elharo commented on PR #28: URL: https://github.com/apache/maven-deploy-plugin/pull/28#issuecomment-1559087967
Not sure what CVEs has to do with anything. We absolutely do **NOT** want to address CVEs with the same pom.xml. A fix for a CVE should and MUST have a new version so it can be clearly distinguished which version is in use and whether it's vulnerable or not. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
