commits  

Messages by Thread

• (tooling-trusted-releases) branch sbp updated: Update the requests dependency due to CVE-2026-25645 sbp
• (tooling-trusted-releases) branch main updated (26ef4a14 -> 68434f0c) sbp
• (tooling-trusted-releases) branch sbp updated (54315beb -> 68434f0c) sbp
  • (tooling-trusted-releases) 01/01: Allow votes to be cancelled sbp
• (tooling-trusted-releases) branch main updated (5bc8d2ef -> 26ef4a14) sbp
• (tooling-trusted-releases) branch sbp updated: Allow votes to be cancelled sbp
• (tooling-trusted-releases) branch sbp updated: Remove the release policy option to pause for the release manager sbp
• (tooling-trusted-releases) branch main updated (3ef3db84 -> 5bc8d2ef) sbp
• (tooling-trusted-releases) branch sbp updated: Fix an email bug and add tests sbp
• (tooling-trusted-releases) branch main updated (c6357163 -> 3ef3db84) sbp
• (tooling-trusted-releases) branch sbp updated: Fix verb conjugation in the vote resolution email default body sbp
• (tooling-trusted-releases) branch main updated (442e308f -> c6357163) sbp
• (tooling-trusted-releases) branch main updated (790a665f -> 442e308f) sbp
• (tooling-trusted-releases) branch main updated (6bbadc81 -> 790a665f) sbp
• (tooling-trusted-releases) branch sbp updated (53788af7 -> 790a665f) sbp
  • (tooling-trusted-releases) 01/01: Add a form to tally any vote sbp
• (tooling-trusted-releases) branch main updated (682ff179 -> 6bbadc81) sbp
  • (tooling-trusted-releases) 01/01: Ignore CVE-2026-4539 until a fix is available sbp
• (tooling-trusted-releases) branch arm updated (af4f63d9 -> 682ff179) arm
• (tooling-trusted-releases) branch sbp updated: Turn off basic authentication in ASFQuart sbp
  • (tooling-trusted-releases) branch sbp updated: Turn off basic authentication in ASFQuart sbp
• (tooling-trusted-releases) branch main updated (af4f63d9 -> 682ff179) sbp
• (tooling-trusted-releases) branch sbp updated (8f86fe3b -> 682ff179) sbp
  • (tooling-trusted-releases) 01/01: Add a form to tally any vote sbp
• (tooling-trusted-releases) branch form_validation_cache updated (d120c688 -> 347d4eef) arm
• (tooling-trusted-releases) branch main updated (8f86fe3b -> af4f63d9) arm
• (tooling-trusted-releases) branch arm updated (82bae60a -> af4f63d9) arm
  • (tooling-trusted-releases) 01/01: Allow safe types to be used in task args in the database. arm
• (tooling-trusted-releases) branch main updated (da4d20a1 -> 8f86fe3b) sbp
• (tooling-trusted-releases) branch arm updated (f2b3fd9b -> 82bae60a) arm
  • (tooling-trusted-releases) 01/01: Allow safe types to be used in task args in the database. arm
• (tooling-trusted-releases) branch sbp updated (7a3dc4d3 -> 8f86fe3b) sbp
  • (tooling-trusted-releases) 01/01: Allow the use of CC and BCC for voting and announcing sbp
• (tooling-trusted-releases) branch arm updated (e3ba5367 -> f2b3fd9b) arm
  • (tooling-trusted-releases) 01/01: Allow safe types to be used in task args in the database. arm
• (tooling-trusted-releases) branch sbp updated (da901ba5 -> 7a3dc4d3) sbp
  • (tooling-trusted-releases) 01/01: Allow the use of CC and BCC for voting and announcing sbp
• (tooling-trusted-releases) branch arm updated (c7afdf58 -> e3ba5367) arm
  • (tooling-trusted-releases) 01/01: Allow safe types to be used in task args in the database. arm
• (tooling-trusted-releases) branch main updated: Notes say that cmarkgfm is safe arm
• (tooling-trusted-releases) branch arm updated (54921a69 -> c7afdf58) arm
  • (tooling-trusted-releases) 01/01: Allow safe types to be used in task args in the database. arm
• (tooling-trusted-releases) branch dependabot/github_actions/astral-sh/setup-uv-7.6.0 deleted (was 366f4a2b) sbp
• (tooling-trusted-releases) branch main updated: Bump astral-sh/setup-uv from 7.3.1 to 7.6.0 sbp
• (tooling-trusted-releases) branch dependabot/github_actions/biomejs/setup-biome-2.7.1 deleted (was 81fbf489) sbp
• (tooling-trusted-releases) branch main updated: Bump biomejs/setup-biome from 2.7.0 to 2.7.1 sbp
• (tooling-trusted-releases) branch dependabot/github_actions/astral-sh/setup-uv-7.6.0 created (now 366f4a2b) github-bot
• (tooling-trusted-releases) branch dependabot/github_actions/biomejs/setup-biome-2.7.1 created (now 81fbf489) github-bot
• (tooling-actions) branch main updated: Add license to dependabot yml arm
• (tooling-actions) branch main updated: Move it again arm
• (tooling-actions) branch main updated: Move config and change to disable arm
• (tooling-actions) branch main updated: Newline missing arm
• (tooling-actions) branch main updated: Add zizmor config arm
• (tooling-releases-client) branch dependabot/github_actions/astral-sh/setup-uv-7.3.1 deleted (was c1c5b79) github-bot
• (tooling-releases-client) branch dependabot/github_actions/astral-sh/setup-uv-7.6.0 created (now 17091b6) github-bot
• (tooling-trusted-releases) branch main updated (bc46b451 -> 54921a69) arm
• (tooling-trusted-releases) branch arm updated (34b3895d -> 54921a69) arm
  • (tooling-trusted-releases) 01/01: #910 - emails support CC and BCC, and enum for footer to be appended. arm
• (tooling-trusted-releases) branch arm updated (bc46b451 -> 34b3895d) arm
• (tooling-trusted-releases) branch email_cc_bcc_footers deleted (was 34b3895d) arm
• (tooling-trusted-releases) branch email_cc_bcc_footers updated (36473d19 -> 34b3895d) arm
• (tooling-trusted-releases) branch email_cc_bcc_footers updated (d3c757d9 -> 36473d19) arm
• (tooling-trusted-releases) branch email_cc_bcc_footers created (now d3c757d9) arm
  • (tooling-trusted-releases) 01/01: #910 - emails support CC and BCC, and enum for footer to be appended. arm
• (tooling-trusted-releases) branch form_validation_cache updated (c8aa3abb -> d120c688) arm
• (tooling-trusted-releases) branch arm updated (0947f6ad -> bc46b451) arm
• (tooling-actions) branch main updated: Remove old, unused builds arm
• (tooling-actions) branch main updated: Bump actions/setup-java from 5.1.0 to 5.2.0 (#10) wave
• (tooling-actions) branch dependabot/github_actions/actions/setup-java-5.2.0 deleted (was b0d8f50) wave
• (tooling-actions) branch dependabot/github_actions/actions/checkout-6.0.2 created (now cb23665) github-bot
• (tooling-actions) branch main updated: Update astral-sh/setup-uv to 7.6.0 wave
• (tooling-actions) branch main updated: Update zizmor version to 1.23.0 wave
• (tooling-actions) branch main updated: Add Dependabot configuration for GitHub Actions wave
• (tooling-actions) branch dependabot/github_actions/actions/checkout-6.0.2 deleted (was cb23665) wave
• (tooling-actions) branch dependabot/github_actions/actions/setup-python-6.2.0 deleted (was 9319b3f) wave
• (tooling-actions) branch main updated: Bump actions/setup-python from 5.4.0 to 6.2.0 (#8) wave
• (tooling-actions) branch main updated: Bump actions/checkout from 4.2.2 to 6.0.2 (#9) wave
• (tooling-actions) branch dependabot/github_actions/actions/setup-python-6.2.0 created (now 9319b3f) github-bot
• (tooling-actions) branch dependabot/github_actions/actions/setup-java-5.2.0 created (now b0d8f50) github-bot
• (tooling-actions) branch main updated: protect main branch against force push and delete (#6) wave
• (tooling-trusted-releases) branch main updated: OF - typo seem by ASVS wave
• (tooling-trusted-releases) branch remove-artifacts-path-from-projects-compose-form created (now c30faaee) wave
• (tooling-trusted-releases) branch remove-artifacts-path-from-projects-compose-form deleted (was c30faaee) wave
• (tooling-trusted-releases) branch main updated (02d2bb3f -> da901ba5) sbp
• (tooling-trusted-releases) branch main updated (ee6a1d9f -> 02d2bb3f) sbp
• (tooling-trusted-releases) branch sbp updated: Change the size of several release policy form fields sbp
• (tooling-trusted-releases) branch main updated (7d0920f6 -> ee6a1d9f) sbp
• (tooling-trusted-releases) branch sbp updated: Add an API endpoint to update release policies sbp
• (tooling-trusted-releases) branch sbp updated: Move the API endpoint to get a release policy sbp
• (tooling-trusted-releases) branch main updated (d8489a6c -> 7d0920f6) sbp
• (tooling-trusted-releases) branch sbp updated: Remove binary and source artifact paths from the release policy form sbp
• (tooling-trusted-releases) branch ssh-invalidate-737 updated (59f30984 -> a40683f6) akm
• (tooling-trusted-releases) branch remove-artifacts-path-from-projects-compose-form updated: Remove artifacts paths from project compose form wave
• (tooling-trusted-releases) branch remove-artifacts-path-from-projects-compose-form created (now d8489a6c) wave
• (tooling-trusted-releases) branch main updated (0947f6ad -> d8489a6c) sbp
• (tooling-trusted-releases) branch sbp updated (ef54d39c -> d8489a6c) sbp
  • (tooling-trusted-releases) 01/01: Add a classification type for documentation sbp
• (tooling-trusted-releases) branch main updated (ef54d39c -> 0947f6ad) arm
• (tooling-trusted-releases) branch arm updated (0bcd3a7f -> 0947f6ad) arm
  • (tooling-trusted-releases) 01/01: #915 - Add safe path type arm
• (tooling-trusted-releases) branch main updated (717b82f2 -> ef54d39c) sbp
• (tooling-trusted-releases) branch main updated (9799c8f3 -> 717b82f2) sbp
• (tooling-trusted-releases) branch sbp updated: Update dependencies and fix style problems sbp
• (tooling-trusted-releases) branch main updated (d179d949 -> 9799c8f3) sbp
• (tooling-trusted-releases) branch arm updated (a1d291c1 -> 0bcd3a7f) arm
  • (tooling-trusted-releases) 01/01: #915 - Add safe path type arm
• (tooling-trusted-releases) branch arm updated (e86ecdf0 -> a1d291c1) arm
  • (tooling-trusted-releases) 01/01: #915 - Add safe path type arm
• (tooling-trusted-releases) branch sbp updated: Fix some e2e tests related to Trusted Publishing and RAT checks sbp
• (tooling-trusted-releases) branch main updated (8027be75 -> d179d949) sbp
• (tooling-trusted-releases) branch sbp updated: Allow more files at the top level sbp
• (tooling-trusted-releases) branch main updated (ef59ffaf -> 8027be75) sbp
• (tooling-trusted-releases) branch sbp updated (b1a43d2c -> 8027be75) sbp
  • (tooling-trusted-releases) 01/01: Upgrade RAT to version 0.18 sbp
• (tooling-trusted-releases) branch sbp updated (bcc2e438 -> e49b3f7a) sbp
  • (tooling-trusted-releases) 01/01: Upgrade RAT to version 0.18 sbp
• (tooling-trusted-releases) branch sbp updated: Move Trusted Publishing fields into a separate form sbp
  • (tooling-trusted-releases) branch sbp updated: Move Trusted Publishing fields into a separate form sbp
  • (tooling-trusted-releases) branch sbp updated: Move Trusted Publishing fields into a separate form sbp
• (tooling-trusted-releases) branch arm updated (1206ad31 -> e86ecdf0) arm
  • (tooling-trusted-releases) 01/01: #915 - Add safe path type arm
• (tooling-trusted-releases) branch arm updated (ef59ffaf -> 1206ad31) arm
• (tooling-trusted-releases) branch safe_path updated (c2104abe -> 1206ad31) arm
  • (tooling-trusted-releases) 01/01: #915 - Add safe path type arm
• (tooling-trusted-releases) branch arm updated (5961d500 -> ef59ffaf) arm
• (tooling-trusted-releases) branch safe_path created (now c2104abe) arm
  • (tooling-trusted-releases) 01/01: #915 - Add safe path type arm
• (tooling-trusted-releases) branch ssh-invalidate-737 created (now 59f30984) akm
  • (tooling-trusted-releases) 01/01: Invalidate SSH keys; fixes #737 akm
• (tooling-trusted-releases) branch dependabot/uv/pydantic-core-2.42.0 deleted (was 381cdc14) github-bot
• (tooling-trusted-releases) branch main updated (269971c3 -> ef59ffaf) sbp
• (tooling-trusted-releases) branch sbp updated: Rename generated pip-audit requirements to avoid Dependabot scanning them sbp
• (tooling-trusted-releases) branch main updated (5961d500 -> 269971c3) sbp
• (tooling-trusted-releases) branch sbp updated (a106a69d -> 269971c3) sbp
  • (tooling-trusted-releases) 01/01: Handle extra type cases in Trusted Publishing payload validation sbp
• (tooling-trusted-releases) branch main updated (a106a69d -> 5961d500) arm
• (tooling-trusted-releases) branch sbp updated (f3f49065 -> a106a69d) sbp
• (tooling-trusted-releases) branch github_tp_validation deleted (was 581fe1dc) sbp
• (tooling-trusted-releases) branch arm updated: #676 Validate exp and nbf when loading pydantic model for Github token. Attestable class updated to store and load model instead of dict. sbp
• (tooling-trusted-releases) branch main updated (6cfd6132 -> a106a69d) arm
• (tooling-trusted-releases) branch form_validation_cache updated (db847ae8 -> c8aa3abb) arm
• (tooling-trusted-releases) branch github_tp_validation updated (1fcbd97f -> 581fe1dc) arm
• (tooling-trusted-releases) branch arm updated (53a8813b -> a106a69d) arm
  • (tooling-trusted-releases) 01/01: Some additional tidy up of typed decorators, and some additional tests for them arm
• (tooling-trusted-releases) branch arm updated (06076250 -> 53a8813b) arm
  • (tooling-trusted-releases) 01/01: Some additional tidy up of typed decorators, and some additional tests for them arm
• (tooling-trusted-releases) branch arm updated: Some additional tidy up of typed decorators, and some additional tests for them arm
• (tooling-trusted-releases) branch main updated (9285f5fb -> 6cfd6132) arm
• (tooling-trusted-releases) branch arm updated (b451f601 -> 6cfd6132) arm
  • (tooling-trusted-releases) 01/01: Move most of the admin routes over to "typed" decorators for param validation. Add test to make sure future decorator changes don't break routing. Simplify param checking. arm
• (tooling-trusted-releases) branch arm updated: Move most of the admin routes over to "typed" decorators for param validation. Add test to make sure future decorator changes don't break routing. Simplify param checking. arm
• (tooling-trusted-releases) branch update-email-alert-messages deleted (was 1a4cfdd7) sbp
• (tooling-trusted-releases) branch main updated: Make token change emails more clear sbp
• (tooling-trusted-releases) branch oauth-asvs-docs-681 deleted (was 9f84d0c4) sbp
• (tooling-trusted-releases) branch main updated: Adding OAuth docs; fixes #681 sbp
• (tooling-trusted-releases) branch form_validation_cache updated (f06eceab -> db847ae8) arm
• (tooling-trusted-releases) branch github_tp_validation updated (d12cb683 -> 1fcbd97f) arm
• (tooling-trusted-releases) branch arm updated (8ff670ac -> f3f49065) arm
• (tooling-trusted-releases) branch main updated (8ff670ac -> f3f49065) sbp
• (tooling-trusted-releases) branch sbp updated (5c63b351 -> f3f49065) sbp
  • (tooling-trusted-releases) 01/01: Classify files by counting classification markers sbp
• (tooling-trusted-releases) branch oauth-asvs-docs-681 created (now 9f84d0c4) akm
  • (tooling-trusted-releases) 01/01: Adding OAuth docs; fixes #681 akm
• (tooling-trusted-releases) branch arm updated (2f5e1b16 -> 8ff670ac) arm
• (tooling-trusted-releases) branch github_tp_validation updated (98ccca02 -> d12cb683) arm
• (tooling-trusted-releases) branch main updated (2f5e1b16 -> 8ff670ac) arm
• (tooling-trusted-releases) branch check_version_database deleted (was 8ff670ac) arm
• (tooling-trusted-releases) branch check_version_database updated (d89304e6 -> 8ff670ac) arm
• (tooling-trusted-releases) branch check_version_database updated (097baf40 -> d89304e6) arm
• (tooling-trusted-releases) branch check_version_database updated (b4c0dbd8 -> 097baf40) arm
• (tooling-trusted-releases) branch check_version_database updated (98a60623 -> b4c0dbd8) arm
• (tooling-trusted-releases) branch form_validation_cache updated (be0c7a0a -> f06eceab) arm
• (tooling-trusted-releases) branch github_tp_validation updated (9d5f320a -> 98ccca02) arm
• (tooling-trusted-releases) branch check_version_database updated (905e9234 -> 98a60623) arm
• (tooling-trusted-releases) branch arm updated (a912cec2 -> 2f5e1b16) arm
• (tooling-trusted-releases) branch dependabot/github_actions/astral-sh/setup-uv-7.3.1 deleted (was 8b88fd49) sbp
• (tooling-trusted-releases) branch main updated: Bump astral-sh/setup-uv from 7.3.0 to 7.3.1 sbp
• (tooling-trusted-releases) branch main updated (554490a0 -> 5c63b351) sbp
• (tooling-trusted-releases) branch main updated (a912cec2 -> 554490a0) sbp
• (tooling-trusted-releases) branch sbp updated: Fix typos in the third party license files sbp
• (tooling-trusted-releases) branch sbp updated: Search for license and notice files recursively in binary archives sbp
• (tooling-trusted-releases) branch rate_limiting deleted (was 2469e105) arm
• (tooling-trusted-releases) branch ssh_security_config deleted (was 1c982ca8) arm
• (tooling-trusted-releases) branch pending_dist_changes deleted (was 8ed69eb5) arm
• (tooling-trusted-releases) branch file_type_detection deleted (was 61f166f0) arm
• (tooling-trusted-releases) branch safe_committee_type deleted (was a1d8b129) arm
• (tooling-trusted-releases) branch github_tp_validation updated (7838cfcc -> 9d5f320a) arm
• (tooling-trusted-releases) branch github_tp_validation updated (fe52b96b -> 7838cfcc) arm
• (tooling-trusted-releases) branch check_version_database created (now 905e9234) arm
  • (tooling-trusted-releases) 01/01: #892 - record check version in database (and fix a couple of type issues in tests) arm
• (tooling-trusted-releases) branch github_tp_validation updated (7838cfcc -> fe52b96b) arm
• (tooling-trusted-releases) branch github_tp_validation updated (1c4f70a1 -> 7838cfcc) arm
  • (tooling-trusted-releases) 01/01: #676 Validate exp and nbp when loading pydantic model for Github token. Attestable class updated to store and load model instead of dict. arm
• (tooling-trusted-releases) branch github_tp_validation created (now 1c4f70a1) arm
  • (tooling-trusted-releases) 01/01: #676 Validate exp and nbp when loading pydantic model for Github token. Attestable class updated to store and load model instead of dict. arm
• (tooling-trusted-releases) branch form_validation_cache updated (c9838b2c -> be0c7a0a) arm
• (tooling-trusted-releases) branch form_validation_cache updated (61b7a88c -> c9838b2c) arm
• (tooling-trusted-releases) branch arm updated (3a99ce3b -> a912cec2) arm
• (tooling-trusted-releases) branch main updated (87b6591a -> a912cec2) sbp
• (tooling-trusted-releases) branch main updated (472d371e -> 87b6591a) sbp

• Earlier messages
• Later messages