This is an automated email from the ASF dual-hosted git repository. arm pushed a commit to branch arm in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
commit 4323f004b5f5b15070832252ca3d423136416c3e Author: Alastair McFarlane <[email protected]> AuthorDate: Fri Apr 3 15:52:12 2026 +0100 #1009 - Validate committee key from URL against the form --- atr/post/projects.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/atr/post/projects.py b/atr/post/projects.py index ef11b0d4..6cd041a5 100644 --- a/atr/post/projects.py +++ b/atr/post/projects.py @@ -46,6 +46,9 @@ async def add_project( display_name = project_form.display_name label = project_form.label + if committee_key != project_form.committee_key: + raise ValueError(f"Invalid committee key: {committee_key}") + async with storage.write(session) as write: wacm = await write.as_project_committee_member(safe.ProjectKey(str(committee_key))) try: --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
