GitHub user hpvd edited a comment on the discussion: Automated security and update routine before every release
current OWASP dependency checks on merge always fails with many errors/vulnerabilities with a high CVSS score greater or equal than 7, (several scores are even greater than 9,5) but do NOT block please see example attached -> so we may want to think of simply removing it to save some load/time? only as typical example: ![2024-05-08_23h42_38](https://github.com/apache/pulsar/assets/5681880/6e0136d7-ebfd-40fa-bf33-43b57a0a062c) ![2024-05-08_23h33_43](https://github.com/apache/pulsar/assets/5681880/b6275511-28a5-4bda-8ada-1b94d9902732) https://github.com/apache/pulsar/actions/runs/8980506133/job/24665993927 GitHub link: https://github.com/apache/pulsar/discussions/19093#discussioncomment-9360551 ---- This is an automatically sent email for commits@pulsar.apache.org. To unsubscribe, please send an email to: commits-unsubscr...@pulsar.apache.org