This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/main by this push:
new 9ff6af3 Use sentence case in headings
9ff6af3 is described below
commit 9ff6af34151cb3cbb6f640f57f6aa5a5d323f8a2
Author: Sean B. Palmer <[email protected]>
AuthorDate: Wed Jan 21 20:22:33 2026 +0000
Use sentence case in headings
---
.github/PULL_REQUEST_TEMPLATE.md | 10 +++----
BUILD.md | 56 ++++++++++++++++++++--------------------
CONTRIBUTING.md | 22 ++++++++--------
DEVELOPMENT.md | 24 ++++++++---------
GOVERNANCE.md | 8 +++---
README.md | 4 +--
SUPPORT.md | 10 +++----
7 files changed, 67 insertions(+), 67 deletions(-)
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
index d5b0c1f..8d6cdbc 100644
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,4 +1,4 @@
-## Pull Request Summary <!-- markdownlint-disable-line MD041 -->
+## Pull request summary <!-- markdownlint-disable-line MD041 -->
**Meaningful subject (required):**
@@ -20,7 +20,7 @@ Bad:
---
-## Required Acknowledgements
+## Required acknowledgements
Please replace each `[ ]` with `[x]` to confirm.
PRs missing confirmations may be closed or converted to Draft.
@@ -33,7 +33,7 @@ PRs missing confirmations may be closed or converted to Draft.
---
-## Draft Requirement
+## Draft requirement
If **any** of the following are true:
@@ -47,7 +47,7 @@ Convert to a ready PR only after all acknowledgements above
can be confirmed.
---
-## Rebase Confirmation Details (optional but encouraged)
+## Rebase confirmation details (optional but encouraged)
<!--
If helpful, note how the rebase was done:
@@ -57,7 +57,7 @@ If helpful, note how the rebase was done:
---
-## Additional Notes
+## Additional notes
<!--
Anything reviewers should know:
diff --git a/BUILD.md b/BUILD.md
index b39819f..c0ed22b 100644
--- a/BUILD.md
+++ b/BUILD.md
@@ -1,4 +1,4 @@
-# Build Guide
+# Build guide
This guide covers building ATR and its components. For development setup, see
[DEVELOPMENT.md](DEVELOPMENT.md).
@@ -27,9 +27,9 @@ rehash
uv python install 3.13
```
-## Container Build
+## Container build
-### Build the Alpine Container
+### Build the Alpine container
```shell
make build-alpine
@@ -39,7 +39,7 @@ make build
This runs `scripts/build` to create the `tooling-trusted-release` container
image using `Dockerfile.alpine`.
-### Run the Container
+### Run the container
```shell
make certs-local # Generate certificates first
@@ -61,9 +61,9 @@ The compose configuration:
- Enables test mode (`ALLOW_TESTS=1`)
- Exposes port 8080
-## Documentation Build
+## Documentation build
-### Build All Documentation
+### Build all documentation
```shell
make docs
@@ -76,33 +76,33 @@ This command:
3. Converts Markdown to HTML using cmark
4. Post-processes HTML files
-### Build Without Validation
+### Build without validation
```shell
make build-docs
```
-### How Documentation Build Works
+### How documentation build works
The documentation system uses `scripts/docs_build.py` to automatically
generate navigation from the table of contents in `atr/docs/index.md`. When you
reorganize documentation, just edit the table of contents and run `make docs`
to update all navigation links.
For details, see [Build
Processes](https://release-test.apache.org/docs/build-processes).
-## Python Dependencies
+## Python dependencies
-### Install All Dependencies
+### Install all dependencies
```shell
uv sync --frozen --all-groups
```
-### Install Production Dependencies Only
+### Install production dependencies only
```shell
uv sync --frozen --no-dev
```
-### Update Dependencies
+### Update dependencies
```shell
make update-deps
@@ -110,9 +110,9 @@ make update-deps
This updates `uv.lock` and runs `pre-commit autoupdate`.
-## TLS Certificates
+## TLS certificates
-### For Local Development (mkcert)
+### For local development (mkcert)
```shell
make certs-local
@@ -120,7 +120,7 @@ make certs-local
Creates certificates in `state/hypercorn/secrets/` using mkcert.
-### Self-Signed Certificates
+### Self-signed certificates
```shell
make certs
@@ -128,7 +128,7 @@ make certs
Generates self-signed certificates using `scripts/generate-certificates`.
-## Frontend Assets
+## Frontend assets
### Build Bootstrap
@@ -136,7 +136,7 @@ Generates self-signed certificates using
`scripts/generate-certificates`.
make build-bootstrap
```
-### Bump Bootstrap Version
+### Bump Bootstrap version
```shell
make bump-bootstrap BOOTSTRAP_VERSION=5.3.4
@@ -148,15 +148,15 @@ make bump-bootstrap BOOTSTRAP_VERSION=5.3.4
make build-ts
```
-## Test Builds
+## Test builds
-### Build Playwright Container
+### Build Playwright container
```shell
make build-playwright
```
-### Run Playwright Tests
+### Run Playwright tests
```shell
make run-playwright # Fast tests
@@ -169,15 +169,15 @@ Or use Docker Compose:
sh tests/run-playwright.sh
```
-### Run End-to-End Tests
+### Run end-to-end tests
```shell
sh tests/run-e2e.sh
```
-## Make Targets Reference
+## Make targets reference
-### Build Targets
+### Build targets
| Target | Description |
| ------------------ | -------------------------------------- |
@@ -188,7 +188,7 @@ sh tests/run-e2e.sh
| `build-playwright` | Build Playwright test container |
| `build-ts` | Compile TypeScript |
-### Run Targets
+### Run targets
| Target | Description |
| ----------------------- | ----------------------------------- |
@@ -198,7 +198,7 @@ sh tests/run-e2e.sh
| `run-playwright` | Run Playwright tests (fast) |
| `run-playwright-slow` | Run Playwright tests (full) |
-### Dependency Targets
+### Dependency targets
| Target | Description |
| ------------- | -------------------------------------- |
@@ -206,7 +206,7 @@ sh tests/run-e2e.sh
| `sync-all` | Install all dependencies including dev |
| `update-deps` | Update and lock dependencies |
-### Code Quality Targets
+### Code quality targets
| Target | Description |
| -------------- | ------------------------------ |
@@ -215,7 +215,7 @@ sh tests/run-e2e.sh
| `check-heavy` | Run comprehensive checks |
| `check-extra` | Run interface ordering checks |
-### Utility Targets
+### Utility targets
| Target | Description |
| ------------------ | ---------------------------------- |
@@ -226,7 +226,7 @@ sh tests/run-e2e.sh
| `commit` | Add, commit, pull, push workflow |
| `ipython` | Start IPython shell with project |
-## Configuration Variables
+## Configuration variables
The Makefile supports these variables:
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 06ec8f0..ef75da3 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -4,18 +4,18 @@ Thank you for your interest in contributing to Apache Trusted
Releases (ATR)! Th
For detailed ASF policies, commit message guidelines, and security
considerations, see the [contribution policies
guide](https://release-test.apache.org/docs/how-to-contribute).
-## Before You Start
+## Before you start
> **IMPORTANT:** New contributors must introduce themselves on the
> [development mailing list](mailto:[email protected]) first, to deter
> spam. Please do not submit a PR until you have introduced yourself,
> otherwise it will likely be rejected.
**Subscribe to the mailing list:** Send an email with empty subject and body
to [[email protected]](mailto:[email protected])
and reply to the automated response.
-## Finding Something to Work On
+## Finding something to work on
- Browse the [issue
tracker](https://github.com/apache/tooling-trusted-releases/issues) for open
issues
- For new features or bugs, [create an
issue](https://github.com/apache/tooling-trusted-releases/issues/new) to
discuss before starting work
-## Development Setup
+## Development setup
1. **Fork and clone** the repository:
@@ -42,7 +42,7 @@ For detailed ASF policies, commit message guidelines, and
security consideration
4. **Run the server:** See [DEVELOPMENT.md](DEVELOPMENT.md) for detailed
instructions.
-## Pull Request Workflow
+## Pull request workflow
1. **Create a branch** with a descriptive name:
@@ -74,7 +74,7 @@ For detailed ASF policies, commit message guidelines, and
security consideration
7. **Participate in review** - we may request changes
-## Commit Message Style
+## Commit message style
Use clear, concise commit messages:
@@ -102,7 +102,7 @@ refactoring vote resolution logic
For complex changes, add a body separated by a blank line explaining what and
why (not how).
-## Code Standards Summary
+## Code standards summary
- **Python:** Follow PEP 8, use double quotes, no `# noqa` or `# type: ignore`
- **HTML:** Use Bootstrap classes, avoid custom CSS
@@ -111,7 +111,7 @@ For complex changes, add a body separated by a blank line
explaining what and wh
See the [full code
conventions](https://release-test.apache.org/docs/code-conventions) for
complete guidelines.
-## Running Tests
+## Running tests
```shell
# Browser tests (requires Docker)
@@ -124,7 +124,7 @@ sh tests/run-e2e.sh
make check-light
```
-## ASF Requirements
+## ASF requirements
### Contributor License Agreement
@@ -140,7 +140,7 @@ All contributions are licensed under [Apache License
2.0](https://www.apache.org
Follow the [ASF Code of
Conduct](https://www.apache.org/foundation/policies/conduct.html).
-## Security Considerations
+## Security considerations
ATR's primary goal is to prevent supply chain attacks. When contributing:
@@ -150,13 +150,13 @@ ATR's primary goal is to prevent supply chain attacks.
When contributing:
- Consider security implications of your changes
- Report security issues via the [ASF security
process](https://www.apache.org/security/) (not public issues)
-## Getting Help
+## Getting help
- **Mailing list:**
[[email protected]](https://lists.apache.org/[email protected])
- **Slack:**
[#apache-trusted-releases](https://the-asf.slack.com/archives/C049WADAAQG) on
ASF Slack
- **Issue tracker:** Comment on relevant issues or PRs
- **Documentation:** [Developer
Guide](https://release-test.apache.org/docs/developer-guide)
-## Alternative: Email Patches
+## Alternative: email patches
If you prefer not to use GitHub, you can [email
patches](https://lists.apache.org/[email protected]) using
standard Git patch formatting.
diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md
index b4aba2c..ac0801c 100644
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -1,4 +1,4 @@
-# Development Guide
+# Development guide
This guide will help you get started with developing ATR. For detailed
technical documentation, see the [Developer
Guide](https://release-test.apache.org/docs/developer-guide).
@@ -19,7 +19,7 @@ ATR can be developed on **Linux** or **macOS**. Windows and
other platforms are
**Installed via `uv sync`:** pre-commit, ruff, pyright, playwright, and other
dev/test tools (see `pyproject.toml`).
-### Platform-Specific Installation
+### Platform-specific installation
**Alpine Linux:**
@@ -38,11 +38,11 @@ rehash
uv python install 3.13
```
-## Quick Start
+## Quick start
There are two ways to run the server: in a container (recommended) or
directly. **Do not use both methods simultaneously** - they share the same
state directory and will conflict.
-### Option 1: Docker Compose (Recommended)
+### Option 1: Docker Compose (recommended)
The easiest way to run ATR with all dependencies (CycloneDX, syft, Apache RAT
for SBOM generation and license checking):
@@ -80,7 +80,7 @@ docker compose run --rm atr bash # Start container with
shell (not ATR)
docker compose down # Stop the server
```
-### Option 2: Running Directly
+### Option 2: Running directly
For faster iteration without containers:
@@ -118,7 +118,7 @@ Alternatively, use
[`https://127.0.0.1:8080/`](https://127.0.0.1:8080/) without
**Initial startup:** It takes 1-2 minutes to fetch committee and project
information from the ASF website. Until complete, no existing
committees/projects will appear.
-## Development Workflow
+## Development workflow
1. **Set up pre-commit hooks:**
@@ -146,7 +146,7 @@ Alternatively, use
[`https://127.0.0.1:8080/`](https://127.0.0.1:8080/) without
make docs
```
-## Key Make Targets
+## Key Make targets
| Target | Description |
| ----------------------- | ---------------------------------- |
@@ -159,7 +159,7 @@ Alternatively, use
[`https://127.0.0.1:8080/`](https://127.0.0.1:8080/) without
See [BUILD.md](BUILD.md) for the complete list of build targets.
-## Project Structure
+## Project structure
```text
tooling-trusted-releases/
@@ -180,7 +180,7 @@ tooling-trusted-releases/
└── tests/ # Test configuration and e2e tests
```
-## Useful Resources
+## Useful resources
- **[Overview of the
Code](https://release-test.apache.org/docs/overview-of-the-code)** - High-level
architecture
- **[Running and Creating
Tests](https://release-test.apache.org/docs/running-and-creating-tests)** -
Testing guide
@@ -190,7 +190,7 @@ tooling-trusted-releases/
## Troubleshooting
-### Certificate Issues
+### Certificate issues
If you encounter TLS certificate problems when running directly:
@@ -200,7 +200,7 @@ If you encounter TLS certificate problems when running
directly:
> **Security note:** `mkcert -install` creates a CA valid for 10 years for
> your system, Java, and Firefox. If the private key (`rootCA-key.pem` in the
> directory shown by `mkcert -CAROOT`) is ever leaked, anyone could create
> certificates trusted by your system. See the [mkcert
> caveats](https://github.com/FiloSottile/mkcert#installation).
-### Container Issues
+### Container issues
If Docker Compose fails:
@@ -211,7 +211,7 @@ docker compose build --no-cache
docker compose up
```
-### Session Caching (Local Development)
+### Session caching (local development)
Developers without LDAP credentials can cache session information:
diff --git a/GOVERNANCE.md b/GOVERNANCE.md
index 3ef336b..a48b410 100644
--- a/GOVERNANCE.md
+++ b/GOVERNANCE.md
@@ -2,7 +2,7 @@
This document describes the governance model for Apache Trusted Releases (ATR).
-## Project Status
+## Project status
ATR is developed by **ASF Tooling**, an initiative of the Apache Software
Foundation rather than a top-level project (TLP). This means ATR follows the
development processes and governance structure of Tooling.
@@ -17,11 +17,11 @@ ASF Tooling is an ASF initiative launched in 2025,
responsible for:
- Reducing technical debt
- Enhancing collaboration throughout the ASF
-## Decision Making
+## Decision making
TODO: Document the decision-making process for ATR.
-## Roles and Responsibilities
+## Roles and responsibilities
TODO: Document roles (committers, PMC members, contributors, etc.)
@@ -35,7 +35,7 @@ TODO: Document roles (committers, PMC members, contributors,
etc.)
All participants in the ATR community are expected to follow the [ASF Code of
Conduct](https://www.apache.org/foundation/policies/conduct.html).
-## Related ASF Policies
+## Related ASF policies
- [Apache Release Policy](https://www.apache.org/legal/release-policy.html)
- [ASF Contributor License
Agreements](https://www.apache.org/licenses/contributor-agreements.html)
diff --git a/README.md b/README.md
index 383c9d7..33e602e 100644
--- a/README.md
+++ b/README.md
@@ -27,7 +27,7 @@ Please review our [issue
tracker](https://github.com/apache/tooling-trusted-rele
> It does not represent final technical or policy decisions for future ASF
> Tooling products.
> The code is provided without guarantees regarding stability, security, or
> backward compatibility.
-## Quick Start
+## Quick start
**Run with Docker Compose (recommended):**
@@ -54,7 +54,7 @@ See [DEVELOPMENT.md](DEVELOPMENT.md) for more options
including running without
**Online documentation:** https://release-test.apache.org/docs/
-## Getting Involved
+## Getting involved
Community feedback is encouraged! If you are an ASF committer or contributor
interested in Trusted Releases:
diff --git a/SUPPORT.md b/SUPPORT.md
index e415dc8..39d1a54 100644
--- a/SUPPORT.md
+++ b/SUPPORT.md
@@ -2,9 +2,9 @@
This document describes how to get help with Apache Trusted Releases (ATR).
-## Getting Help
+## Getting help
-### Mailing List (Primary)
+### Mailing list (primary)
The development mailing list is the primary forum for ATR discussions:
@@ -18,13 +18,13 @@ Chat with the team in real-time:
💬
**[#apache-trusted-releases](https://the-asf.slack.com/archives/C049WADAAQG)**
on ASF Slack
-### Issue Tracker
+### Issue tracker
Report bugs or request features:
🐛 **[GitHub
Issues](https://github.com/apache/tooling-trusted-releases/issues)**
-## Reporting Bugs
+## Reporting bugs
1. Check [existing
issues](https://github.com/apache/tooling-trusted-releases/issues) to avoid
duplicates
2. [Create a new
issue](https://github.com/apache/tooling-trusted-releases/issues/new) with:
@@ -33,7 +33,7 @@ Report bugs or request features:
- Expected vs. actual behavior
- Environment details (OS, browser, etc.)
-## Security Issues
+## Security issues
⚠️ **Do not open public issues for security vulnerabilities.**
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
