phunt commented on issue #792: ZOOKEEPER-3262 Update dependencies flagged by OWASP report URL: https://github.com/apache/zookeeper/pull/792#issuecomment-459421732 The JIRA makes no mention (nor this PR) of why these changes are being made. Please comment on the PR/jira about the why. Is someone working with the dependency checker folks on the false positives? Also - I'm a bit concerned that we will surpress things and then never come back to them, how will we address that? Should we add a step to the release process at a minimum? (review prior to release) otw looks fine to me.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
