dev  

Messages by Thread

• • [GH] Pull previous SBOM results into the report and highlight new/changed vulnerabilities/licenses (tooling-trusted-releases) via GitHub
  • [GH] Pull previous SBOM results into the report and highlight new/changed vulnerabilities/licenses (tooling-trusted-releases) via GitHub
  • [GH] Pull previous SBOM results into the report and highlight new/changed vulnerabilities/licenses (tooling-trusted-releases) via GitHub
  • [GH] Pull previous SBOM results into the report and highlight new/changed vulnerabilities/licenses (tooling-trusted-releases) via GitHub
  • [GH] Pull previous SBOM results into the report and highlight new/changed vulnerabilities/licenses (tooling-trusted-releases) via GitHub
  • Re: [PR] Pull previous SBOM results into the report and highlight new/changed vulnerabilities/licenses (tooling-trusted-releases) via GitHub
• [I] Make UX when an unauthorized users visit the vote page when the release is not in that phase (tooling-trusted-releases) via GitHub
  • Re: [I] Make UX when an unauthorized users visit the vote page when the release is not in that phase (tooling-trusted-releases) via GitHub
  • Re: [I] Fix UX when an unauthorized user visits the vote page when the release is no longer in that phase (tooling-trusted-releases) via GitHub
  • Re: [I] Fix UX when an unauthorized user visits the vote page when the release is no longer in that phase (tooling-trusted-releases) via GitHub
• Re: [I] Always show the current release phase status even on outdated phase pages (tooling-trusted-releases) via GitHub
  • Re: [I] Always show the current release phase status even on outdated phase pages (tooling-trusted-releases) via GitHub
• Re: [I] Improve the SBOM license scanner (tooling-trusted-releases) via GitHub
  • Re: [I] Improve the SBOM license scanner (tooling-trusted-releases) via GitHub
  • Re: [I] Improve the SBOM license scanner (tooling-trusted-releases) via GitHub
• Re: [I] Project lifecycle information as part of the release catalog (tooling-trusted-releases) via GitHub
  • Re: [I] Project lifecycle information as part of the release catalog (tooling-trusted-releases) via GitHub
  • Re: [I] Project lifecycle information as part of the release catalog (tooling-trusted-releases) via GitHub
  • Re: [I] Project lifecycle information as part of the release catalog (tooling-trusted-releases) via GitHub
• [I] Add commands to sign and verify artifacts (tooling-releases-client) via GitHub
• [I] Allow error check results to be turned into a TODO list (tooling-trusted-releases) via GitHub
  • Re: [I] Allow error check results to be turned into a TODO list (tooling-trusted-releases) via GitHub
  • Re: [I] Allow error check results to be turned into a TODO list (tooling-trusted-releases) via GitHub
  • Re: [I] Allow error check results to be turned into a TODO list (tooling-trusted-releases) via GitHub
• [I] Allow users to configure between lightweight and RAT checks (tooling-trusted-releases) via GitHub
  • Re: [I] Allow users to configure between lightweight and RAT checks (tooling-trusted-releases) via GitHub
  • Re: [I] Allow users to configure between lightweight and RAT checks (tooling-trusted-releases) via GitHub
  • Re: [I] Allow users to configure between lightweight and RAT checks (tooling-trusted-releases) via GitHub
  • Re: [I] Allow users to configure between lightweight and RAT checks (tooling-trusted-releases) via GitHub
• [I] Add a tutorial explaining how to sign artifacts using OpenPGP (tooling-trusted-releases) via GitHub
  • Re: [I] Add a tutorial explaining how to sign artifacts using OpenPGP (tooling-trusted-releases) via GitHub
  • Re: [I] Add a tutorial explaining how to sign artifacts using OpenPGP (tooling-trusted-releases) via GitHub
  • Re: [I] Add a tutorial explaining how to sign artifacts using OpenPGP (tooling-trusted-releases) via GitHub
  • Re: [I] Add a tutorial explaining how to sign artifacts using OpenPGP (tooling-trusted-releases) via GitHub
  • Re: [I] Add a tutorial explaining how to sign artifacts using OpenPGP (tooling-trusted-releases) via GitHub
  • Re: [I] Add a tutorial explaining how to sign artifacts using OpenPGP (tooling-trusted-releases) via GitHub
• [I] Consider Sigstore or other alternatives to local signing (tooling-trusted-releases) via GitHub
  • Re: [I] Consider Sigstore or other alternatives to local signing (tooling-trusted-releases) via GitHub
• [I] Disable the announce button until confirm is clicked (tooling-trusted-releases) via GitHub
  • Re: [I] Disable the announce button until confirm is clicked (tooling-trusted-releases) via GitHub
  • Re: [I] Disable the announce button until confirm is clicked (tooling-trusted-releases) via GitHub
  • Re: [I] Disable the announce button until confirm is clicked (tooling-trusted-releases) via GitHub
• [I] Add a directory creation hint to the file management interface (tooling-trusted-releases) via GitHub
• [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
  • Re: [I] Make email templating much clearer to users (tooling-trusted-releases) via GitHub
• [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
  • Re: [I] Document how to provide a groupId for Maven (tooling-trusted-releases) via GitHub
• [I] syft SBOM generation doesn't populate license field (tooling-trusted-releases) via GitHub
  • Re: [I] syft SBOM generation doesn't populate license field (tooling-trusted-releases) via GitHub
  • Re: [I] syft SBOM generation doesn't populate license field (tooling-trusted-releases) via GitHub
  • Re: [I] syft SBOM generation doesn't populate license field (tooling-trusted-releases) via GitHub
  • Re: [I] syft SBOM generation doesn't populate license field (tooling-trusted-releases) via GitHub
  • Re: [I] syft SBOM generation doesn't populate license field (tooling-trusted-releases) via GitHub
• [I] Prioritise SHA512, and allow signature corroborated generation (tooling-trusted-releases) via GitHub
  • Re: [I] Prioritise SHA512, and allow signature corroborated generation (tooling-trusted-releases) via GitHub
  • Re: [I] Prioritise SHA512, and allow signature corroborated generation (tooling-trusted-releases) via GitHub
  • Re: [I] Prioritise SHA512, and allow signature corroborated generation (tooling-trusted-releases) via GitHub
  • Re: [I] Prioritise SHA512, and allow signature corroborated generation (tooling-trusted-releases) via GitHub
  • Re: [I] Prioritise SHA512, and allow signature corroborated generation (tooling-trusted-releases) via GitHub
• [PR] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • [GH] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
  • Re: [PR] Update outdated tool scanners and add ATR tool metadata to the SBOM (tooling-trusted-releases) via GitHub
• [PR] Add RAT reproduction steps to task docs (tooling-trusted-releases) via GitHub
  • Re: [PR] Add RAT reproduction steps to task docs (tooling-trusted-releases) via GitHub
  • Re: [PR] Add RAT reproduction steps to task docs (tooling-trusted-releases) via GitHub
• [I] paths for failed license header checks include leading dir with archive name (tooling-trusted-releases) via GitHub
  • Re: [I] exclude leading dir with archive name paths from failed license header checks (tooling-trusted-releases) via GitHub
  • Re: [I] exclude leading dir with archive name paths from failed license header checks (tooling-trusted-releases) via GitHub
  • Re: [I] exclude leading dir with archive name paths from failed license header checks (tooling-trusted-releases) via GitHub
  • Re: [I] exclude leading dir with archive name paths from failed license header checks (tooling-trusted-releases) via GitHub
  • Re: [I] exclude leading dir with archive name paths from failed license header checks (tooling-trusted-releases) via GitHub
• [I] Automatically exclude `.min.js` and other generated files from RAT checks (tooling-trusted-releases) via GitHub
  • Re: [I] Automatically exclude `.min.js` and other generated files from RAT and License Header checks (tooling-trusted-releases) via GitHub
  • Re: [I] Automatically exclude `.min.js` and other generated files from RAT and License Header checks (tooling-trusted-releases) via GitHub
  • Re: [I] Automatically exclude `.min.js` and other generated files from RAT and License Header checks (tooling-trusted-releases) via GitHub
  • Re: [I] Automatically exclude `.min.js` and other generated files from RAT and License Header checks (tooling-trusted-releases) via GitHub
  • Re: [I] Automatically exclude `.min.js` and other generated files from RAT and License Header checks (tooling-trusted-releases) via GitHub
• [PR] SBOM vulnerability and report updates (tooling-trusted-releases) via GitHub
  • Re: [PR] SBOM vulnerability and report updates (tooling-trusted-releases) via GitHub
• Is dist.apache.org being replaces? Craig Russell
  • Re: Is dist.apache.org being replaces? Dave Fisher
  • Re: Is dist.apache.org being replaces? Craig Russell
  • Re: Is dist.apache.org being replaces? sebb
  • Re: Is dist.apache.org being replaces? Dave Fisher
  • Re: Is dist.apache.org being replaces? sebb
  • Re: Is dist.apache.org being replaces? Dave Fisher
  • Re: Is dist.apache.org being replaces? Craig Russell
  • Re: Is dist.apache.org being replaces? Greg Stein
  • Re: Is dist.apache.org being replaces? Craig Russell
  • Re: Is dist.apache.org being replaces? Greg Stein
  • Re: Is dist.apache.org being replaces? sebb
  • Re: Is dist.apache.org being replaces? Craig Russell
  • Re: Is dist.apache.org being replaces? sebb
  • Re: Is dist.apache.org being replaces? Dave Fisher
  • Re: Is dist.apache.org being replaces? Greg Stein
• [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
  • Re: [I] Choose how to distinguish files for uploading to third party platforms (tooling-trusted-releases) via GitHub
• [I] Document the scope of ATR (tooling-trusted-releases) via GitHub
  • Re: [I] Document the scope of ATR (tooling-trusted-releases) via GitHub
• [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
  • Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
  • Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
  • Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
  • Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
  • Re: [I] Add a new class of check outcome that cannot be ignored (tooling-trusted-releases) via GitHub
• [PR] Docker build improvements (tooling-trusted-releases) via GitHub
  • Re: [PR] Docker build improvements (tooling-trusted-releases) via GitHub
  • Re: [PR] Docker build improvements (tooling-trusted-releases) via GitHub
  • Re: [PR] Docker build improvements (tooling-trusted-releases) via GitHub
  • Re: [PR] Docker build improvements (tooling-trusted-releases) via GitHub
  • Re: [PR] Docker build improvements (tooling-trusted-releases) via GitHub
  • Re: [PR] Docker build improvements (tooling-trusted-releases) via GitHub
• [I] Add SBOM generation for ZIP files (tooling-trusted-releases) via GitHub
  • Re: [I] Add SBOM generation for ZIP files (tooling-trusted-releases) via GitHub
  • Re: [I] Add SBOM generation for ZIP files (tooling-trusted-releases) via GitHub
  • Re: [I] Add SBOM generation for ZIP files (tooling-trusted-releases) via GitHub
• [PR] Wait for SBOM task to complete before continuing with revision (tooling-trusted-releases) via GitHub
  • Re: [PR] Wait for SBOM task to complete before continuing with revision (tooling-trusted-releases) via GitHub
• [I] Fix how SBOMs are generated (tooling-trusted-releases) via GitHub
  • Re: [I] Fix how SBOMs are generated (tooling-trusted-releases) via GitHub
  • Re: [I] Fix how SBOMs are generated (tooling-trusted-releases) via GitHub
  • Re: [I] Fix how SBOMs are generated (tooling-trusted-releases) via GitHub
  • Re: [I] Fix how SBOMs are generated (tooling-trusted-releases) via GitHub
  • Re: [I] Fix how SBOMs are generated (tooling-trusted-releases) via GitHub
  • Re: [I] Fix how SBOMs are generated (tooling-trusted-releases) via GitHub
  • Re: [I] Fix how SBOMs are generated (tooling-trusted-releases) via GitHub
• [PR] SBOM report updates (tooling-trusted-releases) via GitHub
  • [GH] SBOM report updates (tooling-trusted-releases) via GitHub
  • [GH] SBOM report updates (tooling-trusted-releases) via GitHub
  • Re: [PR] SBOM report updates (tooling-trusted-releases) via GitHub
  • Re: [PR] SBOM report updates (tooling-trusted-releases) via GitHub
• [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
  • Re: [I] ATR logo request (tooling-trusted-releases) via GitHub
• [PR] Remove root dir check for sbom generation and add test case for gener… (tooling-trusted-releases) via GitHub
  • Re: [PR] Remove root dir check for sbom generation and add test case for gener… (tooling-trusted-releases) via GitHub
• [PR] Make fixed topnav require enough width (tooling-trusted-releases) via GitHub
  • Re: [PR] Make fixed topnav require enough width (tooling-trusted-releases) via GitHub
• [I] Make top nav relative when the browser window is narrow (tooling-trusted-releases) via GitHub
  • Re: [I] Make top nav relative when the browser window is narrow (tooling-trusted-releases) via GitHub
• [I] Solicit and follow branding advice from M&P (tooling-trusted-releases) via GitHub
  • Re: [I] Solicit and follow branding advice from M&P (tooling-trusted-releases) via GitHub

• Earlier messages
• Later messages