Messages by Thread
-
Re: [I] Add SHA512 generation to attestations (tooling-trusted-releases)
via GitHub
-
Re: [I] Document what moving files in the compose phase does (tooling-trusted-releases)
via GitHub
-
[PR] #1177 - allow zip format archives (jar, war, apk, vsix, whl, nar, nbm) to be quarantine checked (tooling-trusted-releases)
via GitHub
-
Re: [PR] #1177 - allow zip format archives (jar, war, apk, vsix, whl, nar, nbm) to be quarantine checked (tooling-trusted-releases)
via GitHub
-
Re: [PR] #1177 - allow zip format archives (jar, war, apk, vsix, whl, nar, nbm) to be quarantine checked (tooling-trusted-releases)
via GitHub
-
[I] Record votes in the database (tooling-trusted-releases)
via GitHub
-
[PR] Update audience values in jwtoken.py (tooling-trusted-releases)
via GitHub
-
[I] Cover more types of archive in quarantine code (tooling-trusted-releases)
via GitHub
-
[PR] #977 and #1022 - rework extraction and quarantine logic to rely on exarch (tooling-trusted-releases)
via GitHub
-
[I] LICENSE validation fails with https instead of http (tooling-trusted-releases)
via GitHub
-
[PR] Use textContent and not innerHTML (tooling-trusted-releases)
via GitHub
-
[PR] Update quart-schema[pydantic] requirement from ~=0.21 to ~=0.23 (tooling-trusted-releases)
via GitHub
-
[PR] Update cyclonedx-python-lib[json-validation] requirement from >=11.0.0 to >=11.7.0 (tooling-trusted-releases)
via GitHub
-
[PR] Update hypercorn[uvloop] requirement from ~=0.17 to ~=0.18 (tooling-trusted-releases)
via GitHub
-
[PR] Only show exception detail in dev environments (tooling-trusted-releases)
via GitHub
-
[I] Add explicit authentication level decorators for API endpoint functions (tooling-trusted-releases)
via GitHub
-
[PR] Do not log the email message body (tooling-trusted-releases)
via GitHub
-
Cannot prepare candidate draft
Craig Russell
-
[PR] Allow character limits on forms, move form error handling to database, add 50k limit to vote form (tooling-trusted-releases)
via GitHub
-
[PR] #1158 - move error handling to database (tooling-trusted-releases)
via GitHub
-
[PR] Adding endpoint to list projects using CI staging (tooling-trusted-releases)
via GitHub
-
[PR] Adding mermaid back in (tooling-trusted-releases)
via GitHub
-
[PR] Adding ssh specifics to docs (tooling-trusted-releases)
via GitHub
-
[I] Add a podling disclaimer to podling release announcements (tooling-trusted-releases)
via GitHub
-
[I] Fix bugs in the vote page for second round podling votes (tooling-trusted-releases)
via GitHub
-
[I] Votes cast on ATR by IPMC members may fail in the second podling round (tooling-trusted-releases)
via GitHub
-
[I] Do not allow first round podling votes to be sent to private lists (tooling-trusted-releases)
via GitHub
-
[I] Send form validation errors through the database, not through flash cookies (tooling-trusted-releases)
via GitHub
-
[I] Hard link files in the incubator directory for podling releases (tooling-trusted-releases)
via GitHub
-
[I] Tabulate votes from the IPMC in the second podling vote round only (tooling-trusted-releases)
via GitHub
-
[I] Document when second round podling votes can be held on `general@` (tooling-trusted-releases)
via GitHub
-
[I] Add SWHID identifiers for release verification (tooling-trusted-releases)
via GitHub
-
[I] MFA OAuth logins fail for developers without LDAP credentials (tooling-trusted-releases)
via GitHub
-
[I] Remove the ability to generate test JWT tokens (tooling-trusted-releases)
via GitHub
-
[PR] Store session data in the server (tooling-trusted-releases)
via GitHub
-
[I] API to list PMCs approved for CI staging (tooling-trusted-releases)
via GitHub
-
[I] Add logging framework to SBOM CLI (tooling-trusted-releases)
via GitHub
-
[PR] Use the debug print format that is used throughout osv.pysv (tooling-trusted-releases)
via GitHub
-
[PR] #1003 - add rate limiting to SSH connections (tooling-trusted-releases)
via GitHub
-
[PR] Bump cryptography from 46.0.6 to 46.0.7 (tooling-trusted-releases)
via GitHub
-
Re: [I] Allow error check results to be turned into a TODO list (tooling-trusted-releases)
via GitHub
-
[I] Resolve security issues with Mermaid (tooling-trusted-releases)
via GitHub
-
[PR] Auth audit log and user preferences (tooling-trusted-releases)
via GitHub
-
[PR] Fix build-bootstrap by resolving ICU dependency for dart-sass (tooling-trusted-releases)
via GitHub
-
Re: [I] pre-commit: add `markdown-link-check` to check for dead links in Markdown files (tooling-docs)
via GitHub
-
[I] Set a 14 day cooldown for npm packages in Dependabot (tooling-trusted-releases)
via GitHub
-
[PR] Bump lodash-es and mermaid in /bootstrap/source (tooling-trusted-releases)
via GitHub
-
[PR] Bump mermaid from 11.4.1 to 11.10.0 in /bootstrap/source (tooling-trusted-releases)
via GitHub
-
[PR] Adding mermaid support (tooling-trusted-releases)
via GitHub
-
Re: [I] Update pre-commit lint to use uv and act on push (tooling-docs)
via GitHub
-
Re: [I] Provide clear instructions for running pre-check locally (tooling-docs)
via GitHub
-
Re: [I] We could add a `Dependabot` config for `actions` updates (tooling-docs)
via GitHub
-
[I] Make build-bootstrap error (tooling-trusted-releases)
via GitHub
-
[PR] Bump pygments from 2.18.0 to 2.20.0 (tooling-docs)
via GitHub
-
[PR] Bump requests from 2.32.5 to 2.33.0 (tooling-docs)
via GitHub
-
[PR] Bump virtualenv from 20.35.4 to 20.36.1 (tooling-docs)
via GitHub
-
[PR] Bump urllib3 from 2.5.0 to 2.6.3 (tooling-docs)
via GitHub
-
[PR] Bump filelock from 3.20.0 to 3.20.3 (tooling-docs)
via GitHub
-
[PR] Bump astral-sh/setup-uv from 7.6.0 to 8.0.0 (tooling-trusted-releases)
via GitHub
-
[PR] Bump astral-sh/setup-uv from 7.6.0 to 8.0.0 (tooling-actions)
via GitHub
-
[PR] Bump astral-sh/setup-uv from 6.4.3 to 8.0.0 (tooling-releases-client)
via GitHub
-
[I] Make server startup more efficient (tooling-trusted-releases)
via GitHub
-
[I] Document vhost configuration (tooling-trusted-releases)
via GitHub
-
[I] Principal Authorization Cache Lacks Purge for Inactive Users (tooling-trusted-releases)
via GitHub
-
[I] HTTP TRACE Method Not Disabled at Apache Reverse Proxy (tooling-trusted-releases)
via GitHub