This is an automated email from the ASF dual-hosted git repository.
arm pushed a change to branch check_caching
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
discard 3161e7cb Read and write checks to/from attestable data
discard 457986fb Read and write checks to/from attestable data
discard 829b0bab Include checker name in cache key and tidy up some code.
discard 7782b70a Include release policy in attestation and pull hashes for
checks from there.
discard f91aa192 Start to move caching out of check tasks
add d71388dc Update dependencies, including avoiding CVE-2026-26007
add 94964c67 Display the ATR classifications of uploaded files
add 665533bd Bump actions/cache from 5.0.2 to 5.0.3
add 2e723416 Make the existence of certain disallowed file types blocking
add 209816de Add a module for file classification and use it
add 1f756ffe Classify CycloneDX JSON SBOM files correctly as metadata
add 12ff090f Propagate file upload errors through to the user interface
add e19e41af Compute the path to the corresponding artifact for SBOM files
correctly
add 9e286de6 Do not run further path checks after a file is found to be
disallowed
add ec267b80 Style files with blocking check results more consistently
add e71802b4 Ignore spurious CodeQL warnings about file permissions
add e9ed2a37 ASVS L1 - Validate referrer in redirect in admin toggle-view
add 81b4f612 add API and link to svn:dist area (#648)
add 929a8c3b link to svn:dist, not any svn (#650)
new b264da32 Start to move caching out of check tasks
new 4bea8b44 Include release policy in attestation and pull hashes for
checks from there.
new 3d03797f Include checker name in cache key and tidy up some code.
new a449e4cb Read and write checks to/from attestable data
new 66c523eb Read and write checks to/from attestable data
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (3161e7cb)
\
N -- N -- N refs/heads/check_caching (66c523eb)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
The 5 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.github/workflows/analyze.yml | 2 +-
.github/workflows/build.yml | 2 +-
.pre-commit-config.yaml | 7 +-
atr/admin/__init__.py | 4 +-
atr/analysis.py | 27 +++++
atr/classify.py | 54 ++++++++++
atr/get/checks.py | 3 +-
atr/get/upload.py | 6 +-
atr/merge.py | 1 +
atr/post/upload.py | 20 +++-
atr/server.py | 1 +
atr/shared/upload.py | 4 +-
atr/static/css/atr.css | 5 +
atr/storage/readers/releases.py | 16 +--
atr/storage/types.py | 4 +-
atr/storage/writers/release.py | 5 +-
atr/tasks/checks/__init__.py | 8 +-
atr/tasks/checks/paths.py | 55 +++++++++-
atr/templates/about.html | 33 +++++-
atr/templates/check-selected-path-table.html | 47 ++++----
atr/templates/check-selected.html | 5 -
atr/util.py | 5 +-
pyproject.toml | 4 +-
requirements-for-pip-audit.txt | 20 ++--
tests/e2e/compose/test_get.py | 29 +++++
tests/unit/test_util.py | 4 +
uv.lock | 156 ++++++++++++++-------------
27 files changed, 373 insertions(+), 154 deletions(-)
create mode 100644 atr/classify.py
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
