kinow commented on PR #351:
URL: https://github.com/apache/commons-io/pull/351#issuecomment-1110898364
Not sure if this generated a CVE. It is an OpenSSF recommendation, however:
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
The closest CVE I could find
kinow commented on PR #351:
URL: https://github.com/apache/commons-io/pull/351#issuecomment-1110194505
> @kinow are you doing this for all Commons components?
Sounds like a good idea I think. I'll start with Commons
Imaging/Text/IO/etc, the ones I normally change. Then slowly go over
kinow commented on PR #351:
URL: https://github.com/apache/commons-io/pull/351#issuecomment-1109208140
Thanks!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscrib