dev  

Messages by Thread

• • Re: [I] Hard link files in the incubator directory for podling releases (tooling-trusted-releases) via GitHub
  • Re: [I] Hard link files in the incubator directory for podling releases (tooling-trusted-releases) via GitHub
• [I] Tabulate votes from the IPMC in the second podling vote round only (tooling-trusted-releases) via GitHub
  • Re: [I] Tabulate votes from the IPMC in the second podling vote round only (tooling-trusted-releases) via GitHub
  • Re: [I] Tabulate votes from the IPMC in the second podling vote round only (tooling-trusted-releases) via GitHub
• [I] Document when second round podling votes can be held on `general@` (tooling-trusted-releases) via GitHub
  • Re: [I] Document when second round podling votes can be held on `general@` (tooling-trusted-releases) via GitHub
  • Re: [I] Document when second round podling votes can be held on `general@` (tooling-trusted-releases) via GitHub
  • Re: [I] Document when second round podling votes can be held on `general@` (tooling-trusted-releases) via GitHub
  • Re: [I] Document when second round podling votes can be held on `general@` (tooling-trusted-releases) via GitHub
  • Re: [I] Document when second round podling votes can be held on `general@` (tooling-trusted-releases) via GitHub
  • Re: [I] Document when second round podling votes can be held on `general@` (tooling-trusted-releases) via GitHub
• [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
  • Re: [I] Add SWHID identifiers for release verification (tooling-trusted-releases) via GitHub
• [I] MFA OAuth logins fail for developers without LDAP credentials (tooling-trusted-releases) via GitHub
  • Re: [I] MFA OAuth logins fail for developers without LDAP credentials (tooling-trusted-releases) via GitHub
  • Re: [I] MFA OAuth logins fail for developers without LDAP credentials (tooling-trusted-releases) via GitHub
  • Re: [I] MFA OAuth logins fail for developers without LDAP credentials (tooling-trusted-releases) via GitHub
• [I] Remove the ability to generate test JWT tokens (tooling-trusted-releases) via GitHub
  • Re: [I] Remove the ability to generate test JWT tokens (tooling-trusted-releases) via GitHub
  • Re: [I] Remove the ability to generate test JWT tokens (tooling-trusted-releases) via GitHub
  • Re: [I] Remove the ability to generate test JWT tokens (tooling-trusted-releases) via GitHub
• [PR] Store session data in the server (tooling-trusted-releases) via GitHub
  • [GH] Store session data in the server (tooling-trusted-releases) via GitHub
  • [GH] Store session data in the server (tooling-trusted-releases) via GitHub
  • [GH] Store session data in the server (tooling-trusted-releases) via GitHub
  • [GH] Store session data in the server (tooling-trusted-releases) via GitHub
  • [GH] Store session data in the server (tooling-trusted-releases) via GitHub
  • Re: [PR] Store session data in the server (tooling-trusted-releases) via GitHub
• [I] API to list PMCs approved for CI staging (tooling-trusted-releases) via GitHub
  • Re: [I] API to list PMCs approved for CI staging (tooling-trusted-releases) via GitHub
  • Re: [I] API to list PMCs approved for CI staging (tooling-trusted-releases) via GitHub
• [I] Add logging framework to SBOM CLI (tooling-trusted-releases) via GitHub
• [PR] Use the debug print format that is used throughout osv.pysv (tooling-trusted-releases) via GitHub
  • Re: [PR] Use the debug print format that is used throughout osv.py (tooling-trusted-releases) via GitHub
  • Re: [PR] Use the debug print format that is used throughout osv.py (tooling-trusted-releases) via GitHub
  • Re: [PR] Use the debug print format that is used throughout osv.py (tooling-trusted-releases) via GitHub
  • Re: [PR] Use the debug print format that is used throughout osv.py (tooling-trusted-releases) via GitHub
• [PR] #1003 - add rate limiting to SSH connections (tooling-trusted-releases) via GitHub
  • [GH] #1003 - add rate limiting to SSH connections (tooling-trusted-releases) via GitHub
  • Re: [PR] #1003 - add rate limiting to SSH connections (tooling-trusted-releases) via GitHub
• [PR] Bump cryptography from 46.0.6 to 46.0.7 (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump cryptography from 46.0.6 to 46.0.7 (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump cryptography from 46.0.6 to 46.0.7 (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump cryptography from 46.0.6 to 46.0.7 (tooling-trusted-releases) via GitHub
• Re: [I] Projects VM track (tooling-trusted-releases) via GitHub
  • Re: [I] Projects VM track (tooling-trusted-releases) via GitHub
• Re: [I] Allow error check results to be turned into a TODO list (tooling-trusted-releases) via GitHub
  • Re: [I] Allow error check results to be turned into a TODO list (tooling-trusted-releases) via GitHub
• [I] Resolve security issues with Mermaid (tooling-trusted-releases) via GitHub
  • Re: [I] Resolve security issues with Mermaid dependencies (tooling-trusted-releases) via GitHub
  • Re: [I] Resolve security issues with Mermaid dependencies (tooling-trusted-releases) via GitHub
  • Re: [I] Resolve security issues with Mermaid dependencies (tooling-trusted-releases) via GitHub
  • Re: [I] Resolve security issues with Mermaid dependencies (tooling-trusted-releases) via GitHub
  • Re: [I] Resolve security issues with Mermaid dependencies (tooling-trusted-releases) via GitHub
  • Re: [I] Resolve security issues with Mermaid dependencies (tooling-trusted-releases) via GitHub
• [PR] Auth audit log and user preferences (tooling-trusted-releases) via GitHub
  • Re: [PR] Auth audit log and user preferences (tooling-trusted-releases) via GitHub
• [PR] Fix build-bootstrap by resolving ICU dependency for dart-sass (tooling-trusted-releases) via GitHub
  • Re: [PR] Fix build-bootstrap by resolving ICU dependency for dart-sass (tooling-trusted-releases) via GitHub
  • Re: [PR] Fix build-bootstrap by resolving ICU dependency for dart-sass (tooling-trusted-releases) via GitHub
• Re: [I] pre-commit: add `markdown-link-check` to check for dead links in Markdown files (tooling-docs) via GitHub
• [I] Set a 14 day cooldown for npm packages in Dependabot (tooling-trusted-releases) via GitHub
  • Re: [I] Set a 14 day cooldown for npm packages in Dependabot (tooling-trusted-releases) via GitHub
  • Re: [I] Set a 14 day cooldown for npm packages in Dependabot (tooling-trusted-releases) via GitHub
  • Re: [I] Set a 14 day cooldown for npm packages in Dependabot (tooling-trusted-releases) via GitHub
• [PR] Bump lodash-es and mermaid in /bootstrap/source (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump lodash-es and mermaid in /bootstrap/source (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump lodash-es and mermaid in /bootstrap/source (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump lodash-es and mermaid in /bootstrap/source (tooling-trusted-releases) via GitHub
• [PR] Bump mermaid from 11.4.1 to 11.10.0 in /bootstrap/source (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump mermaid from 11.4.1 to 11.10.0 in /bootstrap/source (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump mermaid from 11.4.1 to 11.10.0 in /bootstrap/source (tooling-trusted-releases) via GitHub
• [PR] Adding mermaid support (tooling-trusted-releases) via GitHub
  • Re: [PR] Adding mermaid support (tooling-trusted-releases) via GitHub
  • Re: [PR] Adding mermaid support (tooling-trusted-releases) via GitHub
• Re: [I] Update pre-commit lint to use uv and act on push (tooling-docs) via GitHub
• Re: [I] Provide clear instructions for running pre-check locally (tooling-docs) via GitHub
• Re: [I] We could add a `Dependabot` config for `actions` updates (tooling-docs) via GitHub
• [I] Make build-bootstrap error (tooling-trusted-releases) via GitHub
  • Re: [I] Make build-bootstrap error (tooling-trusted-releases) via GitHub
  • Re: [I] Make build-bootstrap error (tooling-trusted-releases) via GitHub
• [PR] Bump pygments from 2.18.0 to 2.20.0 (tooling-docs) via GitHub
  • Re: [PR] Bump pygments from 2.18.0 to 2.20.0 (tooling-docs) via GitHub
  • Re: [PR] Bump pygments from 2.18.0 to 2.20.0 (tooling-docs) via GitHub
• [PR] Bump requests from 2.32.5 to 2.33.0 (tooling-docs) via GitHub
  • Re: [PR] Bump requests from 2.32.5 to 2.33.0 (tooling-docs) via GitHub
  • Re: [PR] Bump requests from 2.32.5 to 2.33.0 (tooling-docs) via GitHub
• [PR] Bump virtualenv from 20.35.4 to 20.36.1 (tooling-docs) via GitHub
  • Re: [PR] Bump virtualenv from 20.35.4 to 20.36.1 (tooling-docs) via GitHub
  • Re: [PR] Bump virtualenv from 20.35.4 to 20.36.1 (tooling-docs) via GitHub
• [PR] Bump urllib3 from 2.5.0 to 2.6.3 (tooling-docs) via GitHub
  • Re: [PR] Bump urllib3 from 2.5.0 to 2.6.3 (tooling-docs) via GitHub
  • Re: [PR] Bump urllib3 from 2.5.0 to 2.6.3 (tooling-docs) via GitHub
• [PR] Bump filelock from 3.20.0 to 3.20.3 (tooling-docs) via GitHub
  • Re: [PR] Bump filelock from 3.20.0 to 3.20.3 (tooling-docs) via GitHub
  • Re: [PR] Bump filelock from 3.20.0 to 3.20.3 (tooling-docs) via GitHub
  • Re: [PR] Bump filelock from 3.20.0 to 3.20.3 (tooling-docs) via GitHub
• [PR] Bump astral-sh/setup-uv from 7.6.0 to 8.0.0 (tooling-trusted-releases) via GitHub
  • Re: [PR] Bump astral-sh/setup-uv from 7.6.0 to 8.0.0 (tooling-trusted-releases) via GitHub
• [PR] Bump astral-sh/setup-uv from 7.6.0 to 8.0.0 (tooling-actions) via GitHub
  • Re: [PR] Bump astral-sh/setup-uv from 7.6.0 to 8.0.0 (tooling-actions) via GitHub
  • Re: [PR] Bump astral-sh/setup-uv from 7.6.0 to 8.0.0 (tooling-actions) via GitHub
• [PR] Bump astral-sh/setup-uv from 6.4.3 to 8.0.0 (tooling-releases-client) via GitHub
  • Re: [PR] Bump astral-sh/setup-uv from 6.4.3 to 8.0.0 (tooling-releases-client) via GitHub
• [I] Make server startup more efficient (tooling-trusted-releases) via GitHub
  • Re: [I] Make server startup more efficient (tooling-trusted-releases) via GitHub
  • Re: [I] Make server startup more efficient (tooling-trusted-releases) via GitHub
  • Re: [I] Make server startup more efficient (tooling-trusted-releases) via GitHub
• [I] Document vhost configuration (tooling-trusted-releases) via GitHub
  • Re: [I] Document vhost configuration (tooling-trusted-releases) via GitHub
  • Re: [I] Document vhost configuration (tooling-trusted-releases) via GitHub
• [I] Principal Authorization Cache Lacks Purge for Inactive Users (tooling-trusted-releases) via GitHub
  • Re: [I] Principal Authorization Cache Lacks Purge for Inactive Users (tooling-trusted-releases) via GitHub
• [I] HTTP TRACE Method Not Disabled at Apache Reverse Proxy (tooling-trusted-releases) via GitHub
  • Re: [I] HTTP TRACE Method Not Disabled at Apache Reverse Proxy (tooling-trusted-releases) via GitHub
  • Re: [I] HTTP TRACE Method Not Disabled at Apache Reverse Proxy (tooling-trusted-releases) via GitHub
  • Re: [I] HTTP TRACE Method Not Disabled at Apache Reverse Proxy (tooling-trusted-releases) via GitHub
  • Re: [I] HTTP TRACE Method Not Disabled at Apache Reverse Proxy (tooling-trusted-releases) via GitHub
• [I] No Comprehensive Endpoint-to-Authorization Mapping (tooling-trusted-releases) via GitHub
  • Re: [I] No Comprehensive Endpoint-to-Authorization Mapping (tooling-trusted-releases) via GitHub
• [I] Database Connection URL Logged at Startup (tooling-trusted-releases) via GitHub
  • Re: [I] Database Connection URL Logged at Startup (tooling-trusted-releases) via GitHub
• [I] `nbf` Claim Not Enforced as Required in ATR JWT Verification (tooling-trusted-releases) via GitHub
  • Re: [I] `nbf` Claim Not Enforced as Required in ATR JWT Verification (tooling-trusted-releases) via GitHub
  • Re: [I] `nbf` Claim Not Enforced as Required in ATR JWT Verification (tooling-trusted-releases) via GitHub
• [I] Pre-Release (Release Candidate) Dependency Used in Production (tooling-trusted-releases) via GitHub
• [I] No WebSocket Origin Validation Framework Exists (tooling-trusted-releases) via GitHub
  • Re: [I] No WebSocket Origin Validation Framework Exists (tooling-trusted-releases) via GitHub
  • Re: [I] No WebSocket Origin Validation Framework Exists (tooling-trusted-releases) via GitHub
  • Re: [I] No WebSocket Origin Validation Framework Exists (tooling-trusted-releases) via GitHub
  • Re: [I] No WebSocket Origin Validation Framework Exists (tooling-trusted-releases) via GitHub
  • Re: [I] No WebSocket Origin Validation Framework Exists (tooling-trusted-releases) via GitHub
• [I] Client-Side JWT Display TypeScript Not Available for Complete Audit (tooling-trusted-releases) via GitHub
  • Re: [I] Client-Side JWT Display TypeScript Not Available for Complete Audit (tooling-trusted-releases) via GitHub
  • Re: [I] Client-Side JWT Display TypeScript Not Available for Complete Audit (tooling-trusted-releases) via GitHub
  • [I] Client-Side JWT Display TypeScript Not Available for Complete Audit (tooling-trusted-releases) via GitHub
  • Re: [I] Client-Side JWT Display TypeScript Not Available for Complete Audit (tooling-trusted-releases) via GitHub
• [I] innerHTML Read Used Where textContent Is Appropriate (tooling-trusted-releases) via GitHub
  • Re: [I] innerHTML Read Used Where textContent Is Appropriate (tooling-trusted-releases) via GitHub
• [I] API Error Responses Leak Internal Error Details (tooling-trusted-releases) via GitHub
  • Re: [I] API Error Responses Leak Internal Error Details (tooling-trusted-releases) via GitHub
• [I] Web-Issued JWTs Lack PAT Binding and Cannot Be Individually Revoked (tooling-trusted-releases) via GitHub
  • Re: [I] Web-Issued JWTs Lack PAT Binding and Cannot Be Individually Revoked (tooling-trusted-releases) via GitHub
  • Re: [I] Web-Issued JWTs Lack PAT Binding and Cannot Be Individually Revoked (tooling-trusted-releases) via GitHub
• [I] Vote Casting POST Endpoint Relies on Indirect Phase Check (tooling-trusted-releases) via GitHub
  • Re: [I] Vote Casting POST Endpoint Relies on Indirect Phase Check (tooling-trusted-releases) via GitHub
  • Re: [I] Vote Casting POST Endpoint Relies on Indirect Phase Check (tooling-trusted-releases) via GitHub
• [I] Inconsistent CSRF Enforcement Pattern on Admin POST Endpoints (tooling-trusted-releases) via GitHub
  • Re: [I] Inconsistent CSRF Enforcement Pattern on Admin POST Endpoints (tooling-trusted-releases) via GitHub
  • Re: [I] Inconsistent CSRF Enforcement Pattern on Admin POST Endpoints (tooling-trusted-releases) via GitHub
• [I] JWT DOM Auto-Clear Lacks Page Lifecycle Event Handlers (tooling-trusted-releases) via GitHub
  • Re: [I] JWT DOM Auto-Clear Lacks Page Lifecycle Event Handlers (tooling-trusted-releases) via GitHub
  • Re: [I] JWT DOM Auto-Clear Lacks Page Lifecycle Event Handlers (tooling-trusted-releases) via GitHub
• [I] Project Deletion Missing Additional Authorization Checks (tooling-trusted-releases) via GitHub
  • Re: [I] Project Deletion Missing Additional Authorization Checks (tooling-trusted-releases) via GitHub
  • Re: [I] Project Deletion Missing Additional Authorization Checks (tooling-trusted-releases) via GitHub
• [I] Documentation Missing Cross-Entity Business Logic Validation Rules (tooling-trusted-releases) via GitHub
  • Re: [I] Documentation Missing Cross-Entity Business Logic Validation Rules (tooling-trusted-releases) via GitHub
  • Re: [I] Documentation Missing Cross-Entity Business Logic Validation Rules (tooling-trusted-releases) via GitHub
• [I] API Models Lack Enum Validation for Phase Parameter (tooling-trusted-releases) via GitHub
  • Re: [I] API Models Lack Enum Validation for Phase Parameter (tooling-trusted-releases) via GitHub
  • Re: [I] API Models Lack Enum Validation for Phase Parameter (tooling-trusted-releases) via GitHub
• [I] Neither Vhost Sanitizes X-Forwarded-Host (tooling-trusted-releases) via GitHub
  • Re: [I] Neither Vhost Sanitizes X-Forwarded-Host (tooling-trusted-releases) via GitHub
  • Re: [I] Neither Vhost Sanitizes X-Forwarded-Host (tooling-trusted-releases) via GitHub
• [I] Documentation Does Not Describe Failed Authentication Monitoring and Alerting (tooling-trusted-releases) via GitHub
  • Re: [I] Documentation Does Not Describe Failed Authentication Monitoring and Alerting (tooling-trusted-releases) via GitHub
  • Re: [I] Documentation Does Not Describe Failed Authentication Monitoring and Alerting (tooling-trusted-releases) via GitHub
• [I] Missing .dockerignore for Build Context Optimization (tooling-trusted-releases) via GitHub
  • Re: [I] Missing .dockerignore for Build Context Optimization (tooling-trusted-releases) via GitHub
  • Re: [I] Missing .dockerignore for Build Context Optimization (tooling-trusted-releases) via GitHub
• [I] Vote Tabulation Authorization Check Commented Out (tooling-trusted-releases) via GitHub
  • Re: [I] Vote Tabulation Authorization Check Commented Out (tooling-trusted-releases) via GitHub
  • Re: [I] Vote Tabulation Authorization Check Commented Out (tooling-trusted-releases) via GitHub
• [I] SSH Authentication Success Not Logged (tooling-trusted-releases) via GitHub
  • Re: [I] SSH Authentication Success Not Logged (tooling-trusted-releases) via GitHub
  • Re: [I] SSH Authentication Success Not Logged (tooling-trusted-releases) via GitHub
• [I] JWT TTL Documentation Inconsistency (tooling-trusted-releases) via GitHub
  • Re: [I] JWT TTL Documentation Inconsistency (tooling-trusted-releases) via GitHub
• [I] Internal Documentation Publicly Exposed (tooling-trusted-releases) via GitHub
  • Re: [I] Internal Documentation Publicly Exposed (tooling-trusted-releases) via GitHub
  • Re: [I] Internal Documentation Publicly Exposed (tooling-trusted-releases) via GitHub

• Earlier messages
• Later messages