API Reference

TUF provides multiple APIs:

  • The low-level Metadata API provides access to a Metadata file abstraction that closely follows the TUF specification’s document formats. This API handles de/serialization to and from files and makes it easier to access and modify metadata content safely. It is purely focused on individual pieces of Metadata and provides no concepts like “repository” or “update workflow”.

  • The client update workflow is implemented in the ngclient module: It is a higher-level API that provides ways to query and download target files securely, while handling the TUF update workflow behind the scenes. ngclient is implemented on top of the Metadata API and can be used to implement various TUF clients with relatively little effort.

Note

Major API changes are unlikely but these APIs are not yet considered stable, and a higher-level repository operations API is not yet included.

There is a legacy implementation in the source code (not covered by this documentation): it is in maintenance mode and receives no feature work.