)]}'
{
  "log": [
    {
      "commit": "7cc736da82b814b383daaa59609372917fd004cd",
      "tree": "abe8a3963e9fb282f53562cadd85823d44ad55d3",
      "parents": [
        "7c891700995276c9f6952d0e1f2a2c1882d66f3d"
      ],
      "author": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Wed Mar 23 14:59:14 2016 -0700"
      },
      "committer": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Wed Mar 23 15:28:41 2016 -0700"
      },
      "message": "Properly handle whitespace in domain entries\n\nDomain entries can contain whitespace (or newlines) which should be\nignored to avoid unexpectedly failing to match a domain.\n\nBug: 27816377\nChange-Id: I3691aa4abd409e7be97ad0cf1eb0195725e1b0ab\n"
    },
    {
      "commit": "567f6f24747c80b4ab362a22985576c4f8a418fd",
      "tree": "348247aeb61bc3d44bb0fff9a0503aab657c99ee",
      "parents": [
        "1ce163fe34ae05218d723acafc4dd47bd55cc8da"
      ],
      "author": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Mon Feb 29 14:02:32 2016 -0800"
      },
      "committer": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Tue Mar 01 12:42:54 2016 -0800"
      },
      "message": "Allow debug-overrides to be specified in an extra resource\n\nAn application can specify its debug-overrides in an extra resource with\nthe same name suffixed with \"_debug\" (e.g. res/xml/security_config.xml and\nres/xml/security_config_debug.xml).\n\nBy specifying the debug-overrides in an extra file release builds can\nstrip out the file (and any certificate resources that the\ndebug-overrides depend on) to prevent including testing configuration\ninformation in the release build of an application.\n\nBug: 27418003\nChange-Id: Ibfebc376360ca474fc0f9f2fd565faa0cffd9549\n"
    },
    {
      "commit": "d3af9620817220d737fdb532c1ae1032bdd65e11",
      "tree": "abf147a0d643303681a7110bcb78b279e886b256",
      "parents": [
        "7d72975c5b3e6f18710f078199e7a9e3f9376c60"
      ],
      "author": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Mon Nov 16 10:48:20 2015 -0800"
      },
      "committer": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Mon Nov 30 17:20:00 2015 -0800"
      },
      "message": "Expose findTrustAnchorBySubjectAndPublicKey\n\nThis allows for faster lookups of TrustAnchors when checking pin\noverrides without needing to iterate over all certificates.\n\nCurrently only the system and user trusted certificate store are\noptimized to avoid reading the entire source before doing the trust\nanchor lookup, improvements to the resource source will come in a later\ncommit.\n\nThis also refactors System/UserCertificateSource to avoid code\nduplication.\n\nChange-Id: Ice00c5e047140f3d102306937556b761faaf0d0e\n"
    },
    {
      "commit": "08d36202daeb3e668911c9902edb61b6894f822e",
      "tree": "72dee75fd1be13ff12ecbde62647d9e376b72f16",
      "parents": [
        "749501e88e5fa6bdc6594a9db5c232e31bdda867"
      ],
      "author": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Mon Nov 09 13:38:51 2015 -0800"
      },
      "committer": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Tue Nov 10 12:40:00 2015 -0800"
      },
      "message": "Add support for debug-overrides configuration\n\nDebug overrides are only used if the application is debuggable in\norder to help local debugging and development by trusting additional\nCAs. In a non-debuggable version of the application the debug-overrides\nare ignored.\n\nTrust anchors in the debug override configuration have two key\ndifferences from those in base-config and domain-config:\n1) trust anchors in the debug-overrides are trusted for all connections\nin addition to any trust anchors included in the relevant base/domain\nconfigs.\n2) By default trust anchors in the debug config override pins, as their\npurpose is for connecting to non-standard servers for debugging and\ntesting and those servers should not be pinned in the production\nconfiguration.\n\nChange-Id: I15ee98eae182be0ffaa49b06bc5e1c6c3d22baee\n"
    },
    {
      "commit": "bd173c28fcded629da722c6669f1b6478cdcd94f",
      "tree": "24524a2b7140b729912e123e835f7eaf185c64a4",
      "parents": [
        "5f96702f582050c1598136ed2a748f76b981c94e"
      ],
      "author": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Fri Nov 06 23:02:37 2015 -0800"
      },
      "committer": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Sat Nov 07 13:31:04 2015 -0800"
      },
      "message": "Support nested domain-config elements\n\nNested domain-config inherit unset parameters from the domain-config\nthey are nested in. This helps avoid copy and pasted configs that are\nalmost the same except a few minor differences for a domain with\nslightly different requirements.\n\nFor example: Consider a domain-config for example.com that, among other\nsettings, does not enforce hsts. Now if you want the rules for\nexample.com to apply to secure.example.com except that hsts _is_\nenforced you can make a nested domain-config for secure.example.com\nunder example.com that sets hstsEnforced\u003d\"true\" and nothing else.\n\nChange-Id: I9e33f7e62127fd7f4f15c3560fff2f2626477bd4\n"
    },
    {
      "commit": "5f96702f582050c1598136ed2a748f76b981c94e",
      "tree": "95bff660c4abcc6b7057372e254acfbb2ea52d89",
      "parents": [
        "1347cb81f402c628f3346ea350a5862749901d59"
      ],
      "author": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Wed Nov 04 23:55:29 2015 -0800"
      },
      "committer": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Fri Nov 06 22:24:01 2015 -0800"
      },
      "message": "Add xml source for network security configuration\n\nXmlConfigSource parses an ApplicationConfig from an xml resource.\nCurrently this supports app-wide default configuration via the\nbase-config element, per domain via the domain-config element and\ninheritance of unset properties at parse time.\n\nInheritance of unset properties is currently only:\ndomain-config -\u003e base-config -\u003e platform default configuration\nWhere the most specific value is used.\nFor example: If the base-config specifies trust anchors, all connections\nwill use those anchors except for connections to a domain which has a\ndomain-config that specifies trust anchors, in which case the\ndomain-config\u0027s trust anchors will be used. If the domain-config or\nbase-config don\u0027t set trust anchors, or don\u0027t exist, then the platform\ndefault trust anchors will be used.\n\nNested domain-config entries, debug-overrides, and thorough\ndocumentation of the xml format will follow in later commits.\n\nChange-Id: I1232ff1e8079a81b340bc12e142f0889f6947aa0\n"
    }
  ]
}