This is an automated email from the ASF dual-hosted git repository.
sbp pushed a change to branch valildate-sec-fetch-headers
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
omit a1e7ede3 Put back to double check
omit 58ee434c Something broke in integration tests
omit 60dbe525 Update sec-fetch checks
omit c21cd313 Validate sec-fetch headers
add 219d64af OF - fix typo
add de57ce15 Change data models to Subset instead of Lax - closes #777
add b7eba2f5 Drop admin privileges (#796)
add 18d73aab Add failed authentication logging to identified areas. Closes
#725
add e58a18aa Validate vulnerability URLs are http/s. Closes #768
add b0386f71 Remove empty test method added by accident
add 690e461f Use experimental CodeQL query suites for actions
add 2f68b218 Add check_access back into routes which require it and remove
from GET generally.
add 2a7d4ea7 Remove unnecessary test endpoint
add 83b03439 Make one of the compose tests more reliable
add 3799e8e6 Use two separate functions for the main phases of revision
finalisation
add 7340df57 Add a method to perform quarantine checks when creating a
revision
add 085e2969 Allow wider access to files and check results
add f4b7ca05 #344 - instructions on how to upload via GitHub Actions
add b6d5e96c Restore the trailing slash on the documentation route path
add fcdad6d7 Augment manual vote resolution validation
add d7739e3c Adding comment; fixes #773
add c2e1f7d1 Adding comment; fixes #767
add 8b22964a Adding a comment about octet-stream; fixes #714
add 5311b7e4 Adding comment about data display; fixes #711
add 7bd8eafc #656 - add check_access to remaining handlers
add 84e9697e Fix JWT token validation
add 0f5bbd2e Get Tooling members from LDAP instead of a hardcoded list
add 92d0e063 Validate sec-fetch headers
add 3b06a693 Update sec-fetch checks
add 0a4ff64c Something broke in integration tests
add 43177279 Put back to double check
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (a1e7ede3)
\
N -- N -- N refs/heads/valildate-sec-fetch-headers (43177279)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
No new revisions were added by this update.
Summary of changes:
.github/workflows/codeql.yaml | 5 +-
atr/admin/__init__.py | 34 ---
atr/admin/templates/toggle-admin-view.html | 9 +-
atr/api/__init__.py | 2 +-
atr/blueprints/get.py | 6 -
atr/config.py | 1 +
atr/datasources/apache.py | 16 +-
atr/detection.py | 14 +
atr/form.py | 1 +
atr/get/announce.py | 1 +
atr/get/compose.py | 1 +
atr/get/distribution.py | 12 +-
atr/get/docs.py | 2 +-
atr/get/download.py | 6 +-
atr/get/draft.py | 1 +
atr/get/finish.py | 1 +
atr/get/ignores.py | 3 +-
atr/get/manual.py | 2 +
atr/get/release.py | 3 +-
atr/get/result.py | 2 +
atr/get/revisions.py | 1 +
atr/get/sbom.py | 8 +-
atr/get/start.py | 3 +-
atr/get/upload.py | 57 +++-
atr/get/voting.py | 1 +
atr/htm.py | 1 +
atr/jwtoken.py | 14 +-
atr/ldap.py | 34 +++
atr/log.py | 11 +
atr/models/distribution.py | 28 +-
atr/models/sql.py | 1 +
atr/post/distribution.py | 2 +
atr/post/ignores.py | 1 +
atr/post/keys.py | 1 +
atr/post/manual.py | 20 +-
atr/registry.py | 2 +-
atr/shared/distribution.py | 11 +-
atr/ssh.py | 11 +-
atr/static/css/atr.css | 12 +-
atr/storage/writers/revision.py | 368 ++++++++++++++++++++--
atr/storage/writers/tokens.py | 7 +-
atr/storage/writers/vote.py | 24 +-
atr/user.py | 5 +
atr/util.py | 17 +-
atr/web.py | 3 +-
migrations/versions/0054_2026.03.02_3799e8e6.py | 38 +++
tests/e2e/compose/test_get.py | 5 +
tests/unit/test_create_revision.py | 13 +-
tests/unit/test_create_revision_quarantine.py | 385 ++++++++++++++++++++++++
tests/unit/test_detection.py | 38 +++
50 files changed, 1094 insertions(+), 150 deletions(-)
create mode 100644 migrations/versions/0054_2026.03.02_3799e8e6.py
create mode 100644 tests/unit/test_create_revision_quarantine.py
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
