commits  

Messages by Thread

• (tooling-trusted-releases) branch taint_tracking_types updated: Validate session by type instead of name, and _ prefix unused sessions arm
• (tooling-trusted-releases) branch taint_tracking_types updated (939539af -> 94ace8db) arm
  • (tooling-trusted-releases) 02/02: Add taint tracking types to post endpoints arm
  • (tooling-trusted-releases) 01/02: Add taint tracking types to get endpoints arm
• (tooling-trusted-releases) branch arm updated (4862aec0 -> 9003b050) arm
• (tooling-trusted-releases) branch taint_tracking_types updated (caa5451a -> 939539af) arm
  • (tooling-trusted-releases) 01/01: Add taint tracking types to post endpoints arm
• (tooling-trusted-releases) branch taint_tracking_types updated (d64537a5 -> caa5451a) arm
  • (tooling-trusted-releases) 01/02: Add taint tracking types to get endpoints arm
  • (tooling-trusted-releases) 02/02: Add taint tracking types to post endpoints arm
• (tooling-trusted-releases) branch main updated (4862aec0 -> 9003b050) sbp
• (tooling-trusted-releases) branch sbp updated (70cdb2a2 -> 9003b050) sbp
  • (tooling-trusted-releases) 01/01: Separate the code to finalise a revision sbp
• (tooling-trusted-releases) branch taint_tracking_types updated (2eef89fc -> d64537a5) arm
  • (tooling-trusted-releases) 01/01: Add taint tracking types to get endpoints arm
• (tooling-trusted-releases) branch main updated: Fix import arm
• (tooling-trusted-releases) branch taint_tracking_types updated (e568be5f -> 2eef89fc) arm
  • (tooling-trusted-releases) 01/01: Add taint tracking types to get endpoints arm
• (tooling-trusted-releases) branch arm updated (70cdb2a2 -> 4862aec0) arm
• (tooling-trusted-releases) branch taint_tracking_types updated (668c2f2e -> e568be5f) arm
  • (tooling-trusted-releases) 01/01: Add taint tracking types to get endpoints arm
• (tooling-trusted-releases) branch arm updated (e8ea2fea -> 70cdb2a2) arm
• (tooling-trusted-releases) branch taint_tracking_types updated (7f570656 -> 668c2f2e) arm
  • (tooling-trusted-releases) 01/01: Add taint tracking types to get endpoints arm
• (tooling-trusted-releases) branch taint_tracking_types updated (f6e08562 -> 7f570656) arm
  • (tooling-trusted-releases) 01/01: Add taint tracking types to get endpoints arm
• (tooling-trusted-releases) branch taint_tracking_types updated (770184ff -> f6e08562) arm
  • (tooling-trusted-releases) 01/01: Add taint tracking types to get endpoints arm
• (tooling-trusted-releases) branch taint_tracking_types updated (9b70aadb -> 770184ff) arm
  • (tooling-trusted-releases) 01/01: Add taint tracking types to get endpoints arm
• (tooling-trusted-releases) branch taint_tracking_types updated (a6b22c9e -> 9b70aadb) arm
  • (tooling-trusted-releases) 01/01: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch taint_tracking_types updated (bc540c70 -> a6b22c9e) arm
  • (tooling-trusted-releases) 01/01: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch taint_tracking_types updated (7714d597 -> bc540c70) arm
  • (tooling-trusted-releases) 01/01: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch taint_tracking_types updated (4b0213c8 -> 7714d597) arm
  • (tooling-trusted-releases) 01/01: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch taint_tracking_types updated (20200510 -> 4b0213c8) arm
  • (tooling-trusted-releases) 01/01: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch taint_tracking_types updated: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch main updated (df9462aa -> 70cdb2a2) sbp
• (tooling-trusted-releases) branch main updated (7cac7526 -> df9462aa) sbp
• (tooling-trusted-releases) branch sbp updated: Temporarily allow .gitkeep release files throughout sbp
• (tooling-trusted-releases) branch taint_tracking_types updated (fef79800 -> 3e3c8d92) arm
  • (tooling-trusted-releases) 01/01: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch taint_tracking_types updated (ecbcda71 -> fef79800) arm
  • (tooling-trusted-releases) 01/01: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch sbp updated (5db7392a -> df9462aa) sbp
  • (tooling-trusted-releases) 01/01: Fix a problem with rendering information about checks sbp
• (tooling-trusted-releases) branch taint_tracking_types updated (5b438db7 -> ecbcda71) arm
  • (tooling-trusted-releases) 01/01: First cut of taint tracking types for project and version arm
• (tooling-trusted-releases) branch taint_tracking_types created (now 5b438db7) arm
  • (tooling-trusted-releases) 02/02: First cut of taint tracking types for project and version arm
  • (tooling-trusted-releases) 01/02: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• (tooling-trusted-releases) branch explicit-ldap-tls-configuration deleted (was c6542f4e) sbp
• (tooling-trusted-releases) branch main updated: Explicit ldap tls configuration (#755) sbp
• (tooling-trusted-releases) branch explicit-ldap-tls-configuration updated (ea1347b7 -> c6542f4e) wave
• (tooling-trusted-releases) branch main updated (b96895d6 -> 5db7392a) sbp
• (tooling-trusted-releases) branch main updated (98584f0c -> b96895d6) sbp
• (tooling-trusted-releases) branch sbp updated: Add missing parentheses sbp
• (tooling-trusted-releases) branch sbp updated (03114918 -> b96895d6) sbp
  • (tooling-trusted-releases) 01/01: Add some simple archive checks for quarantined file validation sbp
• (tooling-trusted-releases) branch sbp updated: Add some simple archive checks for quarantined file validation sbp
• (tooling-trusted-releases) branch main updated (e8ea2fea -> 98584f0c) sbp
• (tooling-trusted-releases) branch sbp updated (bc3f4f19 -> 98584f0c) sbp
  • (tooling-trusted-releases) 01/01: Fix some e2e tests for checks sbp
• (tooling-trusted-releases) branch arm updated (039f5889 -> e8ea2fea) arm
  • (tooling-trusted-releases) 01/01: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• (tooling-trusted-releases) branch main updated (bc3f4f19 -> e8ea2fea) arm
• (tooling-trusted-releases) branch main updated (4ca6056d -> bc3f4f19) sbp
• (tooling-trusted-releases) branch sbp updated: Detect which files need to be quarantined sbp
• (tooling-trusted-releases) branch sbp updated (ece6e9d4 -> 4ca6056d) sbp
• (tooling-trusted-releases) branch arm updated (612cffa4 -> 039f5889) arm
  • (tooling-trusted-releases) 01/01: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• (tooling-trusted-releases) branch arm updated (ef1c4b9e -> 612cffa4) arm
  • (tooling-trusted-releases) 01/01: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• (tooling-trusted-releases) branch arm updated: #641 - some initial migrations out of the util module for paths and hash calculation. arm
• (tooling-trusted-releases) branch main updated (7a828f68 -> 4ca6056d) arm
• (tooling-trusted-releases) branch arm updated (e7b73d88 -> 4ca6056d) arm
  • (tooling-trusted-releases) 01/01: #720 - Ensure paths are relative to the revision path. arm
• (tooling-trusted-releases) branch arm updated: Ensure paths are relative to the revision path. Closes #720. arm
• (tooling-trusted-releases) branch arm updated: Add tighter rate limit to /distribute/ssh/register to match /ssh/register. Update docs on some other endpoints. Closes #724. arm
• (tooling-trusted-releases) branch main updated (ece6e9d4 -> 7a828f68) arm
• (tooling-trusted-releases) branch arm updated (baeee120 -> 7a828f68) arm
  • (tooling-trusted-releases) 01/01: #695 - remove SVN Relase from SVN form. Also add support for Njord bundle as a filetype and project property for file tagging spec arm
• (tooling-trusted-releases) branch arm updated (0912c5c2 -> baeee120) arm
  • (tooling-trusted-releases) 01/01: #695 - remove SVN Relase from SVN form. Also add support for Njord bundle as a filetype and project property for file tagging spec arm
• (tooling-trusted-releases) branch main updated (731b389a -> ece6e9d4) sbp
• (tooling-trusted-releases) branch main updated (1354f7ab -> 731b389a) sbp
• (tooling-trusted-releases) branch sbp updated: Fix more function ordering by improving the order fixing script sbp
• (tooling-trusted-releases) branch explicit-ldap-tls-configuration updated (819e4681 -> ea1347b7) wave
• (tooling-trusted-releases) branch explicit-ldap-tls-configuration created (now 819e4681) wave
  • (tooling-trusted-releases) 01/01: Explicit ldap tls configuration wave
• (tooling-trusted-releases) branch sbp updated: Add the quarantined directory and tests sbp
• (tooling-trusted-releases) branch main updated (e68a272c -> 1354f7ab) sbp
• (tooling-trusted-releases) branch sbp updated (0acdc900 -> 1354f7ab) sbp
  • (tooling-trusted-releases) 01/01: Fix a problem with the download script sbp
• (tooling-trusted-releases) branch docker-checksum-apache-rat deleted (was 9d7b7db3) sbp
• (tooling-trusted-releases) branch main updated: Refactor Dockerfile to streamline Apache RAT installation sbp
• (tooling-trusted-releases) branch docker-checksum-apache-rat updated (f39c3c65 -> 9d7b7db3) wave
• (tooling-trusted-releases) branch docker-checksum-apache-rat created (now f39c3c65) wave
  • (tooling-trusted-releases) 01/01: Refactor Dockerfile to streamline Apache RAT installation wave
• (tooling-trusted-releases) branch sbp updated: Fix a problem with the download script sbp
• (tooling-trusted-releases) branch main updated (9e18e43e -> efc597e4) sbp
• (tooling-trusted-releases) branch sbp updated (fcd75e75 -> efc597e4) sbp
  • (tooling-trusted-releases) 01/01: Add a database model for the quarantined upload phase sbp
• (tooling-trusted-releases) branch sbp updated (dd2d1b23 -> fcd75e75) sbp
  • (tooling-trusted-releases) 01/01: Add a database model for the quarantined upload phase sbp
• (tooling-trusted-releases) branch sbp updated (e77fbe04 -> dd2d1b23) sbp
  • (tooling-trusted-releases) 01/01: Add a database model for the quarantined upload phase sbp
• (tooling-actions) branch main updated: Rename old builds and update to new njord bundle based workflow arm
• (tooling-trusted-releases) branch sbp updated (5e288b2d -> e77fbe04) sbp
  • (tooling-trusted-releases) 01/01: Add a database model for the quarantined upload phase sbp
• (tooling-trusted-releases) branch main updated: #725 - make sure failures are logged from PAT failure and they include the user arm
• (tooling-trusted-releases) branch arm created (now 0912c5c2) arm
  • (tooling-trusted-releases) 01/01: #725 - make sure failures are logged from PAT failure and they include the user arm
• (tooling-trusted-releases) branch arm deleted (was aaff904c) arm
• (tooling-trusted-releases) branch main updated (5e288b2d -> 9b963ade) arm
  • (tooling-trusted-releases) 04/05: Remove cache ignore logic since we can't have an empty cache key now. Add policy dependencies to license and RAT checks. Enable local/global caching switch. Fix bug with task list. arm
  • (tooling-trusted-releases) 01/05: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
  • (tooling-trusted-releases) 03/05: Move github model into general models out of SBOM models arm
  • (tooling-trusted-releases) 05/05: Refactor check get logic to a shared method and remove some extra places where we still used release_name or version. Remove bulk-delete of check results. Update documentation. arm
  • (tooling-trusted-releases) 02/05: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• (tooling-trusted-releases) branch arm updated (8369df95 -> aaff904c) arm
• (tooling-trusted-releases) branch arm updated (17014ea3 -> 8369df95) arm
• (tooling-trusted-releases) branch arm updated (fa45b20d -> 17014ea3) arm
• (tooling-trusted-releases) branch arm updated (6893b8e8 -> fa45b20d) arm
• (tooling-trusted-releases) branch main updated (f4d7dd38 -> 5e288b2d) sbp
• (tooling-trusted-releases) branch sbp updated (fa00a7ba -> 5e288b2d) sbp
  • (tooling-trusted-releases) 01/01: Set CodeQL to ignore permissions because ATR release data is public sbp
• (tooling-trusted-releases) branch arm updated (c93d0fc1 -> 6893b8e8) arm
• (tooling-trusted-releases) branch arm updated (3cd36ebb -> 40c9ca00) arm
• (tooling-trusted-releases) branch arm updated (40c9ca00 -> c93d0fc1) arm
• (tooling-trusted-releases) branch curl-extra-downloads-improvement deleted (was 15fcf0a3) sbp
• (tooling-trusted-releases) branch main updated: Improve curl download scripting sbp
• (tooling-trusted-releases) branch curl-extra-downloads-improvement created (now 15fcf0a3) wave
  • (tooling-trusted-releases) 01/01: Improve curl download scripting wave
• (tooling-trusted-releases) branch main updated (8fdb8c21 -> fa00a7ba) sbp
• (tooling-trusted-releases) branch sbp updated: Strengthen a couple of authorisation patterns sbp
• (tooling-trusted-releases) branch sbp updated (7281bdce -> 8fdb8c21) sbp
• (tooling-trusted-releases) branch invalidate-pats-manually-598 deleted (was 43a82152) sbp
• (tooling-trusted-releases) branch main updated: Manual PAT removal; fixes #598 sbp
• (tooling-trusted-releases) branch invalidate-pats-manually-598 updated (8dd0e3ba -> 43a82152) akm
• (tooling-trusted-releases) branch main updated (e693c2da -> 7281bdce) sbp
• (tooling-trusted-releases) branch main updated (48078cc5 -> e693c2da) sbp
• (tooling-trusted-releases) branch sbp updated: Use asfquart main, as it now supports maximum session lifetimes sbp
• (tooling-trusted-releases) branch sbp updated: Keep a strict subset of GitHub OIDC payloads sbp
• (tooling-trusted-releases) branch main updated (731a2962 -> 48078cc5) sbp
• (tooling-trusted-releases) branch main updated (141036f3 -> 731a2962) sbp
• (tooling-trusted-releases) branch sbp updated: Document the use of safe Markdown to HTML rendering in cmarkgfm sbp
• (tooling-trusted-releases) branch sbp updated (32550b7e -> 731a2962) sbp
  • (tooling-trusted-releases) 01/01: Check for banned ASF accounts in more places sbp
• (tooling-trusted-releases) branch main updated: Bump astral-sh/setup-uv from 7.2.0 to 7.3.0 sbp
• (tooling-trusted-releases) branch dependabot/github_actions/astral-sh/setup-uv-7.3.0 deleted (was b8a0cba8) sbp
• (tooling-trusted-releases) branch main updated: Return 404 when project is unknown in api endpoint call sbp
• (tooling-trusted-releases) branch main updated (f60da54d -> 030b4fc3) sbp
• (tooling-trusted-releases) branch arm updated (09fcb634 -> 3cd36ebb) arm
• (tooling-trusted-releases) branch sbp updated: Use the intersection of algorithms from asyncssh and ssh-audit sbp
• (tooling-trusted-releases) branch arm updated (f7aa150d -> 09fcb634) arm
• (tooling-trusted-releases) branch main updated (5d3140b0 -> f60da54d) sbp
• (tooling-trusted-releases) branch arm updated (9c2ab2b8 -> f7aa150d) arm
• (tooling-trusted-releases) branch dependabot/uv/werkzeug-3.1.6 deleted (was 74b6beac) github-bot
• (tooling-trusted-releases) branch dependabot/uv/flask-3.1.3 deleted (was c399547d) github-bot
• (tooling-trusted-releases) branch main updated (bb72770d -> 5d3140b0) sbp
• (tooling-trusted-releases) branch main updated (d434f574 -> bb72770d) sbp
• (tooling-trusted-releases) branch dependabot/uv/flask-3.1.3 created (now c399547d) github-bot
• (tooling-trusted-releases) branch dependabot/uv/werkzeug-3.1.6 created (now 74b6beac) github-bot
• (tooling-trusted-releases) branch sbp updated: Fix the encoding of JSON data in the form to move files sbp
• (tooling-trusted-releases) branch arm updated (96e1972f -> 9c2ab2b8) arm
• (tooling-trusted-releases) branch main updated (921c41df -> d434f574) sbp
• (tooling-trusted-releases) branch sbp updated: Rebuild JavaScript files sbp
• (tooling-trusted-releases) branch arm updated: Remove cache ignore logic from cache key methods since we can't have an empty cache key now. Add policy dependencies to license and RAT checks. arm
• (tooling-trusted-releases) branch arm updated (8463929f -> 87f6584c) arm
  • (tooling-trusted-releases) 02/02: Move github model into general models out of SBOM models arm
  • (tooling-trusted-releases) 01/02: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• (tooling-trusted-releases) branch arm updated (48b66b8f -> 8463929f) arm
  • (tooling-trusted-releases) 01/02: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
  • (tooling-trusted-releases) 02/02: Move github model into general models out of SBOM models arm
• (tooling-trusted-releases) branch arm updated (1277dd4f -> 48b66b8f) arm
  • (tooling-trusted-releases) 02/02: Move github model into general models out of SBOM models arm
  • (tooling-trusted-releases) 01/02: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• (tooling-trusted-releases) branch arm updated: Move github model into general models out of SBOM models arm
• (tooling-trusted-releases) branch arm updated (6d5b44f4 -> ce340687) arm
  • (tooling-trusted-releases) 01/03: Remove check for task running arm
  • (tooling-trusted-releases) 02/03: Remove check for task running and add unique constraint, for which we try to catch the IntegrityError. Include in playwright tests and don't use revision number to filter individual check results. arm
  • (tooling-trusted-releases) 03/03: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash and signature check and github SHA to source_tree. arm
• (tooling-trusted-releases) branch arm updated (292bbb57 -> 6d5b44f4) arm
  • (tooling-trusted-releases) 01/01: Change attestable hashes to dict and reuse to resolve TOCTOU of check result. Use attestable hashes for check reports. Add version to cache key. Add file hash to hash check and github SHA to source_tree. arm
• (tooling-trusted-releases) branch introduce-atr-status-config created (now ccbb72f5) wave
  • (tooling-trusted-releases) 01/01: Introduce ATR_STATUS and control recipient lists wave
• (tooling-trusted-releases) branch api-project-404-checks created (now 8b44798b) wave
  • (tooling-trusted-releases) 01/01: Return 404 when project is unknown in api endpoint call wave
• (tooling-trusted-releases) branch invalidate-pats-manually-598 created (now 8dd0e3ba) akm
  • (tooling-trusted-releases) 01/02: Invalidate PATs; fixes #598 akm
  • (tooling-trusted-releases) 02/02: Manual PAT removal; fixes #598 akm
• (tooling-trusted-releases) branch sbp updated (eb5b199a -> d434f574) sbp
  • (tooling-trusted-releases) 01/01: Set stricter permissions on all directories in revisions sbp
• (tooling-trusted-releases) branch block-scm-directories deleted (was c42dba37) sbp
• (tooling-trusted-releases) branch main updated (682d99b8 -> 921c41df) sbp

• Earlier messages
• Later messages