dev  

Messages by Date

• 2026/05/06 Re: [I] ASVS scan of airflow/airflow-core (tooling-agents) via GitHub
• 2026/05/06 [I] ASVS scan of airflow/airflow-core (tooling-agents) via GitHub
• 2026/05/06 [I] ASVS scan of gofannon (tooling-agents) via GitHub
• 2026/05/06 [I] mahout (tooling-agents) via GitHub
• 2026/05/06 [I] steve/v3 (tooling-agents) via GitHub
• 2026/05/06 Re: [I] The `Apache` prefix in project name (tooling-trusted-releases) via GitHub
• 2026/05/06 [I] The `Apache` prefix in project name (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Review Maven ATR plugin and make recommendations (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Review Maven ATR plugin and make recommendations (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Introduce a `{{PROJECT_LABEL}}` template variable (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Introduce a `{{PROJECT_LABEL}}` template variable (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Introduce a `{{PROJECT_LABEL}}` template variable (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Introduce a `{{PROJECT_LABEL}}` template variable (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Introduce a `{{PROJECT_LABEL}}` template variable (tooling-trusted-releases) via GitHub
• 2026/05/06 [I] Introduce a `{{PROJECT_LABEL}}` template variable (tooling-trusted-releases) via GitHub
• 2026/05/06 [I] ASVS scan of log4net (tooling-agents) via GitHub
• 2026/05/06 Re: [I] Stale per-section reports left behind when discovery reassigns ASVS sections to different domains (tooling-agents) via GitHub
• 2026/05/06 Re: [I] Stale per-section reports left behind when discovery reassigns ASVS sections to different domains (tooling-agents) via GitHub
• 2026/05/06 Re: [I] Refactor prompts (tooling-agents) via GitHub
• 2026/05/06 Re: [I] Refactor prompts (tooling-agents) via GitHub
• 2026/05/06 Re: [I] Steve run issue (tooling-agents) via GitHub
• 2026/05/06 Re: [I] Steve run issue (tooling-agents) via GitHub
• 2026/05/06 Re: [I] Test critical finding carve-out with privateRepo (tooling-agents) via GitHub
• 2026/05/06 Re: [I] Test critical finding carve-out with privateRepo (tooling-agents) via GitHub
• 2026/05/06 [I] Add the option, on by default, to automatically resolve hybrid votes (tooling-trusted-releases) via GitHub
• 2026/05/06 [I] Count IPMC members' votes from a PPMC first round vote in the second round too (tooling-trusted-releases) via GitHub
• 2026/05/06 [I] Remind binding voters to vote through ATR in Trusted Vote mode (tooling-trusted-releases) via GitHub
• 2026/05/06 [I] Add API endpoints for the Trusted Vote mode (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Warn when an uploaded OpenPGP key does not have the ASF UID of the user (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Warn when an uploaded OpenPGP key does not have the ASF UID of the user (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Fix bugs associated with the manual voting mode (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Fix bugs associated with the manual voting mode (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Use a prefix for all secret tokens, and inform selected third party scanners (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] LICENSE validation fails with https instead of http (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] LICENSE validation fails with https instead of http (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Use a prefix for all secret tokens, and inform selected third party scanners (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Improve error reporting (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Improve error reporting (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Use a prefix for all secret tokens, and inform selected third party scanners (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Perform checks as early as possible for private keys being accidentally uploaded (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Perform checks as early as possible for private keys being accidentally uploaded (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Allow uploading an OpenPGP key as a file (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Allow uploading an OpenPGP key as a file (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] After a failed upload, the upload form is only available through a refresh (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] After a failed upload, the upload form is only available through a refresh (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] SHA-512 generation failed despite a valid signature (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] SHA-512 generation failed despite a valid signature (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Allow uploading an OpenPGP key as a file (tooling-trusted-releases) via GitHub
• 2026/05/06 [I] Perform checks as early as possible for private keys being accidentally uploaded (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Internal server error for finished release (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Internal server error for finished release (tooling-trusted-releases) via GitHub
• 2026/05/06 Re: [I] Improve error reporting (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Delete draft release without attached artifacts (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Delete draft release without attached artifacts (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Incorrect license checks for non-code files (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Delete draft release without attached artifacts (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] The project settings page should be more prominent and better integrated (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Project page reorganization (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Incorrect license checks for non-code files (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Lifecycle event model (tooling-trusted-releases) via GitHub
• 2026/05/05 [GH] Project cycle model - data models and initial CLE doc generation (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Incorrect license checks for non-code files (tooling-trusted-releases) via GitHub
• 2026/05/05 [GH] Project cycle model - data models and initial CLE doc generation (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Lifecycle event model (tooling-trusted-releases) via GitHub
• 2026/05/05 [GH] Project cycle model - data models and initial CLE doc generation (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] LICENSE validation fails with https instead of http (tooling-trusted-releases) via GitHub
• 2026/05/05 [PR] Project cycle model - data models and initial CLE doc generation (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Error when registering SSH key (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Request timeout when uploading multiple files (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Request timeout when uploading multiple files (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Error when registering SSH key (tooling-trusted-releases) via GitHub
• 2026/05/05 Re: [I] Error when registering SSH key (tooling-trusted-releases) via GitHub
• 2026/05/05 [I] Improve error reporting (tooling-trusted-releases) via GitHub
• 2026/05/05 [I] Error when registering SSH key (tooling-trusted-releases) via GitHub
• 2026/05/05 [GH] Project delete / archival (tooling-trusted-releases) via GitHub
• 2026/05/05 [GH] Project delete / archival (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Incorrect license checks for non-code files (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Incorrect license checks for non-code files (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Incorrect license checks for non-code files (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [PR] HOWTO on using vast.ai (tooling-agents) via GitHub
• 2026/05/04 [PR] HOWTO on using vast.ai (tooling-agents) via GitHub
• 2026/05/04 [I] Internal server error for finished release (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Review Maven ATR plugin and make recommendations (tooling-trusted-releases) via GitHub
• 2026/05/04 [I] Delete draft release without attached artifacts (tooling-trusted-releases) via GitHub
• 2026/05/04 [GH] Project delete / archival (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] All emails queried from LDAP on every vote tabulation (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Require the release manager to confirm that they are ignoring non-blocking errors (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] All emails queried from LDAP on every vote tabulation (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] All emails queried from LDAP on every vote tabulation (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Add a vote mode where binding votes must be cast through ATR (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Add a vote mode where binding votes must be cast through ATR (tooling-trusted-releases) via GitHub
• 2026/05/04 [I] Add improvements and enhancements for the Trusted Vote mode (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Require the release manager to confirm that they are ignoring non-blocking errors (tooling-trusted-releases) via GitHub
• 2026/05/04 [I] Third-party retractions (tooling-agents) via GitHub
• 2026/05/04 Re: [I] Request timeout when uploading multiple files (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] The output of the standard sha512 tool is rejected by checks (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] The output of the standard sha512 tool is rejected by checks (tooling-trusted-releases) via GitHub
• 2026/05/04 [I] Fix the Dependabot alert about uuid in Mermaid (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Incorrect license checks for non-code files (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] ATR Failure feedback about "Zipformat Structure: Root directory mismatch" is confusing (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] ATR Failure feedback about "Zipformat Structure: Root directory mismatch" is confusing (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Programming language should be a list (tooling-trusted-releases) via GitHub
• 2026/05/04 Re: [I] Category should be a list (tooling-trusted-releases) via GitHub
• 2026/05/03 [I] Incorrect license checks for non-code files (tooling-trusted-releases) via GitHub
• 2026/05/03 Re: [I] LICENSE validation fails with https instead of http (tooling-trusted-releases) via GitHub
• 2026/05/03 Re: [I] ATR Failure feedback about "Zipformat Structure: Root directory mismatch" is confusing (tooling-trusted-releases) via GitHub
• 2026/05/03 Re: [I] ATR Failure feedback about "Zipformat Structure: Root directory mismatch" is confusing (tooling-trusted-releases) via GitHub
• 2026/05/03 [I] ATR Failure feedback about "Zipformat Structure: Root directory mismatch" is confusing (tooling-trusted-releases) via GitHub
• 2026/05/02 [I] Stale per-section reports left behind when discovery reassigns ASVS sections to different domains (tooling-agents) via GitHub
• 2026/05/02 Re: [I] Refactor prompts (tooling-agents) via GitHub
• 2026/04/30 Re: [I] Investigate remote promotion of artifacts on third party platforms (tooling-trusted-releases) via GitHub
• 2026/04/30 [GH] Api auth decorators 1169 (tooling-trusted-releases) via GitHub
• 2026/04/30 [GH] Api auth decorators 1169 (tooling-trusted-releases) via GitHub
• 2026/04/30 Re: [PR] Api auth decorators 1169 (tooling-trusted-releases) via GitHub
• 2026/04/30 Re: [PR] Api auth decorators 1169 (tooling-trusted-releases) via GitHub
• 2026/04/30 Re: [VOTE] Release Tooling 0.4 wave
• 2026/04/30 Re: [VOTE] Release Tooling 0.4 wave
• 2026/04/30 Re: [VOTE] Release Tooling 0.4 clr
• 2026/04/30 Re: [VOTE] Release Tooling 0.4 sbp
• 2026/04/30 Re: [VOTE] Release Tooling 0.4 sbp
• 2026/04/30 [VOTE] Release Tooling 0.4 sbp
• 2026/04/30 [I] Handle missing committee logos with appropriate fallback (tooling-trusted-releases) via GitHub
• 2026/04/30 Re: [I] Refactor prompts (tooling-agents) via GitHub
• 2026/04/30 Re: [I] Refactor prompts (tooling-agents) via GitHub
• 2026/04/30 Re: [I] Refactor prompts (tooling-agents) via GitHub
• 2026/04/30 Re: [I] Compression of inputs (tooling-agents) via GitHub
• 2026/04/30 Re: [I] Refactor prompts (tooling-agents) via GitHub
• 2026/04/30 [I] Compression of inputs (tooling-agents) via GitHub
• 2026/04/29 [I] Refactor prompts (tooling-agents) via GitHub
• 2026/04/29 Re: [I] Set a 14 day cooldown for npm packages in Dependabot (tooling-trusted-releases) via GitHub
• 2026/04/29 Re: [I] Discuss how we handle private mailing list votes in the security model (tooling-trusted-releases) via GitHub
• 2026/04/29 [I] Investigate scrutineer (tooling-trusted-releases) via GitHub
• 2026/04/29 Re: [PR] Bump astral-sh/setup-uv from 8.0.0 to 8.1.0 (tooling-releases-client) via GitHub
• 2026/04/29 Re: [PR] Bump actions/upload-artifact from 7.0.0 to 7.0.1 (tooling-releases-client) via GitHub
• 2026/04/29 Re: [PR] Bump actions/cache from 5.0.4 to 5.0.5 (tooling-releases-client) via GitHub
• 2026/04/29 Re: [PR] Bump astral-sh/setup-uv from 8.0.0 to 8.1.0 (tooling-trusted-releases) via GitHub
• 2026/04/28 Re: [I] API to list PMCs approved for CI staging (tooling-trusted-releases) via GitHub
• 2026/04/28 [I] Add committee metadata along with admin updates (tooling-trusted-releases) via GitHub
• 2026/04/28 Re: [PR] Adding endpoint to list projects using CI staging (tooling-trusted-releases) via GitHub
• 2026/04/28 Re: [PR] Adding endpoint to list projects using CI staging (tooling-trusted-releases) via GitHub
• 2026/04/28 [PR] Bump astral-sh/setup-uv from 8.0.0 to 8.1.0 (tooling-trusted-releases) via GitHub
• 2026/04/28 [GH] Api auth decorators 1169 (tooling-trusted-releases) via GitHub
• 2026/04/28 Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
• 2026/04/28 Re: [I] Allow private vote threads to be tallied (tooling-trusted-releases) via GitHub
• 2026/04/28 [I] Add a vote mode for security releases (tooling-trusted-releases) via GitHub
• 2026/04/28 Re: [I] Allow private vote threads to be tallied (tooling-trusted-releases) via GitHub
• 2026/04/28 [PR] Api auth decorators 1169 (tooling-trusted-releases) via GitHub
• 2026/04/28 [I] Fix bugs associated with the manual voting mode (tooling-trusted-releases) via GitHub
• 2026/04/28 Re: [I] Migrate from pgpy to rpgp-py (tooling-trusted-releases) via GitHub
• 2026/04/28 Re: [I] Migrate from pgpy to rpgp-py (tooling-trusted-releases) via GitHub
• 2026/04/27 [PR] Bump astral-sh/setup-uv from 8.0.0 to 8.1.0 (tooling-actions) via GitHub
• 2026/04/27 [PR] Bump astral-sh/setup-uv from 8.0.0 to 8.1.0 (tooling-releases-client) via GitHub
• 2026/04/27 Re: [I] Anonymous emails come back from lists.a.o (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] Anonymous emails come back from lists.a.o (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] Record votes in the database (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] Record votes in the database (tooling-trusted-releases) via GitHub
• 2026/04/27 [I] Add a vote mode where binding votes must be cast through ATR (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] Set a 14 day cooldown for npm packages in Dependabot (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] Set a 14 day cooldown for npm packages in Dependabot (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] Migrate from pgpy to rpgp-py (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] A sources JAR was not detected as source by the classifier (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] A sources JAR was not detected as source by the classifier (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] Migrate from pgpy to rpgp-py (tooling-trusted-releases) via GitHub
• 2026/04/27 Re: [I] Migrate from pgpy to rpgp-py (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Whole release check results are omitted in the vote table (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Whole release check results are omitted in the vote table (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Whole release check results are omitted in the vote table (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Whole release check results are omitted in the vote table (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] The project settings page should be more prominent and better integrated (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] The output of the standard sha512 tool is rejected by checks (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Explain the consequences of OpenPGP committee association (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Allow uploading an OpenPGP key as a file (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Make email address selection in OpenPGP key generation clearer (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] After a failed upload, the upload form is only available through a refresh (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Request timeout when uploading multiple files (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] Allow release managers to be notified by email when a vote ends (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] Whole release check results are omitted in the vote table (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] Change the navigation element on phase pages (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] The project settings page should be more prominent and better integrated (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] The output of the standard sha512 tool is rejected by checks (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] SHA-512 generation failed despite a valid signature (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] Explain the consequences of OpenPGP committee association (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] Allow uploading an OpenPGP key as a file (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] Make email address selection in OpenPGP key generation clearer (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] A sources JAR was not detected as source by the classifier (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] After a failed upload, the upload form is only available through a refresh (tooling-trusted-releases) via GitHub
• 2026/04/24 [I] Request timeout when uploading multiple files (tooling-trusted-releases) via GitHub
• 2026/04/24 Re: [I] Migrate from pgpy to rpgp-py (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] Discuss how we handle private mailing list votes in the security model (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] Record votes in the database (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] Record votes in the database (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] JWT DOM Auto-Clear Lacks Page Lifecycle Event Handlers (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] JWT DOM Auto-Clear Lacks Page Lifecycle Event Handlers (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] Add size limits to SSH/rsync file uploads (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] Add size limits to SSH/rsync file uploads (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] Binary Tool Downloaded Without Integrity Verification (CycloneDX CLI) (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] No Formal SBOM for ATR's Own Third-Party Dependencies (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] API Policy Update Bypasses Form-Level Business Validation (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] API Policy Update Bypasses Form-Level Business Validation (tooling-trusted-releases) via GitHub
• 2026/04/23 Re: [I] Add size limits to SSH/rsync file uploads (tooling-trusted-releases) via GitHub

• Earlier messages
• Later messages