Notification of uploads to the lookaside cache

Adam Jackson ajax at
Tue Dec 1 14:25:55 UTC 2009

On Sat, 2009-11-21 at 19:34 -0500, Jon Stanley wrote:
> As part of our ever vigilant stance towards security around our
> packaging process, we have added a new feature to upload.cgi (which
> accepts file uploads into the lookaside cache) which will email the
> package owner (<package>-owner at, specifically) and
> fedora-extras-commits at whenever a file is uploaded to the
> lookaside cache. Previously this was a big black box and an area of
> concern.
> The message will contain the name of the file, the package concerned,
> the md5sum, and the user that uploaded it.  An example is below:
> File upload.cgi for package sportrop-fonts has been uploaded to the
> lookaside cache with md5sum 26489f9e92601f0f84cfbb278c2b98e1 by
> jstanley
> Please let me know if you have any questions, comments, or room for improvement!

Can we get an X-Fedora-Upload: header in these or something?  Filtering
by subject line always makes me feel dirty.

- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the fedora-devel-list mailing list