This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch sbp
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/sbp by this push:
new 70cdb2a2 Temporarily allow .gitkeep release files throughout
70cdb2a2 is described below
commit 70cdb2a2c58655a2bc79f49eeeddd81098a58b54
Author: Sean B. Palmer <[email protected]>
AuthorDate: Wed Feb 25 15:49:46 2026 +0000
Temporarily allow .gitkeep release files throughout
---
atr/storage/writers/release.py | 4 ++--
atr/tasks/checks/paths.py | 5 ++---
atr/util.py | 13 ++++++++++++-
3 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/atr/storage/writers/release.py b/atr/storage/writers/release.py
index 411bd642..271d86c5 100644
--- a/atr/storage/writers/release.py
+++ b/atr/storage/writers/release.py
@@ -680,8 +680,8 @@ class CommitteeParticipant(FoundationCommitter):
if not await aiofiles.os.path.exists(target_path):
for part in target_path.parts:
# TODO: This .prefix check could include some existing
directory segment
- if part.startswith("."):
- raise types.FailedError("Segments must not start with '.'")
+ if util.is_disallowed_dotfile(part):
+ raise types.FailedError("This segment is a disallowed
dotfile")
if ".." in part:
raise types.FailedError("Segments must not contain '..'")
diff --git a/atr/tasks/checks/paths.py b/atr/tasks/checks/paths.py
index 62678b49..36ce14c0 100644
--- a/atr/tasks/checks/paths.py
+++ b/atr/tasks/checks/paths.py
@@ -235,14 +235,13 @@ async def _check_path_process_single( # noqa: C901
warnings,
)
return
- elif any(part.startswith(".") for part in relative_path.parts):
+ elif any(util.is_disallowed_dotfile(part) for part in relative_path.parts):
# TODO: There is not a a policy for this
# We should enquire as to whether such a policy should be instituted
# We're forbidding dotfiles to catch accidental uploads of e.g. .git
or .htaccess
# Such cases are likely to be in error, and could carry security risks
# We allow .atr/ files, e.g. .atr/license-headers-ignore
- if relative_path.parts[0] != ".atr":
- errors.append("Dotfiles are forbidden")
+ errors.append("Contains a segment that is a disallowed dotfile")
search = re.search(analysis.extension_pattern(), relative_path_str)
ext_artifact = search.group("artifact") if search else None
diff --git a/atr/util.py b/atr/util.py
index 93bf0d10..6586ff52 100644
--- a/atr/util.py
+++ b/atr/util.py
@@ -603,6 +603,17 @@ async def is_dir_resolve(path: pathlib.Path) ->
pathlib.Path | None:
return resolved_path
+def is_disallowed_dotfile(segment: str) -> bool:
+ if not segment.startswith("."):
+ return False
+ if segment.startswith(".atr"):
+ return False
+ # Temporary, and only due to issues #757 and #769
+ if segment == ".gitkeep":
+ return False
+ return True
+
+
def is_ldap_configured() -> bool:
return ldap.get_bind_credentials() is not None
@@ -1158,7 +1169,7 @@ def validate_path_segment(path_segment: str, position:
str = "Path segment") ->
if path_segment in (".git", ".svn"):
raise ValueError(f"{position} cannot be a SCM directory")
- if path_segment.startswith(".") and (not path_segment.startswith(".atr")):
+ if is_disallowed_dotfile(path_segment):
raise ValueError(f"{position} cannot be a DOT file")
return path_segment
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
