graph LR
Repository_Service_Core["Repository Service Core"]
Snapshot_Metadata_Generator["Snapshot Metadata Generator"]
Timestamp_Metadata_Generator["Timestamp Metadata Generator"]
Root_Metadata_Manager["Root Metadata Manager"]
Targets_Metadata_Manager["Targets Metadata Manager"]
Transactional_Metadata_Editor["Transactional Metadata Editor"]
Snapshot_Metadata_Updater["Snapshot Metadata Updater"]
Timestamp_Metadata_Updater["Timestamp Metadata Updater"]
Repository_Service_Core -- "invokes" --> Snapshot_Metadata_Generator
Repository_Service_Core -- "invokes" --> Timestamp_Metadata_Generator
Root_Metadata_Manager -- "utilizes" --> Transactional_Metadata_Editor
Targets_Metadata_Manager -- "utilizes" --> Transactional_Metadata_Editor
Snapshot_Metadata_Generator -- "utilizes" --> Transactional_Metadata_Editor
Snapshot_Metadata_Generator -- "calls" --> Snapshot_Metadata_Updater
Timestamp_Metadata_Generator -- "utilizes" --> Transactional_Metadata_Editor
Timestamp_Metadata_Generator -- "calls" --> Timestamp_Metadata_Updater
The tuf.repository subsystem is centered around the Repository Service Core, which acts as the primary orchestrator for managing the TUF repository's state and metadata operations. This core service invokes specialized generators like the Snapshot Metadata Generator and Timestamp Metadata Generator to produce critical metadata files. All metadata modifications, including those managed by the Root Metadata Manager and Targets Metadata Manager, are handled within a consistent transactional context provided by the Transactional Metadata Editor. This editor is crucial for ensuring atomicity and consistency, as it orchestrates the loading of the current repository state and the persistence of all changes as a single, atomic operation. Furthermore, the Snapshot Metadata Updater and Timestamp Metadata Updater are called by their respective generators to apply granular changes within this transactional framework, ensuring the integrity and freshness of the repository's metadata.
The central orchestrator of the TUF repository's server-side operations. It manages the overall state, coordinates metadata generation, signing, and acts as the primary interface for repository management.
Related Classes/Methods:
Responsible for generating and signing the snapshot.json metadata, which provides a consistent, immutable view of all current target files and delegated roles. It ensures data consistency across the repository.
Related Classes/Methods:
Generates and signs the timestamp.json metadata, which protects against rollback attacks by referencing the latest snapshot.json. It ensures freshness and prevents clients from accepting outdated metadata.
Related Classes/Methods:
Manages modifications to the root.json metadata, which defines the trusted keys and roles of the repository. This component is critical for establishing and maintaining the chain of trust.
Related Classes/Methods:
Manages modifications to the targets.json metadata, which lists the actual software artifacts, their cryptographic hashes, and file paths. It ensures the integrity and authenticity of the distributed software.
Related Classes/Methods:
Provides a transactional context for all repository metadata modifications, ensuring atomicity and consistency. It orchestrates the loading of the current repository state and the persistence of all changes as a single, atomic operation.
Related Classes/Methods:
Applies specific, granular changes to the snapshot.json metadata within a transactional context. This component is typically invoked by the Snapshot Metadata Generator.
Related Classes/Methods:
Applies specific, granular changes to the timestamp.json metadata within a transactional context. This component is typically invoked by the Timestamp Metadata Generator.
Related Classes/Methods: