ZuhairORZaki commented on PR #36469: URL: https://github.com/apache/airflow/pull/36469#issuecomment-1873233638
> So maybe @ZuhairORZaki -> treat this one as exercise. If you can make the tool works by generating such exploitation scenario, this is probably something you can report. If you cannot generate such exploitation scenario, it's probably not reportable as security bug. > > Ideally also if such a tool could generate not only the proposal how to fix things, a unit test that fixes it as well - that would become really useful. Other than that it mostly adds work with very limited value, and distracts from real issues, which makes the tool far too noisy to be useful Will keep those in mind Thank you for being patient with me. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
