sbp opened a new issue, #647: URL: https://github.com/apache/tooling-trusted-releases/issues/647
In #629 we decided to classify files as binary by default when not detected as metadata files. Because ASF votes are held on source artifacts only, our default classification should be that non-metadata files are source archives. We may also be able to go a step further. In https://github.com/apache/tooling-trusted-releases/issues/553#issuecomment-3786628013 there is an analysis of what existing file types we accepted in SVN. We already created a list of [artifact types which is included in the ATR source](https://github.com/apache/tooling-trusted-releases/blob/94964c675fbdf20b92273de828d8b27fbae0b719/atr/analysis.py#L28-L59), but not all of these are source artifact types (e.g. it includes `.exe`). We could easily detect archives, and limit automatic source classification to those. We could also specifically deny some file types, such as `.DS_Store` and `.htaccess`. Early on, we discussed allowing headers and footers to be uploaded, but I think our current stance is that use of these will not be implemented in ATR so we should not allow them to be uploaded. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
