Hi, all!
Can we fix those security issues or set it to low priority issue to fix,elasticJob-UI is quite useful for monitoring the elastic job,such as trigging stop/running job or change cron without redeploy service from elasticJob-UI. Sincerely, MingJunDuan(From oppo FinTech team) At 2022-02-03 11:34:48, "zhangli...@apache.org" <zhangli...@apache.org> wrote: >Hi team, > >We received serval security issues report in ShardingSphere ElasticJob-UI. > >As you know, The ShardingSphere ElasticJob-UI is for LAN only. We may not >need to care about the security issue here. >The UI is an optional tool, all ShardingSphere committers are >backend background, they are not familiar with frontend. > >Some security teams only care about CVE as their result, but do not care >about the real usage. It really trouble us. > >The team wants to spend time on more meaningful things, so I want to >discuss the necessity of ShardingSphere ElasticJob-UI. It looks like we'd >better to remove it from ShardingSphere ElasticJob, > >What do you think? > >------------------ > >Sincerely, >Liang Zhang (John) >Apache ShardingSphere
