exceptionfactory commented on PR #8111: URL: https://github.com/apache/nifi/pull/8111#issuecomment-1839962723
Thanks for the thoughtful reply @hawko2600, on further review, referencing that post was short-sighted on my part. The list of vulnerabilities claim caught my eye as unsubstantiated, but I should have taken a closer look at the other claims. I also should have taken a closer at the liberica-openjdk-alpine image description, noting the glibc base instead of musl, which I expected from other Alpine containers. I see from the the [image tag details](https://hub.docker.com/layers/bellsoft/liberica-openjdk-alpine/21/images/sha256-1b160fcd879e0d7e310773aa42f3b59fa8d907c4a1a50c64c18d822541d2da93?context=explore) that this does indeed use the glibc base. This is a good example of where having a more thorough background on the change would be helped provide a better initial evaluation. If you are still willing to put time into this, I would be glad to revisit the changes. As mentioned initially, if you can create a Jira issue for tracking, that would also help capture the background rationale, and importance of the fact that this Alpine image is based on glibc as opposed to musl. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
