The GitHub Actions job "CodeQL" on airflow.git/add-description-on-handling-3rd-party-dependencies has succeeded. Run started by GitHub user potiuk (triggered by potiuk).
Head commit for run: fcecb1f0033f9fe788dec767b992246ffdd53e23 / Jarek Potiuk <[email protected]> Add description on how 3rd-party dependency security issues are handled Our users seem to not have a good idea on how 3rd-party dependencies are handled and how they should approach it and open issues that are often closed and we need to explain them what is expected of them - they have pretty unrealistic expecations that every single CVE in every single dependency will be addressed when they open an issue. This description clarifies how handling of 3rd-party dependency issues should be done and what are responsibilities and expectations of the users, and what they can expect from the maintainers. This will help us to direct such users to this process without spending our time on explaining it over and over again. Apply suggestions from code review Co-authored-by: Jens Scheffler <[email protected]> Report URL: https://github.com/apache/airflow/actions/runs/22041819797 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
