[all-commits] [llvm/llvm-project] 9d2461: workflows: Add a job for auditing release assets (...
Tom Stellard via All-commits
all-commits at lists.llvm.org
Fri Jul 26 09:46:03 PDT 2024
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 9d2461e71297899b3d23dcfa002fcabaf6709612
https://github.com/llvm/llvm-project/commit/9d2461e71297899b3d23dcfa002fcabaf6709612
Author: Tom Stellard <tstellar at redhat.com>
Date: 2024-07-26 (Fri, 26 Jul 2024)
Changed paths:
A .github/workflows/release-asset-audit.py
A .github/workflows/release-asset-audit.yml
Log Message:
-----------
workflows: Add a job for auditing release assets (#92829)
This checks to ensure that uploads are only made by 'approved'
uploaders, which is just everyone who has uploaded a release asset in
the past.
We could do more, but this is just a simple implementation so we can put
something in place and see how it works.
For more discussion see:
https://discourse.llvm.org/t/rfc-improve-binary-security/78121
To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications
More information about the All-commits
mailing list