Billy Lynch
Billy Lynch
Generally in favor of this! A few notes: > 1. The spec wants the subject to specify the git commit using a digest type of gitCommit (a [standard in-toto type](https://github.com/in-toto/attestation/blob/main/spec/v1/digest_set.md#gitcommit-gittree-gitblob-gittag)....
We should probably add another section for how collaborator / maintainer relate to reviewer / approvers. Being able to have a separation between the roles is nice because there is...
> How does one LGTM things without being on the reviewer list? Are you referring to the prow plugin that auto-assigns reviewers or something else? You just need explicit `read`...
I'm open to this, but I do not have any sort of Windows socket experience (or much experience building Windows apps in general). 😓 The first step would be to...
> Checking for the commit/tag within just the default branch seems like a reasonable approximation to start with? Especially given that GitHub Actions typically are published using default branches and...
@dependabot rebase
@dependabot recreate
@dependabot recreate
https://github.com/tektoncd/plumbing/pull/1840 to enable profiling on our dogfooding instance to help debug this, but if you want to enable this on your cluster and share the pprof output, that might be...