commits  

Messages by Date

• 2026/02/20 (tooling-trusted-releases) branch arm updated (48b66b8f -> 8463929f) arm
• 2026/02/20 (tooling-trusted-releases) 02/02: Move github model into general models out of SBOM models arm
• 2026/02/20 (tooling-trusted-releases) 01/02: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) 01/02: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) 02/02: Move github model into general models out of SBOM models arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated (1277dd4f -> 48b66b8f) arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated: Move github model into general models out of SBOM models arm
• 2026/02/20 (tooling-trusted-releases) 03/03: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) 02/03: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated (6d5b44f4 -> ce340687) arm
• 2026/02/20 (tooling-trusted-releases) 01/03: Remove check for task running arm
• 2026/02/20 (tooling-trusted-releases) 01/01: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash check and github SHA to source_tree. arm
• 2026/02/20 (tooling-trusted-releases) branch arm updated (292bbb57 -> 6d5b44f4) arm
• 2026/02/19 (tooling-trusted-releases) branch introduce-atr-status-config created (now ccbb72f5) wave
• 2026/02/19 (tooling-trusted-releases) 01/01: Introduce ATR_STATUS and control recipient lists wave
• 2026/02/19 (tooling-trusted-releases) 01/01: Return 404 when project is unknown in api endpoint call wave
• 2026/02/19 (tooling-trusted-releases) branch api-project-404-checks created (now 8b44798b) wave
• 2026/02/19 (tooling-trusted-releases) branch invalidate-pats-manually-598 created (now 8dd0e3ba) akm
• 2026/02/19 (tooling-trusted-releases) 02/02: Manual PAT removal; fixes #598 akm
• 2026/02/19 (tooling-trusted-releases) 01/02: Invalidate PATs; fixes #598 akm
• 2026/02/19 (tooling-trusted-releases) 01/01: Set stricter permissions on all directories in revisions sbp
• 2026/02/19 (tooling-trusted-releases) branch sbp updated (eb5b199a -> d434f574) sbp
• 2026/02/19 (tooling-trusted-releases) branch block-scm-directories deleted (was c42dba37) sbp
• 2026/02/19 (tooling-trusted-releases) 02/02: Add dot file check sbp
• 2026/02/19 (tooling-trusted-releases) 01/02: Block SCM directories sbp
• 2026/02/19 (tooling-trusted-releases) branch main updated (682d99b8 -> 921c41df) sbp
• 2026/02/19 (tooling-trusted-releases) branch block-scm-directories updated (65ae06dc -> c42dba37) wave
• 2026/02/19 (tooling-trusted-releases) branch block-scm-directories created (now 65ae06dc) wave
• 2026/02/19 (tooling-trusted-releases) 01/01: Block SCM directories wave
• 2026/02/19 (tooling-trusted-releases) branch main updated: pubsub url is https only closes #685 wave
• 2026/02/19 (tooling-trusted-releases) branch main updated: Add configuration to admin menu wave
• 2026/02/19 (tooling-trusted-releases) branch redaction-of-sensitive-configuration deleted (was a9d56ecb) sbp
• 2026/02/19 (tooling-trusted-releases) branch main updated: Assure debug mode is only set in development sbp
• 2026/02/19 (tooling-trusted-releases) branch debug-mode-only-in-dev-environment deleted (was 5d8e3a9d) sbp
• 2026/02/19 (tooling-trusted-releases) branch main updated: Redact sensitive configurations sbp
• 2026/02/19 (tooling-trusted-releases) 01/01: Redact sensitive configurations wave
• 2026/02/19 (tooling-trusted-releases) branch redaction-of-sensitive-configuration created (now a9d56ecb) wave
• 2026/02/19 (tooling-trusted-releases) branch arm updated: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash check and github SHA to source_tree. arm
• 2026/02/19 (tooling-trusted-releases) branch debug-mode-only-in-dev-environment created (now 5d8e3a9d) wave
• 2026/02/19 (tooling-trusted-releases) 01/01: Assure debug mode is only set in development wave
• 2026/02/19 (tooling-trusted-releases) branch sbp updated (7f5b0c63 -> eb5b199a) sbp
• 2026/02/19 (tooling-trusted-releases) branch arm updated (05bc0de2 -> 10d61a5b) arm
• 2026/02/19 (tooling-trusted-releases) 01/02: Remove check for task running arm
• 2026/02/19 (tooling-trusted-releases) 02/02: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/19 (tooling-trusted-releases) branch main updated: Fix typo in log message. Closes #669. arm
• 2026/02/19 (tooling-trusted-releases) branch arm updated (8eceebb1 -> 05bc0de2) arm
• 2026/02/19 (tooling-trusted-releases) 01/02: Remove check for task running arm
• 2026/02/19 (tooling-trusted-releases) 02/02: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/19 (tooling-trusted-releases) branch main updated: Pin Syft version in Dockerfile arm
• 2026/02/19 (tooling-trusted-releases) 01/01: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
• 2026/02/19 (tooling-trusted-releases) branch arm updated (c6638bb5 -> 8eceebb1) arm
• 2026/02/19 (tooling-trusted-releases) branch arm updated (74981874 -> c6638bb5) arm
• 2026/02/19 (tooling-trusted-releases) 02/02: Remove check for task running and add unique constraint, which we try to catch the IntegrityError for arm
• 2026/02/19 (tooling-trusted-releases) 01/02: Remove check for task running arm
• 2026/02/18 (tooling-trusted-releases) branch main updated (f4faa08a -> 7f5b0c63) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (bb8d5627 -> f4faa08a) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (5e8f907b -> bb8d5627) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (83e7d6c9 -> 5e8f907b) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (5581675a -> 83e7d6c9) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Remove the deprecated context manager to create a new revision sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate a test route to use the new revision creation code sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Fix some problems with e2e tests sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (b576d354 -> 5581675a) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate revision creators that modify metadata sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate the revision creator that clones from a specific revision sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (32d79d70 -> b576d354) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (a5745c15 -> 32d79d70) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Fix some code style problems sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate revision creators that add new files sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (96397103 -> a5745c15) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Make compose phase tests less fragile sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (e6887dac -> 96397103) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate revision creators that modify existing files sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (f9410802 -> e6887dac) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Migrate revision creators that clone without modifications sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (b714fc98 -> f9410802) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Add a continuation passing style version of the method to create a revision sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (9847de95 -> b714fc98) sbp
• 2026/02/18 (tooling-trusted-releases) branch main updated (7028236b -> 9847de95) sbp
• 2026/02/18 (tooling-trusted-releases) branch sbp updated: Update dependencies sbp
• 2026/02/17 (tooling-trusted-releases) branch sbp updated: Update a comment in the function to browse as another user sbp
• 2026/02/17 (tooling-trusted-releases) 01/02: Remove check for task running arm
• 2026/02/17 (tooling-trusted-releases) 02/02: Remove check for task running and add unique constraint, which we try to catch the IntegrityError for arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated (32f4ee3b -> 74981874) arm
• 2026/02/17 (tooling-trusted-releases) branch sbp updated: Remove unused data from a committer data verification sbp
• 2026/02/17 (tooling-trusted-releases) branch main updated (32f4ee3b -> 7028236b) sbp
• 2026/02/17 (tooling-trusted-releases) 01/01: Skip LDAP checks in development environments too sbp
• 2026/02/17 (tooling-trusted-releases) branch sbp updated (1e306a6f -> 7028236b) sbp
• 2026/02/17 (tooling-trusted-releases) branch main updated (1e306a6f -> 32f4ee3b) arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated (3aedfa5c -> 32f4ee3b) arm
• 2026/02/17 (tooling-trusted-releases) 01/01: Check for running tasks as well as completed checks when using cache keys arm
• 2026/02/17 (tooling-trusted-releases) branch ssh-audit-677 created (now a281800d) sbp
• 2026/02/17 (tooling-trusted-releases) 01/01: Use the intersection of algorithms from asyncssh and ssh-audit sbp
• 2026/02/17 (tooling-trusted-releases) branch arm updated: Check for running tasks as well as completed checks when using cache keys arm
• 2026/02/17 (tooling-trusted-releases) branch sbp updated (055ca95b -> 1e306a6f) sbp
• 2026/02/17 (tooling-trusted-releases) branch main updated (055ca95b -> 1e306a6f) sbp
• 2026/02/17 (tooling-trusted-releases) branch main updated (325ebf38 -> 055ca95b) sbp
• 2026/02/17 (tooling-trusted-releases) branch main updated (7406bb29 -> 325ebf38) sbp
• 2026/02/17 (tooling-trusted-releases) 01/02: Update dependencies sbp
• 2026/02/17 (tooling-trusted-releases) 02/02: Fix some lint errors found by the updated linters sbp
• 2026/02/17 (tooling-trusted-releases) branch sbp updated (0ec0992c -> 055ca95b) sbp
• 2026/02/17 (tooling-trusted-releases) branch check_caching deleted (was fd9feeb7) arm
• 2026/02/17 (tooling-trusted-releases) branch ssh_security_config updated (a94451de -> 1c982ca8) arm
• 2026/02/17 (tooling-trusted-releases) branch main updated (0c467bb2 -> 7406bb29) arm
• 2026/02/17 (tooling-trusted-releases) 01/01: Validate LDAP account of the initiating user when a task is started. Closes #663. arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated (76a4b9e1 -> 7406bb29) arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated: Validate LDAP account of the initiating user when a task is started. Closes #663. arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated: Remove unverified_header_and_payload function as unused. Closes #672. arm
• 2026/02/17 (tooling-trusted-releases) branch ssh_security_config created (now a94451de) arm
• 2026/02/17 (tooling-trusted-releases) 01/01: #677 - Add explicit ciphers, kex and mac algorithms. arm
• 2026/02/17 (tooling-trusted-releases) branch main updated (bc8d8531 -> 0c467bb2) arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated: Add LDAP validation to ASF sender IDs. Closes #654. arm
• 2026/02/17 (tooling-trusted-releases) 01/02: Add nbf claim to JWTs. Closes #675. arm
• 2026/02/17 (tooling-trusted-releases) branch arm updated (24f891be -> ff331509) arm
• 2026/02/17 (tooling-trusted-releases) 02/02: Reject "dangerous" JWT headers. Closes #673. arm
• 2026/02/16 (tooling-trusted-releases) branch dependabot/github_actions/astral-sh/setup-uv-7.3.0 created (now b8a0cba8) github-bot
• 2026/02/16 (tooling-releases-client) branch dependabot/github_actions/astral-sh/setup-uv-7.3.0 created (now 4b3f130) github-bot
• 2026/02/16 (tooling-trusted-releases) branch main updated: Adjust alpha 2 banner message wave
• 2026/02/16 (tooling-trusted-releases) branch arm updated (72c6b0d1 -> 24f891be) arm
• 2026/02/16 (tooling-trusted-releases) branch main updated: Fix scheduling bug in distribution status check arm
• 2026/02/16 (tooling-trusted-releases) branch main updated: Update warning banner text in base.html wave
• 2026/02/16 (tooling-trusted-releases) branch main updated: clarify: svn:dist not done by ATR yet (#649) wave
• 2026/02/16 (tooling-trusted-releases) branch arm updated: Fix scheduling bug in distribution status check arm
• 2026/02/16 (tooling-trusted-releases) branch main updated (0ec0992c -> beb2a2a8) arm
• 2026/02/16 (tooling-trusted-releases) 01/01: Update check caching to use hash keys of inputs arm
• 2026/02/16 (tooling-trusted-releases) branch arm updated (f25f14bd -> beb2a2a8) arm
• 2026/02/16 (tooling-trusted-releases) branch arm updated (fd9feeb7 -> f25f14bd) arm
• 2026/02/16 (tooling-trusted-releases) 01/01: Update check caching to use hash keys of inputs arm
• 2026/02/16 (tooling-trusted-releases) branch arm updated (0ec0992c -> fd9feeb7) arm
• 2026/02/16 (tooling-trusted-releases) branch check_caching updated (9c534313 -> fd9feeb7) arm
• 2026/02/16 (tooling-trusted-releases) 01/01: Update check caching to use hash keys of inputs arm
• 2026/02/16 (tooling-trusted-releases) branch arm updated (929a8c3b -> 0ec0992c) arm
• 2026/02/16 (tooling-trusted-releases) branch main updated (929a8c3b -> 0ec0992c) sbp
• 2026/02/16 (tooling-trusted-releases) 01/01: Update check caching to use hash keys of inputs arm
• 2026/02/16 (tooling-trusted-releases) branch check_caching updated (11c7ab4d -> 9c534313) arm
• 2026/02/16 (tooling-trusted-releases) 01/01: Add the arm branch to QA workflows sbp
• 2026/02/16 (tooling-trusted-releases) branch sbp updated (edc3cd49 -> 0ec0992c) sbp
• 2026/02/16 (tooling-trusted-releases) branch arm created (now 929a8c3b) arm
• 2026/02/16 (tooling-trusted-releases) branch check_caching created (now 11c7ab4d) arm
• 2026/02/16 (tooling-trusted-releases) 01/01: Update check caching to use hash keys of inputs arm
• 2026/02/16 (tooling-trusted-releases) branch main updated (133ab837 -> 929a8c3b) arm
• 2026/02/16 (tooling-trusted-releases) branch sbp updated (e71802b4 -> edc3cd49) sbp
• 2026/02/16 (tooling-trusted-releases) 01/01: Add the arm branch to QA workflows sbp
• 2026/02/16 (tooling-trusted-releases) branch main updated (d3a25637 -> 133ab837) arm
• 2026/02/16 (tooling-trusted-releases) branch check_caching deleted (was 448abfdf) arm
• 2026/02/16 (tooling-trusted-releases) branch main updated (bdb490c9 -> d3a25637) arm
• 2026/02/16 (tooling-trusted-releases) 01/01: Read and write checks to/from attestable data arm
• 2026/02/16 (tooling-trusted-releases) branch main updated: Stub out methods used to check check messages arm
• 2026/02/16 (tooling-trusted-releases) branch main updated: Add new cache key function to test stubs arm
• 2026/02/16 (tooling-trusted-releases) branch main updated: Remove extraneous import arm
• 2026/02/16 (tooling-trusted-releases) branch main updated (929a8c3b -> 448abfdf) arm
• 2026/02/16 (tooling-trusted-releases) 05/05: Read and write checks to/from attestable data arm
• 2026/02/16 (tooling-trusted-releases) 02/05: Include release policy in attestation and pull hashes for checks from there. arm
• 2026/02/16 (tooling-trusted-releases) 04/05: Read and write checks to/from attestable data arm
• 2026/02/16 (tooling-trusted-releases) 01/05: Start to move caching out of check tasks arm
• 2026/02/16 (tooling-trusted-releases) branch check_caching updated (66c523eb -> 448abfdf) arm
• 2026/02/16 (tooling-trusted-releases) 03/05: Include checker name in cache key and tidy up some code. arm
• 2026/02/16 (tooling-trusted-releases) 02/05: Include release policy in attestation and pull hashes for checks from there. arm
• 2026/02/16 (tooling-trusted-releases) 03/05: Include checker name in cache key and tidy up some code. arm
• 2026/02/16 (tooling-trusted-releases) 04/05: Read and write checks to/from attestable data arm
• 2026/02/16 (tooling-trusted-releases) 05/05: Read and write checks to/from attestable data arm
• 2026/02/16 (tooling-trusted-releases) 01/05: Start to move caching out of check tasks arm
• 2026/02/16 (tooling-trusted-releases) branch check_caching updated (3161e7cb -> 66c523eb) arm
• 2026/02/15 (tooling-trusted-releases) branch main updated: link to svn:dist, not any svn (#650) wave
• 2026/02/14 (tooling-trusted-releases) branch main updated: add API and link to svn:dist area (#648) wave
• 2026/02/14 (tooling-docs) branch asf-site updated: Automatic Site Publish by Buildbot git-site-role
• 2026/02/13 (tooling-trusted-releases) branch invalidate-pats-598 updated (62327417 -> d0878c5d) akm
• 2026/02/13 (tooling-trusted-releases) branch invalidate-pats-598 updated (cec8185a -> 62327417) akm
• 2026/02/13 (tooling-trusted-releases) branch main updated: ASVS L1 - Validate referrer in redirect in admin toggle-view wave
• 2026/02/13 (tooling-trusted-releases) branch main updated (ec267b80 -> e71802b4) sbp
• 2026/02/13 (tooling-trusted-releases) branch main updated (9e286de6 -> ec267b80) sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated: Ignore spurious CodeQL warnings about file permissions sbp
• 2026/02/13 (tooling-trusted-releases) branch main updated (e19e41af -> 9e286de6) sbp
• 2026/02/13 (tooling-trusted-releases) branch main updated (12ff090f -> e19e41af) sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated: Style files with blocking check results more consistently sbp
• 2026/02/13 (tooling-trusted-releases) branch main updated (1f756ffe -> 12ff090f) sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated: Do not run further path checks after a file is found to be disallowed sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated: Compute the path to the corresponding artifact for SBOM files correctly sbp
• 2026/02/13 (tooling-trusted-releases) branch main updated (209816de -> 1f756ffe) sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated: Propagate file upload errors through to the user interface sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated: Classify CycloneDX JSON SBOM files correctly as metadata sbp
• 2026/02/13 (tooling-trusted-releases) branch main updated (2e723416 -> 209816de) sbp
• 2026/02/13 (tooling-trusted-releases) branch check_caching updated (62cd0bd2 -> 3161e7cb) arm
• 2026/02/13 (tooling-trusted-releases) 02/02: Read and write checks to/from attestable data arm
• 2026/02/13 (tooling-trusted-releases) 01/02: Read and write checks to/from attestable data arm
• 2026/02/13 (tooling-trusted-releases) branch main updated (665533bd -> 2e723416) sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated: Add a module for file classification and use it sbp
• 2026/02/13 (tooling-trusted-releases) 01/01: Make the existence of certain disallowed file types blocking sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated (94964c67 -> 2e723416) sbp
• 2026/02/13 (tooling-trusted-releases) branch check_caching updated (d22004b1 -> 62cd0bd2) arm
• 2026/02/13 (tooling-trusted-releases) 01/01: Read and write checks to/from attestable data arm
• 2026/02/13 (tooling-trusted-releases) branch dependabot/github_actions/actions/cache-5.0.3 deleted (was e170f98d) sbp
• 2026/02/13 (tooling-trusted-releases) branch main updated: Bump actions/cache from 5.0.2 to 5.0.3 sbp
• 2026/02/13 (tooling-trusted-releases) branch check_caching updated (ad5413e6 -> d22004b1) arm
• 2026/02/13 (tooling-trusted-releases) 01/01: Read and write checks to/from attestable data arm
• 2026/02/13 (tooling-trusted-releases) branch main updated (d71388dc -> 94964c67) sbp
• 2026/02/13 (tooling-trusted-releases) branch sbp updated: Display the ATR classifications of uploaded files sbp
• 2026/02/13 (tooling-trusted-releases) branch check_caching updated: Read and write checks to/from attestable data arm
• 2026/02/13 (tooling-docs) branch main updated: add pointers to live locations hboutemy
• 2026/02/13 (tooling-docs) branch asf-site updated: Commit build products github-bot

• Earlier messages
• Later messages