Claudenw commented on issue #312: URL: https://github.com/apache/tooling-trusted-releases/issues/312#issuecomment-3538950096
RAT now has an argument to set minumum file size to scan. We could add max as well LinkedIn: http://www.linkedin.com/in/claudewarren On Sun 16 Nov 2025, 15:27 Sean B. Palmer, ***@***.***> wrote: > *sbp* left a comment (apache/tooling-trusted-releases#312) > <https://github.com/apache/tooling-trusted-releases/issues/312#issuecomment-3538870884> > > We perform other checks on the inflated archives, so RAT would be > duplicating the inflation work if we used streaming mode. We're currently > running RAT on everything, which doesn't help matters, if release managers > do not identify binary archives, so one obvious optimisation is tied to the > outcome of #311 > <https://github.com/apache/tooling-trusted-releases/issues/311>. > Meanwhile we discussed adding a size limit to the artifacts that we check > with RAT when the release manager has not set source and binary artifact > paths. We plan for this to be the first mitigation that we implement. > > — > Reply to this email directly, view it on GitHub > <https://github.com/apache/tooling-trusted-releases/issues/312#issuecomment-3538870884>, > or unsubscribe > <https://github.com/notifications/unsubscribe-auth/AASTVHUGL3WCHIRL757MQNL35CJXPAVCNFSM6AAAAACMD7XPOKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZTKMZYHA3TAOBYGQ> > . > You are receiving this because you were mentioned.Message ID: > ***@***.***> > -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
