Securesystemslib

Added
* Private key URI schemes for signer instantiation (456)
* Public key container class for signature verification (456)
* Post-quantum sphincs+ signing scheme (427)
* Hardware Security Module (HSM) signing (472)
* Google Cloud KMS signing (442, 480)

Changed
* Use pyproject.toml for build configuration (253)
* Use hatchling as build backend (484)
* Auto-format and lint all code (439, 490)
* Various CI and build improvements (459, 460, 476, 493, 464)

Removed
* Drop colorama optional dependency and colorized output support (443)

Fixed
* Don't shell out to gpg on import (437)
* Fix metaclass definition (473)
* Make GPGSigner signatures specification compliant (486)

Changed
* Do not use max salt lengths in RSA PSS signature creation (436)
* Restrict read and write access for new private keys (231)
* Replaced deprecated `distutils.version.StrictVersion` (433)
* Bumped dependencies: cryptography (435)

Fixed
* GPG availability check in tests (434)

Added
* GPGSigner to support gpg signing via Signer interface (341, 419)

Changed
* Use max salt lengths in RSA PSS signature creation & automatically verify previous/new
sigs (422)
* Speed up canonical json encoding (410)
* Bumped dependencies: cffi (415), colorama (413), cryptography (405, 406, 414,
417, 424, 425), ed25519 (412)
* Changed Debian packaging metadata (392)

Fixed
* Minor test fixes (403, 420)

Fixed
* Race condition in gpg test cleanup function (397)

Changed
* Consistently raise custom `FormatError` in `keys.verify_signature()` (391)
* Bumped dependencies: cryptography (396), ed25519 (394, 398)
* Updated Debian packaging metadata (392)

Fixed
* Removed broken Dependabot badge in README (377)

Added
* Python 3.10 support (380)
* `__eq__` method for Signature objects (383)
* `unrecognized_fields` attribute for Signature objects (387)

Changed
* Bumped dependencies: cffi (373), cryptography (376, 379), ed25519 (378,
390), pycparser (375), pynacl (382)
* Misc docstring improvements (380, 381, 384)

Removed
- Python 3.6 support (385)

**NOTE**: This is the first release of securesystemslib to require Python 3.6
or newer.

Fixed
* Clarified licensing and copyright notices with regards to code that is
derived from Thandy (366)

Added
* Added machinery for static type checking with mypy, including type annotation
of the util module (361)
* Added type annotations to storage module (362)

Changed
* Bumped dependencies: six (350), cffi (364), ed25519 (356),
cryptography (369)

Removed
* Removed support for Python 2.7 (352) and the use of future and six modules
which were required to support code running on both Python 2 and 3 (359)