ekaterinadimitrova2 commented on code in PR #2470:
URL: https://github.com/apache/cassandra/pull/2470#discussion_r1255875238
##########
.build/dependency-check-suppressions.xml:
##########
@@ -49,12 +49,6 @@
<packageUrl
regex="true">^pkg:maven/net\.openhft/chronicle\-wire@.*$</packageUrl>
<cpe>cpe:/a:wire:wire</cpe>
</suppress>
- <suppress>
Review Comment:
Yes, this one was an interesting case. Google engineers first considered it
as not a meaningful thing to fix. They just deprecated it and asked people to
use Java.nio if they need a more secure way. So I was considering a checkstyle
rule for the Cassandra codebase (some time ago, this was suppressed, and we
used the method in testing). But then it seems too many people complained, and
eventually, the team fixed the method, and here we are. :-)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
