repository: redesign needed after recent verify_delegate changes
jku opened this issue · 0 comments
The Repository interface looks like it does largely because of needs from A) verify_delegate
and B) sign
: Both needed to be called on a Metadata object and former event took a Metadata object as argument. This meant Repository.open()
needed to return a Metadata even though most users could just use helpers like root()
or edit_root()
The recent Metadata refactor means verify_delegate is now in Root/Targets, and takes a bytes and signatures as argument. So Repository.open() is now even more awkward than it used to be.
The remaining uses for Metadata are de/serialization, and accessing sign()
, signatures
and signed_bytes
-- possibly these could be handled within Repository.open() /close()
so that open() did not return a Metadata object and close did not require one as argument.