RobertIndie commented on PR #15064: URL: https://github.com/apache/pulsar/pull/15064#issuecomment-1098814307
The `openmldb-jdbc` depends on log4j 1.x and it causes the OWASP dependency check to fail. We need a new release of openmldb-jdbc to fix this security issue. This PR disables OWASP check for the opemmldb connector for now. And it will be reenabled until this security issue has been fixed. Besides, the [current owasp dependency check failure](https://github.com/apache/pulsar/runs/6018518487?check_suite_focus=true) is not related to this PR. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
