epugh commented on PR #4566: URL: https://github.com/apache/solr/pull/4566#issuecomment-4834542717
@janhoy this is very cool (and ignore my comment on another PR about renovatebot and grouping upgrades), because this is totally what I was asking for. One side effect of doing a bulk upgrade like this is that it might then be a good chance to recheck all our VEX statements. I assume you used some prompts and AI to drive this process? I could imagine a prompt that was "Please look at all the changes in pr 4566 and compare the dependency updates with our `./solr/vex` statements and identify which VEX statements could potentially be updated to reflect that the next SOlr version is no longer vulnerable'. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
