bureado opened a new issue, #327: URL: https://github.com/apache/pulsar-client-cpp/issues/327
### Search before asking - [X] I searched in the [issues](https://github.com/apache/pulsar-client-cpp/issues) and found nothing similar. ### Version Current main ### Minimal reproduce step From a dry read of https://github.com/apache/pulsar-client-cpp/blob/5c77648d0029c4b11e0e062ab73474368ecc0e87/pkg/apk/Dockerfile#L105, a hardcoded version of `curl`, currently 7.85.0 per https://github.com/apache/pulsar-client-cpp/blob/5c77648d0029c4b11e0e062ab73474368ecc0e87/dependencies.yaml#L27, will make it into a container image used in the build process. ### What did you expect to see? I'm raising this to your attention due to https://github.com/curl/curl/discussions/12026 in case that's a release that you find necessary to track for security purposes. ### What did you see instead? It appears like using a package manager to use the latest libcurl from an OS vendor will not suffice in this scenario since https://github.com/apache/pulsar-client-cpp/blob/5c77648d0029c4b11e0e062ab73474368ecc0e87/dependencies.yaml#L27 is looked up by a helper script. ### Anything else? _No response_ ### Are you willing to submit a PR? - [ ] I'm willing to submit a PR! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
