This is an automated email from the ASF dual-hosted git repository.
arm pushed a change to branch arm
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
discard 40c9ca00 Refactor check get logic to a shared method and remove some
extra places where we still used release_name or version
discard 3cd36ebb Remove cache ignore logic since we can't have an empty cache
key now. Add policy dependencies to license and RAT checks. Enable local/global
caching switch. Fix bug with task list.
discard 1c373d2f Move github model into general models out of SBOM models
discard 77a8d07a Change attestable hashes to dict and reuse to resolve TOCTOU
of check result. Use attestable hashes for check reports. Add version to cache
key. Add file hash to hash and signature check and github SHA to source_tree.
discard ffbe66ae Remove check for task running and add unique constraint, for
which we try to catch the IntegrityError. Include in playwright tests and don't
use revision number to filter individual check results.
discard f55c7f14 Remove check for task running
add 030b4fc3 Use the intersection of algorithms from asyncssh and ssh-audit
add a0cb5cd6 Return 404 when project is unknown in api endpoint call
add 32550b7e Introduce ATR_STATUS and control recipient lists
add 141036f3 Bump astral-sh/setup-uv from 7.2.0 to 7.3.0
add 731a2962 Check for banned ASF accounts in more places
add 48078cc5 Document the use of safe Markdown to HTML rendering in
cmarkgfm
add e693c2da Keep a strict subset of GitHub OIDC payloads
add 7281bdce Use asfquart main, as it now supports maximum session
lifetimes
add 8fdb8c21 Manual PAT removal; fixes #598
add fa00a7ba Strengthen a couple of authorisation patterns
add f4d7dd38 Improve curl download scripting
add 15e3f2fa Remove check for task running
add b1cc00db Remove check for task running and add unique constraint, for
which we try to catch the IntegrityError. Include in playwright tests and don't
use revision number to filter individual check results.
add 6777296c Change attestable hashes to dict and reuse to resolve TOCTOU
of check result. Use attestable hashes for check reports. Add version to cache
key. Add file hash to hash and signature check and github SHA to source_tree.
add f37cc76a Move github model into general models out of SBOM models
add 2959b8fc Remove cache ignore logic since we can't have an empty cache
key now. Add policy dependencies to license and RAT checks. Enable local/global
caching switch. Fix bug with task list.
add c93d0fc1 Refactor check get logic to a shared method and remove some
extra places where we still used release_name or version
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (40c9ca00)
\
N -- N -- N refs/heads/arm (c93d0fc1)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
No new revisions were added by this update.
Summary of changes:
.github/workflows/analyze.yml | 2 +-
.github/workflows/build.yml | 2 +-
atr/admin/__init__.py | 52 +++++++++++
atr/admin/templates/revoke-user-tokens.html | 48 ++++++++++
atr/api/__init__.py | 2 +
atr/blueprints/get.py | 4 +
atr/blueprints/post.py | 4 +
atr/config.py | 1 +
atr/docs/authentication-security.md | 7 +-
atr/docs/authorization-security.md | 6 ++
atr/docs/input-validation.md | 2 +
atr/get/download.py | 2 +
atr/jwtoken.py | 55 +++++++++--
atr/ldap.py | 13 +++
atr/models/schema.py | 4 +
atr/ssh.py | 18 ++++
atr/static/sh/download-urls.sh | 5 +-
atr/storage/__init__.py | 1 +
atr/storage/writers/tokens.py | 35 +++++++
atr/templates/download-all.html | 2 +-
atr/templates/includes/topnav.html | 5 +
atr/util.py | 57 +++++++-----
pyproject.toml | 3 +-
requirements-for-pip-audit.txt | 6 +-
{atr => tests/e2e/admin}/__init__.py | 0
tests/e2e/{tokens => admin}/conftest.py | 21 +++--
tests/e2e/{tokens => admin}/helpers.py | 23 +++--
tests/e2e/admin/test_revoke_tokens.py | 137 ++++++++++++++++++++++++++++
uv.lock | 23 +++--
29 files changed, 479 insertions(+), 61 deletions(-)
create mode 100644 atr/admin/templates/revoke-user-tokens.html
copy {atr => tests/e2e/admin}/__init__.py (100%)
copy tests/e2e/{tokens => admin}/conftest.py (58%)
copy tests/e2e/{tokens => admin}/helpers.py (55%)
create mode 100644 tests/e2e/admin/test_revoke_tokens.py
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
