dev  

Messages by Date

• 2026/02/09 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [I] Check for bombs and other archival problems in uploads (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [I] Document which project options affect file checks (tooling-trusted-releases) via GitHub
• 2026/02/09 [I] Deduplicate check results (tooling-trusted-releases) via GitHub
• 2026/02/09 [I] Use caching on far more checks, as early as possible (tooling-trusted-releases) via GitHub
• 2026/02/09 [PR] Bump actions/cache from 5.0.2 to 5.0.3 (tooling-releases-client) via GitHub
• 2026/02/09 Re: [I] Checks track (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [I] Document which project options affect file checks (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [I] Prevent the reuse of detached session objects in database commit contexts (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [I] Apply URL encoding to query parameters and paths (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [I] Apply URL encoding to query parameters and paths (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [I] Add user configuration for navigation pinning and colour blindness mode (tooling-trusted-releases) via GitHub
• 2026/02/09 Re: [I] Document how to become a Trusted Publishing project (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [I] Use Mailpit to improve email tests (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [I] Document how to become a Trusted Publishing project (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [I] Login/logoff should be a button on the top nav and not a menu (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [I] Login/logoff should be a button on the top nav and not a menu (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [PR] Move auth buttons (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [PR] Move auth buttons (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [I] Add a quarantined validation period after uploading and before checks are started (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [PR] Move auth buttons (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [PR] Check templates linter (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [I] Add a template usage linter (tooling-trusted-releases) via GitHub
• 2026/02/08 Re: [PR] Check templates linter (tooling-trusted-releases) via GitHub
• 2026/02/07 Re: [I] We could add the pull request labeler an action for automatically labelling pull requests (tooling-trusted-releases) via GitHub
• 2026/02/07 Re: [I] We could add the pull request labeler an action for automatically labelling pull requests (tooling-trusted-releases) via GitHub
• 2026/02/07 Re: [I] We could add the pull request labeler an action for automatically labelling pull requests (tooling-trusted-releases) via GitHub
• 2026/02/07 [I] Consider adding zizmor action security checks (tooling-actions) via GitHub
• 2026/02/07 Re: [PR] Move auth buttons (tooling-trusted-releases) via GitHub
• 2026/02/07 Re: [PR] Move auth buttons (tooling-trusted-releases) via GitHub
• 2026/02/07 Re: [I] We could add the pull request labeler an action for automatically labelling pull requests (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [PR] Move auth buttons (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [PR] Move auth buttons (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Login/logoff should be a button on the top nav and not a menu (tooling-trusted-releases) via GitHub
• 2026/02/06 [PR] Check templates linter (tooling-trusted-releases) via GitHub
• 2026/02/06 [PR] Move auth buttons (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add further validation to check site consistency (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Export data through Transparency Exchange API (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Login/logoff should be a button on the top nav and not a menu (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Login/logoff should be a button on the top nav and not a menu (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Document how to become a Trusted Publishing project (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Document how to become a Trusted Publishing project (tooling-trusted-releases) via GitHub
• 2026/02/06 [I] Login/logoff should be a button on the top nav and not a menu (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Document how to become a Trusted Publishing project (tooling-trusted-releases) via GitHub
• 2026/02/06 [I] Document how to become a Trusted Publishing project (tooling-trusted-releases) via GitHub
• 2026/02/06 [I] Add user configuration for navigation pinning and colour blindness mode (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a quarantined validation period after uploading and before checks are started (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a column of file type and classifier to file lists (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a column of file type and classifier to file lists (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a column of file type and classifier to file lists (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a column of file type and classifier to file lists (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a column of file type and classifier to file lists (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a column of file type and classifier to file lists (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a column of file type and classifier to file lists (tooling-trusted-releases) via GitHub
• 2026/02/06 [I] Apply path ignores to implicitly classified source archives (tooling-trusted-releases) via GitHub
• 2026/02/06 [I] Add a column of file type and classifier to file lists (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Check for bombs and other archival problems in uploads (tooling-trusted-releases) via GitHub
• 2026/02/06 [I] Add a quarantined validation period after uploading and before checks are started (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Remove the leading `/` from RAT check results (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] check for zip bombs in uploads (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Remove the leading `/` from RAT check results (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
• 2026/02/06 Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
• 2026/02/06 [I] Remove the leading `/` from RAT check results (tooling-trusted-releases) via GitHub
• 2026/02/05 Re: [I] Add a check to ensure that the source in uploaded archives is a subset of the upstream repository (tooling-trusted-releases) via GitHub
• 2026/02/05 Re: [I] Add a check to ensure that the source in uploaded archives is a subset of the upstream repository (tooling-trusted-releases) via GitHub
• 2026/02/05 Re: [I] check for zip bombs in uploads (tooling-trusted-releases) via GitHub
• 2026/02/05 Re: [I] check for zip bombs in uploads (tooling-trusted-releases) via GitHub
• 2026/02/05 Re: [I] check for zip bombs in uploads (tooling-trusted-releases) via GitHub
• 2026/02/05 Re: [I] check for zip bombs in uploads (tooling-trusted-releases) via GitHub
• 2026/02/05 [I] Nexus 3 testing of both legacy and ATR methods on repository.apache.org (tooling-trusted-releases) via GitHub
• 2026/02/05 Re: [I] Add a check to ensure that the source in uploaded archives is a subset of the upstream repository (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [I] Add a check to ensure that the source in uploaded archives is a subset of the upstream repository (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [I] Allow Projects to be defined via .asf.yaml (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [I] Apply URL encoding to query parameters and paths (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [I] Record masquerades in the audit log (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/02/04 Re: [I] Apply URL encoding to query parameters and paths (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Add a check to ensure that the source in uploaded archives is a subset of the upstream repository (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Implement the "Pause for RM" release policy option (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Add a check to ensure that the source in uploaded archives is a subset of the upstream repository (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Improve session testing by using more realistic workflows (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Improve session testing by using more realistic workflows (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Improve session testing by using more realistic workflows (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Implement the "Pause for RM" release policy option (tooling-trusted-releases) via GitHub
• 2026/02/03 [I] Implement the "Pause for RM" release policy option (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Setup projects vm for development (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [PR] Binding vote noted in email #616 (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Indicate binding vote in mail sent to [email protected] (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [PR] Binding vote noted in email #616 (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/03 [PR] File type validation on upload through web browser (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Fix RuntimeWarning about Queue.join not being awaited (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Fix RuntimeWarning about Queue.join not being awaited (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/02/03 [I] Fix RuntimeWarning about Queue.join not being awaited (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Remove workaround for pip-audit when pip 26.0 is available (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [PR] Bump actions/setup-python from 6.1.0 to 6.2.0 (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Implement PyPi Distributions (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Implement file type/content validation for uploads (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/02/03 Re: [I] Improve session testing by using more realising workflows (tooling-trusted-releases) via GitHub
• 2026/02/02 [PR] Bump actions/setup-python from 6.1.0 to 6.2.0 (tooling-trusted-releases) via GitHub
• 2026/02/02 [I] Remove workaround for pip-audit when pip 26.0 is available (tooling-trusted-releases) via GitHub
• 2026/02/02 [PR] Binding vote noted in email #616 (tooling-trusted-releases) via GitHub
• 2026/02/02 [I] Research whether structured ASFQuart permissions can be used more widely in ATR (tooling-trusted-releases) via GitHub
• 2026/02/02 Re: [I] Allow PMC members to perform PMC actions (tooling-trusted-releases) via GitHub
• 2026/02/02 Re: [I] Allow PMC members to perform PMC actions (tooling-trusted-releases) via GitHub
• 2026/02/02 [I] Improve session testing by using more realising workflows (tooling-trusted-releases) via GitHub
• 2026/02/02 Re: [I] Allow PMC members to perform PMC actions (tooling-trusted-releases) via GitHub
• 2026/02/02 Re: [PR] Bump astral-sh/setup-uv from 6.4.3 to 7.2.0 (tooling-releases-client) via GitHub
• 2026/02/02 Re: [PR] Bump astral-sh/setup-uv from 6.4.3 to 7.2.0 (tooling-releases-client) via GitHub
• 2026/02/02 Re: [PR] Bump actions/upload-artifact from 4.6.2 to 6.0.0 (tooling-releases-client) via GitHub
• 2026/02/02 Re: [PR] Bump actions/checkout from 4.3.0 to 6.0.2 (tooling-releases-client) via GitHub
• 2026/02/02 Re: [PR] Bump actions/setup-python from 6.1.0 to 6.2.0 (tooling-releases-client) via GitHub
• 2026/02/02 [PR] Bump actions/setup-python from 6.1.0 to 6.2.0 (tooling-releases-client) via GitHub
• 2026/02/02 Re: [I] Allow PMC members to perform PMC actions (tooling-trusted-releases) via GitHub
• 2026/02/02 Re: [I] Allow PMC members to perform PMC actions (tooling-trusted-releases) via GitHub
• 2026/02/02 [I] Allow PMC members to perform PMC actions (tooling-trusted-releases) via GitHub
• 2026/02/02 [VOTE] [RESULT] Release Apache Tooling 26.2.2 PASSED sbp
• 2026/02/02 Re: [VOTE] Release Tooling 26.2.2 sbp
• 2026/02/02 [VOTE] Release Tooling 26.2.2 sbp
• 2026/02/02 Re: [I] Discuss upstreaming of certain components (tooling-trusted-releases) via GitHub
• 2026/02/02 Re: [I] Deploy self hosted GitHub action runners for distribution workflows (tooling-trusted-releases) via GitHub
• 2026/02/01 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/02/01 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/02/01 Re: [I] Add a check to ensure that the source in tarballs is the same as the upstream repository (tooling-trusted-releases) via GitHub
• 2026/02/01 Re: [I] Indicate binding vote in mail sent to [email protected] (tooling-trusted-releases) via GitHub
• 2026/02/01 Re: [I] Indicate binding vote in mail sent to [email protected] (tooling-trusted-releases) via GitHub
• 2026/01/31 [I] Indicate binding vote in mail sent to [email protected] (tooling-trusted-releases) via GitHub
• 2026/01/31 Re: [I] Discuss upstreaming of certain components (tooling-trusted-releases) via GitHub
• 2026/01/31 [I] Discuss upstreaming of certain components (tooling-trusted-releases) via GitHub
• 2026/01/31 Re: [I] Enforce absolute maximum session lifetime for web sessions (tooling-trusted-releases) via GitHub
• 2026/01/31 Re: [I] Enforce absolute maximum session lifetime for web sessions (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Export data through Transparency Exchange API (tooling-trusted-releases) via GitHub
• 2026/01/30 [I] Discuss integrations with ECMA standards (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Document database cascades (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Deploy self hosted GitHub action runners for distribution workflows (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Deploy self hosted GitHub action runners for distribution workflows (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Deploy self hosted GitHub action runners for distribution workflows (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Document the checks made by ATR (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Document the checks made by ATR (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Release catalog model (tooling-trusted-releases) via GitHub
• 2026/01/30 [I] Deploy self hosted GitHub action runners for distribution workflows (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Merge env/tooling to production (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Merge env/tooling to production (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Validate against CR/LF characters in HTTP header values (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Sanitize email header values against CRLF injection (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Sanitize email header values against CRLF injection (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Merge env/tooling to production (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] New compose project option for repository branch (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] New compose project option for repository branch (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Validate against CR/LF characters in HTTP header values (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [PR] Bump biomejs/setup-biome from 2.6.0 to 2.7.0 (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Ensure that Dependabot PRs are checked against the action allow list (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Ensure that Dependabot PRs are checked against the action allow list (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Validate against CR/LF characters in HTTP header values (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Ensure that Dependabot PRs are checked against the action allow list (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [PR] Bump biomejs/setup-biome from 2.6.0 to 2.7.0 (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Detect `npm pack` output and allow `package/` as its root directory (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Detect `npm pack` output and allow `package/` as its root directory (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Enforce absolute maximum session lifetime for web sessions (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Enforce absolute maximum session lifetime for web sessions (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Enforce absolute maximum session lifetime for web sessions (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Enforce absolute maximum session lifetime for web sessions (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Enforce absolute maximum session lifetime for web sessions (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Ensure that Dependabot PRs are checked against the action allow list (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [PR] Fix: Mitigate CRLF injection in email headers (Issue #603) (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [PR] Fix: Mitigate CRLF injection in email headers (Issue #603) (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Ensure that Dependabot PRs are checked against the action allow list (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Document database cascades (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Enforce absolute maximum session lifetime for web sessions (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Make check ignores apply per project, not per committee (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [I] Make check ignores apply per project, not per committee (tooling-trusted-releases) via GitHub
• 2026/01/30 Re: [PR] Fix: Mitigate CRLF injection in email headers (Issue #603) (tooling-trusted-releases) via GitHub
• 2026/01/30 [GH] Fix: Mitigate CRLF injection in email headers (Issue #603) (tooling-trusted-releases) via GitHub
• 2026/01/29 [GH] Fix: Mitigate CRLF injection in email headers (Issue #603) (tooling-trusted-releases) via GitHub
• 2026/01/29 [GH] Fix: Mitigate CRLF injection in email headers (Issue #603) (tooling-trusted-releases) via GitHub
• 2026/01/29 Re: [I] Document database cascades (tooling-trusted-releases) via GitHub
• 2026/01/29 Re: [I] Read enisa sbom landscape analysis (tooling-trusted-releases) via GitHub
• 2026/01/29 Re: [I] Read enisa sbom landscape analysis (tooling-trusted-releases) via GitHub
• 2026/01/29 Re: [I] Read enisa sbom landscape analysis (tooling-trusted-releases) via GitHub
• 2026/01/29 Re: [I] Committees where committers may release (tooling-trusted-releases) via GitHub
• 2026/01/29 Re: [I] Merge env/tooling to production (tooling-trusted-releases) via GitHub
• 2026/01/29 [I] Merge env/tooling to production (tooling-trusted-releases) via GitHub
• 2026/01/29 Re: [I] Link from RAT check failure to local reproduction instructions (tooling-trusted-releases) via GitHub
• 2026/01/29 Re: [I] Link from RAT check failure to local reproduction instructions (tooling-trusted-releases) via GitHub

• Earlier messages
• Later messages