senthh commented on PR #11957: URL: https://github.com/apache/hudi/pull/11957#issuecomment-2359874250
> Thanks for your first contribution. Could you check if you can exclude the dependency in the bundle directly? Yes @yihua I tried excluding directly, but I wanted to do very minimal change so that actual functionality should not break. So found removing meta info is sufficient to get rid of critical CVE issue . I welcome your alternate suggestion for fixing this issue. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
