Looks good to me. The PR is merged. Thanks Xinyu!
Haonan On 2026/01/07 14:04:57 Xinyu Tan wrote: > Hi all, > > I would like to invite the community to review the following PR: > > https://github.com/apache/iotdb/pull/16995 > > This PR backports and applies several workflow improvements that were > previously reviewed and validated through the Apache Ratis community (Ratis > PR #1328) into the IoTDB vulnerability-check workflow. > > The changes include: > - Simplified workflow configuration (single runner, consolidated steps) > - Enhanced configuration (conditional execution for scheduled scans, support > for NVD API key) > - Improved naming and explicit permissions for clearer semantics and > least-privilege policy > - More consistent use of Maven arguments > > These refinements aim to make the weekly CVE scanning workflow more > maintainable, secure, and clearer in intent. The behavior from a user > perspective is not affected by these changes; the focus is on CI/workflow > robustness and clarity. > > I’d appreciate any feedback, questions, or suggestions on the design, > implementation, and workflow logic before we merge this. > > Thanks in advance for your time and review! > > Best regards, > Xinyu >
