eolivelli commented on pull request #3084: URL: https://github.com/apache/bookkeeper/pull/3084#issuecomment-1063789689
@dlg99 regarding OWASP we can follow this discussion https://github.com/apache/pulsar/pull/14630 basically there are false positives about "Jetty" that the OWASP checker reports in zookeeper jars in ZooKeeper project we added these exclusions https://github.com/apache/zookeeper/commit/3004c909b78b3056985c8e39925e14bde3baa430 Regarding the LICENSE check...my Gradle Fu is very weak and I am not able to tell Gradle to fully exclude LogBack and fix the package. Any suggestion is really appreciated -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
