kevinjqliu opened a new pull request, #16962:
URL: https://github.com/apache/iceberg/pull/16962

   This is a draft test PR to validate the CVE scan GitHub Actions UI.
   
   What changed:
   - Keep the Trivy scan step green so it can generate SARIF.
   - Move the PR-blocking failure into the reporting step that prints the 
actionable CVE findings.
   - Remove the Spark 3.5 Jackson CVE ignore entries on this test branch only, 
so the PR run should produce a predictable CVE scan failure.
   
   Validation before opening the PR:
   - `git diff --check`
   - YAML parse of `.github/workflows/cve-scan.yml`
   - Synthetic SARIF report-step harness for no-findings PR, findings PR, and 
findings push cases
   
   This PR is intentionally expected to fail the CVE Scan job. The goal is to 
verify whether GitHub opens the `Report Trivy scan results` step and shows the 
PR annotation clearly.
   
   ---
   **AI Disclosure**
   - Model: GPT-5 Codex
   - Platform/Tool: Codex
   - Human Oversight: partially reviewed
   - Prompt Summary: Improve and test the Apache Iceberg CVE scan GitHub 
Actions PR failure UI.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to