potiuk commented on issue #312: URL: https://github.com/apache/tooling-trusted-releases/issues/312#issuecomment-3533456539
> Since we are discussing package expansion of what are sometimes very large packages. We are likely going to need to consider zip bomb type expansion attacks. True. In ASF scale, those things are super important indeed. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
