- Issue created by @lauriii
The Automatic Updates Initiative and the Project Browser Initiative both are creating modules that will add user interfaces for running Composer commands to add and update projects.
The initiative team has started implementing The Update Framework (TUF) to enhance security against supply side attacks. As part of 🌱 [policy, no patch] How much of The Update Framework integration is needed for alpha-level review/commit of Package Manager? Needs review , it was decided that a production setup of TUF is not a requirement for the alpha release.
In this issue, we need to determine if we can proceed with the beta release even if the production TUF implementation is not complete.