Thanks Eyal! I was able to build using the new Gradle version in your branch. PR looks good.
-Matt On Wed, Oct 27, 2021 at 6:19 AM Eyal Allweil <e...@apache.org> wrote: > Hi all, > > I opened an INFRA ticket to get us access to see the GitHub dependabot > warnings. In order to see them, you need to link your GitHub and ASF > accounts if you haven't done that yet - the link to do it is this: > https://gitbox.apache.org/setup/ > > I also opened a PR <https://github.com/apache/datafu/pull/18> / Jira issue > <https://issues.apache.org/jira/browse/DATAFU-160> which fixes/adds the > GitHub "codeql" static code analysis to our project (and updates some > libraries used in our web site). I don't know how useful codeql will be, > but it can serve as an example for people to add other static code analysis > tools - there are many on GitHub, you can see them in the "scurity" tab. > In order to make the codeql build work, I upgraded the Gradle version used > in our wrapper - if someone else can take it make sure a build looks OK for > them that would be great. Another "future" task can be upgrading our Gradle > further, since we're still years behind the current version. > > Hope all of you are well, > Eyal >
