epugh commented on PR #4566:
URL: https://github.com/apache/solr/pull/4566#issuecomment-4834542717

   @janhoy this is very cool (and ignore my comment on another PR about 
renovatebot and grouping upgrades), because this is totally what I was asking 
for.   One side effect of doing a bulk upgrade like this is that it might then 
be a good chance to recheck all our VEX statements.   I assume you used some 
prompts and AI to drive this process?   I could imagine a prompt that was 
"Please look at all the changes in pr 4566 and compare the dependency updates 
with our `./solr/vex` statements and identify which VEX statements could 
potentially be updated to reflect that the next SOlr version is no longer 
vulnerable'.   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to