sdedic opened a new pull request, #6972: URL: https://github.com/apache/netbeans/pull/6972
The ADM vulnerability support reports were not complete. For a given vulnerable artifact (group:artifact:version), SOME location where it was used (or recursively included by other artifact) was reported. All paths - direct dependencies that introduce the vulnerable piece (although recursively) should be reported IMHO. This PR changes the processing, so it reports all occurrences of a vulnerability. A related patch in the LSP TextDocumentServiceImpl is related to #6971, which I hope will be fixed in NB22: a workaround that allows to embed an unique ID into the diagnostic code intended originally to be reported in client. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
