commits  

Messages by Date

• 2026/02/24 (tooling-trusted-releases) branch arm updated (039f5889 -> e8ea2fea) arm
• 2026/02/24 (tooling-trusted-releases) branch main updated (bc3f4f19 -> e8ea2fea) arm
• 2026/02/24 (tooling-trusted-releases) 01/01: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• 2026/02/24 (tooling-trusted-releases) branch main updated (4ca6056d -> bc3f4f19) sbp
• 2026/02/24 (tooling-trusted-releases) branch sbp updated: Detect which files need to be quarantined sbp
• 2026/02/24 (tooling-trusted-releases) branch sbp updated (ece6e9d4 -> 4ca6056d) sbp
• 2026/02/24 (tooling-trusted-releases) 01/01: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• 2026/02/24 (tooling-trusted-releases) branch arm updated (612cffa4 -> 039f5889) arm
• 2026/02/24 (tooling-trusted-releases) branch arm updated (ef1c4b9e -> 612cffa4) arm
• 2026/02/24 (tooling-trusted-releases) 01/01: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• 2026/02/24 (tooling-trusted-releases) branch arm updated: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• 2026/02/24 (tooling-trusted-releases) branch main updated (7a828f68 -> 4ca6056d) arm
• 2026/02/24 (tooling-trusted-releases) branch arm updated (e7b73d88 -> 4ca6056d) arm
• 2026/02/24 (tooling-trusted-releases) 01/01: #720 - Ensure paths are relative to the revision path. arm
• 2026/02/24 (tooling-trusted-releases) branch arm updated: Ensure paths are relative to the revision path. Closes #720. arm
• 2026/02/24 (tooling-trusted-releases) branch arm updated: Add tighter rate limit to /distribute/ssh/register to match /ssh/register. Update docs on some other endpoints. Closes #724. arm
• 2026/02/24 (tooling-trusted-releases) 01/01: #695 - remove SVN Relase from SVN form. Also add support for Njord bundle as a filetype and project property for file tagging spec arm
• 2026/02/24 (tooling-trusted-releases) branch main updated (ece6e9d4 -> 7a828f68) arm
• 2026/02/24 (tooling-trusted-releases) branch arm updated (baeee120 -> 7a828f68) arm
• 2026/02/24 (tooling-trusted-releases) branch arm updated (0912c5c2 -> baeee120) arm
• 2026/02/24 (tooling-trusted-releases) 01/01: #695 - remove SVN Relase from SVN form. Also add support for Njord bundle as a filetype and project property for file tagging spec arm
• 2026/02/23 (tooling-trusted-releases) branch main updated (731b389a -> ece6e9d4) sbp
• 2026/02/23 (tooling-trusted-releases) branch main updated (1354f7ab -> 731b389a) sbp
• 2026/02/23 (tooling-trusted-releases) branch sbp updated: Fix more function ordering by improving the order fixing script sbp
• 2026/02/23 (tooling-trusted-releases) branch explicit-ldap-tls-configuration updated (819e4681 -> ea1347b7) wave
• 2026/02/23 (tooling-trusted-releases) 01/01: Explicit ldap tls configuration wave
• 2026/02/23 (tooling-trusted-releases) branch explicit-ldap-tls-configuration created (now 819e4681) wave
• 2026/02/23 (tooling-trusted-releases) branch sbp updated: Add the quarantined directory and tests sbp
• 2026/02/23 (tooling-trusted-releases) branch main updated (e68a272c -> 1354f7ab) sbp
• 2026/02/23 (tooling-trusted-releases) branch sbp updated (0acdc900 -> 1354f7ab) sbp
• 2026/02/23 (tooling-trusted-releases) 01/01: Fix a problem with the download script sbp
• 2026/02/23 (tooling-trusted-releases) branch docker-checksum-apache-rat deleted (was 9d7b7db3) sbp
• 2026/02/23 (tooling-trusted-releases) branch main updated: Refactor Dockerfile to streamline Apache RAT installation sbp
• 2026/02/23 (tooling-trusted-releases) branch docker-checksum-apache-rat updated (f39c3c65 -> 9d7b7db3) wave
• 2026/02/23 (tooling-trusted-releases) 01/01: Refactor Dockerfile to streamline Apache RAT installation wave
• 2026/02/23 (tooling-trusted-releases) branch docker-checksum-apache-rat created (now f39c3c65) wave
• 2026/02/23 (tooling-trusted-releases) branch sbp updated: Fix a problem with the download script sbp
• 2026/02/23 (tooling-trusted-releases) branch main updated (9e18e43e -> efc597e4) sbp
• 2026/02/23 (tooling-trusted-releases) 01/01: Add a database model for the quarantined upload phase sbp
• 2026/02/23 (tooling-trusted-releases) branch sbp updated (fcd75e75 -> efc597e4) sbp
• 2026/02/23 (tooling-trusted-releases) 01/01: Add a database model for the quarantined upload phase sbp
• 2026/02/23 (tooling-trusted-releases) branch sbp updated (dd2d1b23 -> fcd75e75) sbp
• 2026/02/23 (tooling-trusted-releases) branch sbp updated (e77fbe04 -> dd2d1b23) sbp
• 2026/02/23 (tooling-trusted-releases) 01/01: Add a database model for the quarantined upload phase sbp
• 2026/02/23 (tooling-actions) branch main updated: Rename old builds and update to new njord bundle based workflow arm
• 2026/02/23 (tooling-trusted-releases) branch sbp updated (5e288b2d -> e77fbe04) sbp
• 2026/02/23 (tooling-trusted-releases) 01/01: Add a database model for the quarantined upload phase sbp
• 2026/02/23 (tooling-trusted-releases) branch main updated: #725 - make sure failures are logged from PAT failure and they include the user arm
• 2026/02/23 (tooling-trusted-releases) 01/01: #725 - make sure failures are logged from PAT failure and they include the user arm
• 2026/02/23 (tooling-trusted-releases) branch arm created (now 0912c5c2) arm
• 2026/02/23 (tooling-trusted-releases) 02/05: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• 2026/02/23 (tooling-trusted-releases) 05/05: Refactor check get logic to a shared method and remove some extra places where we still used release_name or version. Remove bulk-delete of check results. Update documentation. arm
• 2026/02/23 (tooling-trusted-releases) branch arm deleted (was aaff904c) arm
• 2026/02/23 (tooling-trusted-releases) 03/05: Move github model into general models out of SBOM models arm
• 2026/02/23 (tooling-trusted-releases) 01/05: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/23 (tooling-trusted-releases) 04/05: Remove cache ignore logic since we can't have an empty cache key now. Add policy dependencies to license and RAT checks. Enable local/global caching switch. Fix bug with task list. arm
• 2026/02/23 (tooling-trusted-releases) branch main updated (5e288b2d -> 9b963ade) arm
• 2026/02/23 (tooling-trusted-releases) branch arm updated (8369df95 -> aaff904c) arm
• 2026/02/23 (tooling-trusted-releases) branch arm updated (17014ea3 -> 8369df95) arm
• 2026/02/23 (tooling-trusted-releases) branch arm updated (fa45b20d -> 17014ea3) arm
• 2026/02/23 (tooling-trusted-releases) branch arm updated (6893b8e8 -> fa45b20d) arm
• 2026/02/23 (tooling-trusted-releases) branch main updated (f4d7dd38 -> 5e288b2d) sbp
• 2026/02/23 (tooling-trusted-releases) branch sbp updated (fa00a7ba -> 5e288b2d) sbp
• 2026/02/23 (tooling-trusted-releases) 01/01: Set CodeQL to ignore permissions because ATR release data is public sbp
• 2026/02/23 (tooling-trusted-releases) branch arm updated (c93d0fc1 -> 6893b8e8) arm
• 2026/02/23 (tooling-trusted-releases) branch arm updated (3cd36ebb -> 40c9ca00) arm
• 2026/02/23 (tooling-trusted-releases) branch arm updated (40c9ca00 -> c93d0fc1) arm
• 2026/02/20 (tooling-trusted-releases) branch curl-extra-downloads-improvement deleted (was 15fcf0a3) sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated: Improve curl download scripting sbp
• 2026/02/20 (tooling-trusted-releases) 01/01: Improve curl download scripting wave
• 2026/02/20 (tooling-trusted-releases) branch curl-extra-downloads-improvement created (now 15fcf0a3) wave
• 2026/02/20 (tooling-trusted-releases) branch main updated (8fdb8c21 -> fa00a7ba) sbp
• 2026/02/20 (tooling-trusted-releases) branch sbp updated: Strengthen a couple of authorisation patterns sbp
• 2026/02/20 (tooling-trusted-releases) branch sbp updated (7281bdce -> 8fdb8c21) sbp
• 2026/02/20 (tooling-trusted-releases) branch invalidate-pats-manually-598 deleted (was 43a82152) sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated: Manual PAT removal; fixes #598 sbp
• 2026/02/20 (tooling-trusted-releases) branch invalidate-pats-manually-598 updated (8dd0e3ba -> 43a82152) akm
• 2026/02/20 (tooling-trusted-releases) branch main updated (e693c2da -> 7281bdce) sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated (48078cc5 -> e693c2da) sbp
• 2026/02/20 (tooling-trusted-releases) branch sbp updated: Use asfquart main, as it now supports maximum session lifetimes sbp
• 2026/02/20 (tooling-trusted-releases) branch sbp updated: Keep a strict subset of GitHub OIDC payloads sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated (731a2962 -> 48078cc5) sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated (141036f3 -> 731a2962) sbp
• 2026/02/20 (tooling-trusted-releases) branch sbp updated: Document the use of safe Markdown to HTML rendering in cmarkgfm sbp
• 2026/02/20 (tooling-trusted-releases) branch sbp updated (32550b7e -> 731a2962) sbp
• 2026/02/20 (tooling-trusted-releases) 01/01: Check for banned ASF accounts in more places sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated: Bump astral-sh/setup-uv from 7.2.0 to 7.3.0 sbp
• 2026/02/20 (tooling-trusted-releases) branch dependabot/github_actions/astral-sh/setup-uv-7.3.0 deleted (was b8a0cba8) sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated: Return 404 when project is unknown in api endpoint call sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated (f60da54d -> 030b4fc3) sbp
• 2026/02/20 (tooling-trusted-releases) branch arm updated (09fcb634 -> 3cd36ebb) arm
• 2026/02/20 (tooling-trusted-releases) branch sbp updated: Use the intersection of algorithms from asyncssh and ssh-audit sbp
• 2026/02/20 (tooling-trusted-releases) branch arm updated (f7aa150d -> 09fcb634) arm
• 2026/02/20 (tooling-trusted-releases) branch main updated (5d3140b0 -> f60da54d) sbp
• 2026/02/20 (tooling-trusted-releases) branch arm updated (9c2ab2b8 -> f7aa150d) arm
• 2026/02/20 (tooling-trusted-releases) branch dependabot/uv/werkzeug-3.1.6 deleted (was 74b6beac) github-bot
• 2026/02/20 (tooling-trusted-releases) branch dependabot/uv/flask-3.1.3 deleted (was c399547d) github-bot
• 2026/02/20 (tooling-trusted-releases) branch main updated (bb72770d -> 5d3140b0) sbp
• 2026/02/20 (tooling-trusted-releases) branch main updated (d434f574 -> bb72770d) sbp
• 2026/02/20 (tooling-trusted-releases) branch sbp updated: Update dependencies sbp
• 2026/02/20 (tooling-trusted-releases) branch dependabot/uv/flask-3.1.3 created (now c399547d) github-bot
• 2026/02/20 (tooling-trusted-releases) branch dependabot/uv/werkzeug-3.1.6 created (now 74b6beac) github-bot
• 2026/02/20 (tooling-trusted-releases) branch sbp updated: Fix the encoding of JSON data in the form to move files sbp
• 2026/02/20 (tooling-trusted-releases) branch arm updated (96e1972f -> 9c2ab2b8) arm
• 2026/02/20 (tooling-trusted-releases) branch main updated (921c41df -> d434f574) sbp
• 2026/02/20 (tooling-trusted-releases) branch sbp updated: Rebuild JavaScript files sbp
• 2026/02/20 (tooling-trusted-releases) branch arm updated: Remove cache ignore logic from cache key methods since we can't have an empty cache key now. Add policy dependencies to license and RAT checks. arm
• 2026/02/20 (tooling-trusted-releases) 01/02: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated (8463929f -> 87f6584c) arm
• 2026/02/20 (tooling-trusted-releases) 02/02: Move github model into general models out of SBOM models arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated (48b66b8f -> 8463929f) arm
• 2026/02/20 (tooling-trusted-releases) 02/02: Move github model into general models out of SBOM models arm
• 2026/02/20 (tooling-trusted-releases) 01/02: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) 01/02: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) 02/02: Move github model into general models out of SBOM models arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated (1277dd4f -> 48b66b8f) arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated: Move github model into general models out of SBOM models arm
• 2026/02/20 (tooling-trusted-releases) 03/03: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) 02/03: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated (6d5b44f4 -> ce340687) arm
• 2026/02/20 (tooling-trusted-releases) 01/03: Remove check for task running arm
• 2026/02/20 (tooling-trusted-releases) 01/01: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated (292bbb57 -> 6d5b44f4) arm
• 2026/02/19 (tooling-trusted-releases) branch introduce-atr-status-config created (now ccbb72f5) wave
• 2026/02/19 (tooling-trusted-releases) 01/01: Introduce ATR_STATUS and control recipient lists wave
• 2026/02/19 (tooling-trusted-releases) 01/01: Return 404 when project is unknown in api endpoint call wave
• 2026/02/19 (tooling-trusted-releases) branch api-project-404-checks created (now 8b44798b) wave
• 2026/02/19 (tooling-trusted-releases) branch invalidate-pats-manually-598 created (now 8dd0e3ba) akm
• 2026/02/19 (tooling-trusted-releases) 02/02: Manual PAT removal; fixes #598 akm
• 2026/02/19 (tooling-trusted-releases) 01/02: Invalidate PATs; fixes #598 akm
• 2026/02/19 (tooling-trusted-releases) 01/01: Set stricter permissions on all directories in revisions sbp
• 2026/02/19 (tooling-trusted-releases) branch sbp updated (eb5b199a -> d434f574) sbp
• 2026/02/19 (tooling-trusted-releases) branch block-scm-directories deleted (was c42dba37) sbp
• 2026/02/19 (tooling-trusted-releases) 02/02: Add dot file check sbp
• 2026/02/19 (tooling-trusted-releases) 01/02: Block SCM directories sbp
• 2026/02/19 (tooling-trusted-releases) branch main updated (682d99b8 -> 921c41df) sbp
• 2026/02/19 (tooling-trusted-releases) branch block-scm-directories updated (65ae06dc -> c42dba37) wave
• 2026/02/19 (tooling-trusted-releases) branch block-scm-directories created (now 65ae06dc) wave
• 2026/02/19 (tooling-trusted-releases) 01/01: Block SCM directories wave
• 2026/02/19 (tooling-trusted-releases) branch main updated: pubsub url is https only closes #685 wave
• 2026/02/19 (tooling-trusted-releases) branch main updated: Add configuration to admin menu wave
• 2026/02/19 (tooling-trusted-releases) branch redaction-of-sensitive-configuration deleted (was a9d56ecb) sbp
• 2026/02/19 (tooling-trusted-releases) branch main updated: Assure debug mode is only set in development sbp
• 2026/02/19 (tooling-trusted-releases) branch debug-mode-only-in-dev-environment deleted (was 5d8e3a9d) sbp
• 2026/02/19 (tooling-trusted-releases) branch main updated: Redact sensitive configurations sbp
• 2026/02/19 (tooling-trusted-releases) 01/01: Redact sensitive configurations wave
• 2026/02/19 (tooling-trusted-releases) branch redaction-of-sensitive-configuration created (now a9d56ecb) wave
• 2026/02/19 (tooling-trusted-releases) branch arm updated: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash check and github SHA to source_tree. arm
• 2026/02/19 (tooling-trusted-releases) branch debug-mode-only-in-dev-environment created (now 5d8e3a9d) wave
• 2026/02/19 (tooling-trusted-releases) 01/01: Assure debug mode is only set in development wave
• 2026/02/19 (tooling-trusted-releases) branch sbp updated (7f5b0c63 -> eb5b199a) sbp
• 2026/02/19 (tooling-trusted-releases) branch arm updated (05bc0de2 -> 10d61a5b) arm
• 2026/02/19 (tooling-trusted-releases) 01/02: Remove check for task running arm
• 2026/02/19 (tooling-trusted-releases) 02/02: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/19 (tooling-trusted-releases) branch main updated: Fix typo in log message. Closes #669. arm
• 2026/02/19 (tooling-trusted-releases) branch arm updated (8eceebb1 -> 05bc0de2) arm
• 2026/02/19 (tooling-trusted-releases) 01/02: Remove check for task running arm
• 2026/02/19 (tooling-trusted-releases) 02/02: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/19 (tooling-trusted-releases) branch main updated: Pin Syft version in Dockerfile arm
• 2026/02/19 (tooling-trusted-releases) 01/01: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/19 (tooling-trusted-releases) branch arm updated (c6638bb5 -> 8eceebb1) arm
• 2026/02/19 (tooling-trusted-releases) branch arm updated (74981874 -> c6638bb5) arm
• 2026/02/19 (tooling-trusted-releases) 02/02: Remove check for task running and add unique constraint, which we try to catch the IntegrityError for arm
• 2026/02/19 (tooling-trusted-releases) 01/02: Remove check for task running arm
• 2026/02/18 (tooling-trusted-releases) branch main updated (f4faa08a -> 7f5b0c63) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (bb8d5627 -> f4faa08a) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (5e8f907b -> bb8d5627) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (83e7d6c9 -> 5e8f907b) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (5581675a -> 83e7d6c9) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Remove the deprecated context manager to create a new revision sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate a test route to use the new revision creation code sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Fix some problems with e2e tests sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (b576d354 -> 5581675a) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate revision creators that modify metadata sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate the revision creator that clones from a specific revision sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (32d79d70 -> b576d354) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (a5745c15 -> 32d79d70) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Fix some code style problems sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate revision creators that add new files sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (96397103 -> a5745c15) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Make compose phase tests less fragile sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (e6887dac -> 96397103) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate revision creators that modify existing files sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (f9410802 -> e6887dac) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate revision creators that clone without modifications sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (b714fc98 -> f9410802) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Add a continuation passing style version of the method to create a revision sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (9847de95 -> b714fc98) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (7028236b -> 9847de95) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Update dependencies sbp
• 2026/02/17 (tooling-trusted-releases) branch sbp updated: Update a comment in the function to browse as another user sbp
• 2026/02/17 (tooling-trusted-releases) 01/02: Remove check for task running arm
• 2026/02/17 (tooling-trusted-releases) 02/02: Remove check for task running and add unique constraint, which we try to catch the IntegrityError for arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated (32f4ee3b -> 74981874) arm
• 2026/02/17 (tooling-trusted-releases) branch sbp updated: Remove unused data from a committer data verification sbp
• 2026/02/17 (tooling-trusted-releases) branch main updated (32f4ee3b -> 7028236b) sbp
• 2026/02/17 (tooling-trusted-releases) 01/01: Skip LDAP checks in development environments too sbp
• 2026/02/17 (tooling-trusted-releases) branch sbp updated (1e306a6f -> 7028236b) sbp
• 2026/02/17 (tooling-trusted-releases) branch main updated (1e306a6f -> 32f4ee3b) arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated (3aedfa5c -> 32f4ee3b) arm

• Earlier messages
• Later messages