[llvm] workflows: Add a job for auditing release assets (PR #92829)
Tom Stellard via llvm-commits
llvm-commits at lists.llvm.org
Tue May 21 05:55:49 PDT 2024
tstellar wrote:
> While this is a pragmatic change to allow anyone that have uploaded before, I am pretty sure what we have reached a consensus for is that only the release managers (and hans) would be allowed to upload. If we want to expand that to anyone that have been a release tester for a while I think we need to go back to the RFC thread and reach a consensus for that as well, since there was quite a bit of discussion about the specifics here.
>
> I would suggest we make the list the RM's and Hans to start with.
That is true, but we have to use the current list of uploaders in order to be able to audit historical releases. I was planning to do a follow up change with extra rules for LLVM 19+, which would include more strict checks, like requiring release attestations, but I'm still working on that.
https://github.com/llvm/llvm-project/pull/92829
More information about the llvm-commits
mailing list