On 2024/07/03 14:44:30 Dave Fisher wrote:
> I did not see exactly where the download happens in the workflow. Is there a
> separate action or workflow?
In the current master branch version, it gets downloaded here:
https://github.com/apache/pulsar/blob/dbbb6b66c99afd12762dec198482dbf766bff3bb/.g
> On Jul 3, 2024, at 6:06 AM, Lari Hotari wrote:
>
> Hi,
>
> In Apache Pulsar, we use the OWASP Dependency-Check maven plugin to report
> vulnerabilities in dependencies in apache/pulsar GitHub Actions workflows.
>
> The Dependency Check maven plugin will download the NVD database which ta
Hi,
In Apache Pulsar, we use the OWASP Dependency-Check maven plugin to report
vulnerabilities in dependencies in apache/pulsar GitHub Actions workflows.
The Dependency Check maven plugin will download the NVD database which takes a
long time. In Apache Pulsar GitHub Actions workflows, we cach