
 During the redesign, we really concentrated on finding abstractions that fit the processes we wanted to implement. It may be worth mentioning that in some cases this meant abstractions that have no equivalent in the TUF specification: some of the issues in the legacy implementation look like the result of mapping the TUF specifications [_Detailed client workflow_](https://theupdateframework.github.io/specification/latest/#detailed-client-workflow) directly into code.
 

@@ -7,7 +7,7 @@
 'repository_lib'. (see ADR-0010 for details about repository library design)
 
 Contents:
-- Re-usable hash bin delegation helpers
+- Reusable hash bin delegation helpers
 - Basic hash bin delegation example
 
 See 'basic_repo.py' for a more comprehensive TUF metadata API example.
@@ -133,7 +133,7 @@ def find_hash_bin(path: str) -> str:
 # Keys
 # ----
 # Given that the primary concern of hash bin delegation is to reduce network
-# overhead, it is acceptable to re-use one signing key for all delegated
+# overhead, it is acceptable to reuse one signing key for all delegated
 # targets roles (bin-n). However, we do use a different key for the delegating
 # targets role (bins). Considering the high responsibility but also low
 # volatility of the bins role, it is recommended to require signature

@@ -8,8 +8,8 @@
 import socketserver
 from http.server import SimpleHTTPRequestHandler
 
-# Allow re-use so you can re-run tests as often as you want even if the
-# tests re-use ports. Otherwise TCP TIME-WAIT prevents reuse for ~1 minute
+# Allow reuse so you can re-run tests as often as you want even if the
+# tests reuse ports. Otherwise TCP TIME-WAIT prevents reuse for ~1 minute
 socketserver.TCPServer.allow_reuse_address = True
 
 httpd = socketserver.TCPServer(("localhost", 0), SimpleHTTPRequestHandler)

@@ -105,7 +105,7 @@ def test_generic_read(self) -> None:
             (Timestamp.type, Timestamp),
             (Targets.type, Targets),
         ]:
-            # Load JSON-formatted metdata of each supported type from file
+            # Load JSON-formatted metadata of each supported type from file
             # and from out-of-band read JSON string
             path = os.path.join(self.repo_dir, "metadata", metadata + ".json")
             md_obj = Metadata.from_file(path)
@@ -181,7 +181,7 @@ def test_to_from_bytes(self) -> None:
             with open(path, "rb") as f:
                 metadata_bytes = f.read()
             md_obj = Metadata.from_bytes(metadata_bytes)
-            # Comparate that from_bytes/to_bytes doesn't change the content
+            # Compare that from_bytes/to_bytes doesn't change the content
             # for two cases for the serializer: noncompact and compact.
 
             # Case 1: test noncompact by overriding the default serializer.

@@ -48,7 +48,7 @@ def tearDown(self) -> None:
     def _run_script_and_assert_files(
         self, script_name: str, filenames_created: list[str]
     ) -> None:
-        """Run script in exmple dir and assert that it created the
+        """Run script in example dir and assert that it created the
         files corresponding to the passed filenames inside a 'tmp*' test dir at
         CWD."""
         script_path = str(self.repo_examples_dir / script_name)

@@ -27,7 +27,7 @@
 )
 
 
-class TestMetadataComparisions(unittest.TestCase):
+class TestMetadataComparisons(unittest.TestCase):
     """Test __eq__ for all classes inside tuf/api/metadata.py."""
 
     metadata: ClassVar[dict[str, bytes]]

@@ -209,7 +209,7 @@ def test_do_snapshot_after_snapshot_key_change(self) -> None:
         self.assertEqual(2, snapshot_versions[-1].signed.version)
 
     def test_do_timestamp(self) -> None:
-        # Expect no-op because snpashot has not changed and timestamp is still valid
+        # Expect no-op because snapshot has not changed and timestamp is still valid
         created, _ = self.repo.do_timestamp()
 
         self.assertFalse(created)

@@ -152,17 +152,17 @@ def test_update_metadata_output(self) -> None:
         )
         snapshot = self.trusted_set.update_snapshot(self.metadata["snapshot"])
         targets = self.trusted_set.update_targets(self.metadata["targets"])
-        delegeted_targets_1 = self.trusted_set.update_delegated_targets(
+        delegated_targets_1 = self.trusted_set.update_delegated_targets(
             self.metadata["role1"], "role1", "targets"
         )
-        delegeted_targets_2 = self.trusted_set.update_delegated_targets(
+        delegated_targets_2 = self.trusted_set.update_delegated_targets(
             self.metadata["role2"], "role2", "role1"
         )
         self.assertIsInstance(timestamp, Timestamp)
         self.assertIsInstance(snapshot, Snapshot)
         self.assertIsInstance(targets, Targets)
-        self.assertIsInstance(delegeted_targets_1, Targets)
-        self.assertIsInstance(delegeted_targets_2, Targets)
+        self.assertIsInstance(delegated_targets_1, Targets)
+        self.assertIsInstance(delegated_targets_2, Targets)
 
     def test_out_of_order_ops(self) -> None:
         # Update snapshot before timestamp
@@ -193,7 +193,7 @@ def test_out_of_order_ops(self) -> None:
 
         self.trusted_set.update_targets(self.metadata[Targets.type])
 
-        # Update snapshot after sucessful targets update
+        # Update snapshot after successful targets update
         with self.assertRaises(RuntimeError):
             self.trusted_set.update_snapshot(self.metadata[Snapshot.type])
 

@@ -399,7 +399,7 @@ def test_hash_bins_graph_traversal(
     ) -> None:
         """Test that delegated roles are traversed in the order of appearance
         in the delegator's metadata, using pre-order depth-first search and that
-        they correctly reffer to the corresponding hash bin prefixes"""
+        they correctly refer to the corresponding hash bin prefixes"""
 
         try:
             exp_files = [*TOP_LEVEL_ROLE_NAMES, *test_data.visited_order]
@@ -440,37 +440,37 @@ class SuccinctRolesTestCase:
     # In each test case target_path is a path to a random target we want to
     # fetch and expected_target_bin is the bin we are expecting to visit.
     succinct_bins_graph = {
-        "bin amount = 2, taget bin index 0": SuccinctRolesTestCase(
+        "bin amount = 2, target bin index 0": SuccinctRolesTestCase(
             bit_length=1,
             target_path="boo",
             expected_target_bin="bin-0",
         ),
-        "bin amount = 2, taget bin index 1": SuccinctRolesTestCase(
+        "bin amount = 2, target bin index 1": SuccinctRolesTestCase(
             bit_length=1,
             target_path="too",
             expected_target_bin="bin-1",
         ),
-        "bin amount = 4, taget bin index 0": SuccinctRolesTestCase(
+        "bin amount = 4, target bin index 0": SuccinctRolesTestCase(
             bit_length=2,
             target_path="foo",
             expected_target_bin="bin-0",
         ),
-        "bin amount = 4, taget bin index 1": SuccinctRolesTestCase(
+        "bin amount = 4, target bin index 1": SuccinctRolesTestCase(
             bit_length=2,
             target_path="doo",
             expected_target_bin="bin-1",
         ),
-        "bin amount = 4, taget bin index 2": SuccinctRolesTestCase(
+        "bin amount = 4, target bin index 2": SuccinctRolesTestCase(
             bit_length=2,
             target_path="too",
             expected_target_bin="bin-2",
         ),
-        "bin amount = 4, taget bin index 3": SuccinctRolesTestCase(
+        "bin amount = 4, target bin index 3": SuccinctRolesTestCase(
             bit_length=2,
             target_path="bar",
             expected_target_bin="bin-3",
         ),
-        "bin amount = 256, taget bin index fc": SuccinctRolesTestCase(
+        "bin amount = 256, target bin index fc": SuccinctRolesTestCase(
             bit_length=8,
             target_path="bar",
             expected_target_bin="bin-fc",

@@ -209,7 +209,7 @@ def test_root_rotation(self, root_versions: list[MdVersion]) -> None:
             MdVersion(keys=[2], threshold=1, sigs=[1, 3, 4], res=UnsignedMetadataError),
         "3-of-5, one key signature wrong: not signed with 3 expected keys":
             MdVersion(keys=[0, 1, 3, 4, 5], threshold=3, sigs=[0, 2, 4], res=UnsignedMetadataError),
-        "2-of-5, one key signature mising: threshold not reached":
+        "2-of-5, one key signature missing: threshold not reached":
             MdVersion(keys=[0, 1, 3, 4, 5], threshold=3, sigs=[0, 4], res=UnsignedMetadataError),
         "3-of-5, sign first combo":
             MdVersion(keys=[0, 1, 2, 3, 4], threshold=3, sigs=[0, 2, 4]),

@@ -820,7 +820,7 @@ def test_expired_metadata(self) -> None:
          - Repository bumps snapshot and targets to v2 on day 0
          - Timestamp v2 expiry set to day 21
          - Second updater refresh performed on day 18,
-           it is successful and timestamp/snaphot final versions are v2"""
+           it is successful and timestamp/snapshot final versions are v2"""
 
         now = datetime.datetime.now(timezone.utc)
         self.sim.timestamp.expires = now + datetime.timedelta(days=7)

@@ -261,7 +261,7 @@ def _start_redirect_thread(self) -> None:
     @staticmethod
     def _log_queue_worker(stream: IO, line_queue: queue.Queue) -> None:
         """
-        Worker function to run in a seprate thread.
+        Worker function to run in a separate thread.
         Reads from 'stream', puts lines in a Queue (Queue is thread-safe).
         """
 
@@ -356,7 +356,7 @@ def clean(self) -> None:
         Calls flush_log to check for logged information, but not yet flushed.
         """
 
-        # If there is anything logged, flush it before closing the resourses.
+        # If there is anything logged, flush it before closing the resources.
         self.flush_log()
 
         self._kill_server_process()

@@ -63,7 +63,7 @@ class DownloadHTTPError(DownloadError):
     Returned by FetcherInterface implementations for HTTP errors.
 
     Args:
-        message: The HTTP error messsage
+        message: The HTTP error message
         status_code: The HTTP status code
     """
 

@@ -29,7 +29,7 @@ class UpdaterConfig:
     Args:
         max_root_rotations: Maximum number of root rotations.
         max_delegations: Maximum number of delegations.
-        root_max_length: Maxmimum length of a root metadata file.
+        root_max_length: Maximum length of a root metadata file.
         timestamp_max_length: Maximum length of a timestamp metadata file.
         snapshot_max_length: Maximum length of a snapshot metadata file.
         targets_max_length: Maximum length of a targets metadata file.

@@ -90,7 +90,7 @@ class Updater:
             download both metadata and targets. Default is ``Urllib3Fetcher``
         config: ``Optional``; ``UpdaterConfig`` could be used to setup common
             configuration options.
-        bootstrap: ``Optional``; initial root metadata. A boostrap root should
+        bootstrap: ``Optional``; initial root metadata. A bootstrap root should
             always be provided. If it is not, the current root.json in the
             metadata cache is used as the initial root.