sbp commented on issue #294: URL: https://github.com/apache/tooling-trusted-releases/issues/294#issuecomment-3492455573
This is not a requirement of ASF policy, so we can relax it. I think the best compromise here might be to make it a warning, but it depends how people feel about warnings. In general I think it's useful to end users when a tarball contains a directory of the same name as its basename minus extension. How strongly we want to coerce ATR users to conform to that pattern is another matter, and what we're seeing is that people _treat ATR errors very seriously_. This is excellent news, of course, but it means that we must use errors responsibly: we must reserve errors for cases that are truly *errors*. I don't think this is an error, and I think there could also be a case that ATR errors must be violations of ASF policy, obvious security problems, and other things of this nature. In summary, I think I'll at least make this a warning, but we might even need to add a new "advisory" class which is slightly weaker than that. In addition, however, I would like to point out that you can make custom rules to ignore certain check results, including even errors. If you go to [`/ignores/airflow`](https://release-test.apache.org/ignores/airflow) I think that should be the relevant interface. I understand that we should set sensible defaults and not rely on people to add ignores for things that we got wrong at the ATR level! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
