damccorm commented on PR #27594: URL: https://github.com/apache/beam/pull/27594#issuecomment-1664412582
As mentioned in https://github.com/apache/beam/pull/27239, I don't think we need another security scanning tool, we already have dependabot and some automated gradle scanning. If you think that's insufficient and semgrep adds a lot of functionality, please send a proposal for this change to `[email protected]` with a short explanation of the change and why you think it is needed. Please don't open another PR for this without more justification of why we need this -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
