GitHub user hpvd edited a comment on the discussion: Automated security and update routine before every release
current OWASP dependency checks on merge always fails with many errors/vulnerabilities with a high CVSS score greater or equal than 7, (several scores are even greater than 9,5) but do NOT block please see example attached -> so we may want to think of simply removing it to save some load/time? only as typical example:   https://github.com/apache/pulsar/actions/runs/8980506133/job/24665993927 GitHub link: https://github.com/apache/pulsar/discussions/19093#discussioncomment-9360551 ---- This is an automatically sent email for commits@pulsar.apache.org. To unsubscribe, please send an email to: commits-unsubscr...@pulsar.apache.org
