commits

Messages by Date

2026/02/06 (tooling-trusted-releases) branch sbp updated: Rename blocking to blocker and improve the user interface sbp
2026/02/06 (tooling-trusted-releases) branch main updated (106a01c -> 3ac84a2) sbp
2026/02/06 (tooling-trusted-releases) branch sbp updated: Make an e2e test more reliable sbp
2026/02/06 (tooling-trusted-releases) branch sbp updated: Change incontrovertible check results from failure to blocking sbp
2026/02/06 (tooling-trusted-releases) branch main updated (0f914c2 -> 106a01c) sbp
2026/02/06 (tooling-trusted-releases) branch sbp updated: Integrate blocking check results into the user interface sbp
2026/02/06 (tooling-trusted-releases) branch main updated (55b2da8 -> 0f914c2) sbp
2026/02/06 (tooling-trusted-releases) branch sbp updated: Add a blocking check result status sbp
2026/02/05 (tooling-trusted-releases) branch main updated (b4d000e -> 55b2da8) sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Convert all check warnings to errors sbp
2026/02/05 (tooling-trusted-releases) branch main updated (a03767c -> b4d000e) sbp
2026/02/05 (tooling-trusted-releases) branch main updated (499e88d -> a03767c) sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Make comparison logging less verbose sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Allow PKG-INFO files in Python source archives sbp
2026/02/05 (tooling-trusted-releases) branch main updated (6440e1b -> 499e88d) sbp
2026/02/05 (tooling-trusted-releases) branch main updated (3a87cc4 -> 6440e1b) sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Detect only content changes in tree comparisons sbp
2026/02/05 (tooling-trusted-releases) branch main updated (342cefb -> 3a87cc4) sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Account for a root directory within extracted archives sbp
2026/02/05 (tooling-trusted-releases) branch main updated (77a47ec -> 342cefb) sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Add some make targets for easier testing sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Use rsync to compare GitHub trees with extracted archives sbp
2026/02/05 (tooling-trusted-releases) branch main updated (1e01d75 -> 77a47ec) sbp
2026/02/05 (tooling-trusted-releases) branch main updated (a2684f0 -> f50e425) sbp
2026/02/05 (tooling-trusted-releases) branch main updated (f50e425 -> 1e01d75) sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Extract archives for comparison with GitHub trees sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Check out GitHub trees by commit, not branch sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Add unit tests for the tree comparison check sbp
2026/02/05 (tooling-trusted-releases) branch main updated (9ab6296 -> a2684f0) sbp
2026/02/05 (tooling-trusted-releases) branch sbp updated: Check out GitHub trees to a subdirectory of a temporary directory sbp
2026/02/04 (tooling-trusted-releases) branch main updated (d2664b5 -> 9ab6296) sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated: Add performance measurement for cloning GitHub repositories sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated (c4f1c98 -> 1f85424) sbp
2026/02/04 (tooling-trusted-releases) 01/01: Clone source from GitHub in the task to compare source trees sbp
2026/02/04 (tooling-trusted-releases) 01/01: Clone source from GitHub in the task to compare source trees sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated (790b9c1 -> c4f1c98) sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated (fb9bf68 -> 790b9c1) sbp
2026/02/04 (tooling-trusted-releases) 01/01: Clone source from GitHub in the task to compare source trees sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated: Clone source from GitHub in the task to compare source trees sbp
2026/02/04 (tooling-trusted-releases) branch main updated (c501f89 -> d2664b5) sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated: Update dependencies and fix lint errors sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated (2627348 -> c501f89) sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated (27dfda0 -> 2627348) sbp
2026/02/04 (tooling-trusted-releases) 01/01: Add pygit2 and update dependencies sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated: Add libgit2 and update dependencies sbp
2026/02/04 (tooling-trusted-releases) branch main updated (5e3e525 -> c501f89) sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated: Add a task that reads GitHub Trusted Publishing payloads sbp
2026/02/04 (tooling-trusted-releases) branch main updated (58dfcad -> 5e3e525) sbp
2026/02/04 (tooling-trusted-releases) 01/01: Use LDAP to construct a session when browsing as another user sbp
2026/02/04 (tooling-trusted-releases) branch sbp updated (4cbc209 -> 5e3e525) sbp
2026/02/04 (tooling-trusted-releases) branch main updated: #283: Make sure original admin ID is preserved across multiple masquerades arm
2026/02/04 (tooling-trusted-releases) branch main updated: #283: Add admin ID to session metadata and include in log and audit log kwargs arm
2026/02/04 (tooling-trusted-releases) branch main updated: Add check clean to Makefile for cleaning pre-commit cache arm
2026/02/04 (tooling-trusted-releases) 01/02: #344 - starter for instructions on how to upload via GitHub Actions. Needs committee filtering. arm
2026/02/04 (tooling-trusted-releases) 02/02: #344 - added some extra information arm
2026/02/04 (tooling-trusted-releases) branch promote_gha updated (8696f5a -> 2b0973b) arm
2026/02/04 (tooling-trusted-releases) branch file_type_detection updated (aa3364a -> 61f166f) arm
2026/02/03 (tooling-trusted-releases) branch main updated (525fe16 -> 4cbc209) sbp
2026/02/03 (tooling-asf-example) branch main updated: Use the dev SSH port in the upload workflow sbp
2026/02/03 (tooling-asf-example) branch main updated: Use the dev version of ATR in the upload workflow sbp
2026/02/03 (tooling-trusted-releases) branch sbp updated: Store data posted from GitHub during upload sbp
2026/02/03 (tooling-trusted-releases) branch main updated (ea3c88b -> 525fe16) sbp
2026/02/03 (tooling-trusted-releases) branch sbp updated: Fix function ordering sbp
2026/02/03 (tooling-trusted-releases) branch sbp updated: Display a consistent binding vote status for admins sbp
2026/02/03 (tooling-trusted-releases) branch main updated (6bae4fb -> ea3c88b) sbp
2026/02/03 (tooling-trusted-releases) branch sbp updated: Ensure that the vote test admin user is regarded as an admin sbp
2026/02/03 (tooling-trusted-releases) 01/01: Add and use a shared function to decide whether a vote is binding sbp
2026/02/03 (tooling-trusted-releases) branch sbp updated (c3ffe8e -> eb43027) sbp
2026/02/03 (tooling-trusted-releases) branch binding-vote-email-616 deleted (was dde702b) sbp
2026/02/03 (tooling-trusted-releases) branch main updated: Binding vote noted in email #616 sbp
2026/02/03 (tooling-trusted-releases) branch file_type_detection created (now aa3364a) arm
2026/02/03 (tooling-trusted-releases) branch promote_gha updated: #344 - added some extra information arm
2026/02/03 (tooling-trusted-releases) 01/01: #344 - starter for instructions on how to upload via GitHub Actions. Needs committee filtering. arm
2026/02/03 (tooling-trusted-releases) branch promote_gha created (now 3376b5a) arm
2026/02/03 (tooling-trusted-releases) branch main updated (d277098 -> c3ffe8e) sbp
2026/02/03 (tooling-trusted-releases) branch sbp updated: Wait for asyncssh cleanup tasks to run, to avoid warnings sbp
2026/02/03 (tooling-trusted-releases) branch main updated (f0ae28e -> d277098) sbp
2026/02/03 (tooling-trusted-releases) branch sbp updated (0580960 -> d277098) sbp
2026/02/03 (tooling-trusted-releases) 01/01: Show pip version in the analysis workflow sbp
2026/02/03 (tooling-trusted-releases) branch main updated: Bump actions/setup-python from 6.1.0 to 6.2.0 sbp
2026/02/03 (tooling-trusted-releases) branch dependabot/github_actions/actions/setup-python-6.2.0 deleted (was 2bf25e3) sbp
2026/02/02 (tooling-trusted-releases) branch dependabot/github_actions/actions/setup-python-6.2.0 created (now 2bf25e3) github-bot
2026/02/02 (tooling-trusted-releases) branch binding-vote-email-616 updated (f8f0bad -> dde702b) akm
2026/02/02 (tooling-trusted-releases) branch main updated: Temporarily ignore CVE-2026-1703 in pip-audit until pip 26.0 available akm
2026/02/02 (tooling-trusted-releases) branch binding-vote-email-616 updated (5960092 -> f8f0bad) akm
2026/02/02 (tooling-trusted-releases) 01/01: Binding vote noted in email #616 akm
2026/02/02 (tooling-trusted-releases) branch binding-vote-email-616 updated (cb6b976 -> 5960092) akm
2026/02/02 (tooling-trusted-releases) 01/01: Binding vote noted in email #616 akm
2026/02/02 (tooling-trusted-releases) branch binding-vote-email-616 created (now cb6b976) akm
2026/02/02 (tooling-trusted-releases) branch main updated (af7afe8 -> 0580960) sbp
2026/02/02 (tooling-trusted-releases) branch sbp updated: Use a strict model for Quart cookie session data sbp
2026/02/02 (tooling-releases-client) branch dependabot/github_actions/astral-sh/setup-uv-7.2.0 deleted (was 4c3b0d8) github-bot
2026/02/02 (tooling-releases-client) branch dependabot/github_actions/actions/upload-artifact-6.0.0 deleted (was e7d291d) sbp
2026/02/02 (tooling-releases-client) branch dependabot/github_actions/actions/checkout-6.0.2 deleted (was 718ea35) sbp
2026/02/02 (tooling-releases-client) branch main updated: Bump actions/upload-artifact from 4.6.2 to 6.0.0 sbp
2026/02/02 (tooling-releases-client) branch main updated: Bump actions/checkout from 4.3.0 to 6.0.2 sbp
2026/02/02 (tooling-releases-client) branch dependabot/github_actions/actions/setup-python-6.2.0 deleted (was 925302f) sbp
2026/02/02 (tooling-releases-client) branch main updated: Bump actions/setup-python from 6.1.0 to 6.2.0 sbp
2026/02/02 (tooling-releases-client) branch dependabot/github_actions/actions/setup-python-6.2.0 created (now 925302f) github-bot
2026/02/02 (tooling-trusted-releases) branch main updated (521e6e1 -> af7afe8) sbp
2026/02/02 (tooling-trusted-releases) branch sbp updated: Update the Playwright test containers sbp
2026/02/02 (tooling-trusted-releases) branch main updated (933c601 -> 521e6e1) sbp
2026/02/02 (tooling-trusted-releases) branch sbp updated: Allow JSON logs to be configured and fix traceback logging sbp
2026/02/02 (tooling-trusted-releases) branch main updated (1e83287 -> 933c601) sbp
2026/02/02 (tooling-trusted-releases) branch sbp updated: Add a test route to raise an error, and log unhandled exceptions in JSON sbp
2026/01/30 (tooling-trusted-releases) branch main updated (c78b269 -> 1e83287) sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated: Fix unparenthesized subexpressions sbp
2026/01/30 (tooling-trusted-releases) branch main updated (790ca41 -> c78b269) sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated: Add documentation for users about checks sbp
2026/01/30 (tooling-trusted-releases) 02/02: Add a release policy setting for the upstream branch in compose sbp
2026/01/30 (tooling-trusted-releases) 01/02: Detect and allow package roots from npm pack output sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated (e7db0eb -> 790ca41) sbp
2026/01/30 (tooling-trusted-releases) branch main updated (935f617 -> 790ca41) sbp
2026/01/30 (tooling-trusted-releases) 02/03: OF - to trigger retest sbp
2026/01/30 (tooling-trusted-releases) 03/03: Add a release policy setting for the upstream branch in compose sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated (7233089 -> e7db0eb) sbp
2026/01/30 (tooling-trusted-releases) 01/03: Bump biomejs/setup-biome from 2.6.0 to 2.7.0 sbp
2026/01/30 (tooling-trusted-releases) 02/02: OF - to trigger retest sbp
2026/01/30 (tooling-trusted-releases) branch main updated (3beae5a -> 935f617) sbp
2026/01/30 (tooling-trusted-releases) branch dependabot/github_actions/biomejs/setup-biome-2.7.0 deleted (was 997126a) sbp
2026/01/30 (tooling-trusted-releases) 01/02: Bump biomejs/setup-biome from 2.6.0 to 2.7.0 sbp
2026/01/30 (tooling-trusted-releases) branch dependabot/github_actions/biomejs/setup-biome-2.7.0 updated (a860d7c -> 997126a) wave
2026/01/30 (tooling-trusted-releases) branch sbp updated: Detect and allow package roots from npm pack output sbp
2026/01/30 (tooling-trusted-releases) branch main updated (b1d31df -> 3beae5a) sbp
2026/01/30 (tooling-trusted-releases) 01/01: Fix some documentation pages and document the convention sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated (65d574c -> 3beae5a) sbp
2026/01/30 (tooling-trusted-releases) branch main updated: Fix: Mitigate CRLF injection in email headers (Issue #603) sbp
2026/01/30 (tooling-trusted-releases) branch main updated: #216 - Handle correct exceptions now distributions is rewired. Don't allow retries of manual record. arm
2026/01/30 (tooling-trusted-releases) branch main updated (dcd2a63 -> 356a7fc) sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated: Fix some documentation pages and document the convention sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated: Update the documentation about check result ignores sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated: Add tests for check result ignores sbp
2026/01/30 (tooling-trusted-releases) 01/01: Associate check result ignores with projects not committees sbp
2026/01/30 (tooling-trusted-releases) branch sbp updated (9664bcb -> a52d17f) sbp
2026/01/30 (tooling-trusted-releases) branch main updated: #216 - Make sure staging "upgrades" still set pending arm
2026/01/30 (tooling-trusted-releases) branch main updated: #216 - Include pending status in blocking announce arm
2026/01/30 (tooling-trusted-releases) branch main updated (fe4f76a -> 937a85b) arm
2026/01/30 (tooling-trusted-releases) branch main updated: #216 - Try to return an appropriate message/error when distribution fails first time arm
2026/01/29 (tooling-trusted-releases) branch main updated: Change string quotes in COMMITTERS_MAY_RELEASE_COMMITTEES wave
2026/01/29 (tooling-trusted-releases) branch main updated: Fix type hint for COMMITTERS_MAY_RELEASE_COMMITTEES wave
2026/01/29 (tooling-trusted-releases) branch main updated: Update release committee configurations and comments for #523 wave
2026/01/29 (tooling-trusted-releases) branch main updated (e1ad640 -> 9664bcb) sbp
2026/01/29 (tooling-trusted-releases) branch sbp updated: Store the RAT command as a string on results, and add the scan directory sbp
2026/01/29 (tooling-trusted-releases) branch sbp updated: Add a form for admins to run checks again without using the cache sbp
2026/01/29 (tooling-trusted-releases) branch sbp updated: Ignore certain suffixes on archive basenames when searching for a root sbp
2026/01/29 (tooling-trusted-releases) branch main updated (a00a0af -> e1ad640) sbp
2026/01/29 (tooling-trusted-releases) branch sbp updated: Document check ignores sbp
2026/01/29 (tooling-trusted-releases) branch main updated (8ed69eb -> a00a0af) sbp
2026/01/29 (tooling-trusted-releases) branch main updated (66e7823 -> 8ed69eb) arm
2026/01/29 (tooling-trusted-releases) 01/01: Remove the commit target from the Makefile sbp
2026/01/29 (tooling-trusted-releases) branch sbp updated (ca978b9 -> a00a0af) sbp
2026/01/29 (tooling-trusted-releases) 01/02: #216 - Add pending distribution status and background task to check it. Refactor some of the distribution logic out to shared module and some of shared module to precent circular references. arm
2026/01/29 (tooling-trusted-releases) branch pending_dist_changes created (now 8ed69eb) arm
2026/01/29 (tooling-trusted-releases) 02/02: #216 - Scheduled task for pending distributions, add created_by to dist table. arm
2026/01/28 (tooling-trusted-releases) branch main updated: Use Hyperscan for ignore patterns to avoid backtracking attacks sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Add hyperscan and update dependencies sbp
2026/01/28 (tooling-trusted-releases) 01/01: Use the Tooling project as a committee proxy in ASFQuart session data sbp
2026/01/28 (tooling-trusted-releases) branch main updated (fa62aea -> ee6ef4e) sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Use the Tooling project as a committee proxy in ASFQuart session data sbp
2026/01/28 (tooling-trusted-releases) branch main updated (3e43462 -> 8c52b4c) sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Add google-re2 and update dependencies sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Note that ZIP extraction is not supported in the tarzip module sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Ensure archive members limit can be disabled, and catch more widely sbp
2026/01/28 (tooling-trusted-releases) branch main updated: #598 - Check for account ban before issuing JWT arm
2026/01/28 (tooling-trusted-releases) branch main updated: Add unit tests for the archive member limit code sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Archive member count limit #604 sbp
2026/01/28 (tooling-trusted-releases) branch archive-member-count-604 deleted (was b728116) sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Fix problems with the code and tests for creating secure sessions sbp
2026/01/28 (tooling-trusted-releases) branch main updated: #596 - security documentation updated arm
2026/01/28 (tooling-trusted-releases) branch dependabot/github_actions/actions/checkout-6.0.2 deleted (was b0feef3) sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Bump actions/checkout from 6.0.1 to 6.0.2 sbp
2026/01/28 (tooling-trusted-releases) branch dependabot/github_actions/actions/cache-5.0.2 deleted (was 09e592d) sbp
2026/01/28 (tooling-trusted-releases) branch main updated: Bump actions/cache from 5.0.1 to 5.0.2 sbp
2026/01/28 (tooling-trusted-releases) branch main updated: #596 - finite session lifetime by config - 72 hour default. arm
2026/01/28 (tooling-trusted-releases) branch main updated: feat(security): centralize secure HTTP sessions and enforce TLS 1.2+ (#548) sbp
2026/01/28 (tooling-trusted-releases) branch main updated: #508 - only consider non-staging distributions for blocking announce arm
2026/01/28 (tooling-actions) branch main updated: Align error handling and fix store name in validation arm
2026/01/28 (tooling-actions) branch main updated: Add suport for maven errors to production version, undo local testing changes to stg arm
2026/01/28 (tooling-trusted-releases) branch main updated: Use project release policy for tags arm
2026/01/28 (tooling-trusted-releases) branch main updated: Use project release policy for tags arm
2026/01/28 (tooling-actions) branch main updated: Add artificial wait arm
2026/01/28 (tooling-trusted-releases) branch main updated: #598 - Check for account existence before issuing JWT arm
2026/01/28 (tooling-trusted-releases) branch main updated (df2ee0f -> 4421595) arm
2026/01/28 (tooling-actions) branch main updated: Allow insecure for testing arm
2026/01/28 (tooling-actions) branch main updated: Remove test temporarily arm
2026/01/28 (tooling-actions) branch main updated (8fb39c1 -> a51c23e) arm
2026/01/28 (tooling-actions) 01/03: Test workflow for new tokens arm
2026/01/28 (tooling-actions) 03/03: support for changing host and port arm
2026/01/28 (tooling-actions) 02/03: Update stg distribution to use tokens arm
2026/01/28 (tooling-trusted-releases) branch main updated: Report on scheduled tasks as well as recent arm
2026/01/27 (tooling-trusted-releases) 01/01: Archive member count limit #604 akm
2026/01/27 (tooling-trusted-releases) branch archive-member-count-604 created (now b728116) akm
2026/01/27 (tooling-trusted-releases) branch main updated: Exclude Litestream tables from Alembic sbp
2026/01/27 (tooling-trusted-releases) branch main updated: Filter out SSL shutdown timeout errors from asyncio in Hypercorn sbp
2026/01/27 (tooling-trusted-releases) 01/01: Clear a session before setting an impersonated session sbp
2026/01/27 (tooling-trusted-releases) branch main updated (529347d -> ba6aceb) sbp
2026/01/27 (tooling-trusted-releases) branch main updated: Clear a session before setting an impersonated session sbp
2026/01/27 (tooling-trusted-releases) branch main updated: Validate release phase on manual resolution sbp
2026/01/27 (tooling-trusted-releases) branch main updated: Fix some problems with the admin script to import keys sbp
2026/01/27 (tooling-trusted-releases) branch main updated: Try the admin cache file in synchronous contexts too sbp