LuciferYang commented on PR #39196: URL: https://github.com/apache/spark/pull/39196#issuecomment-1364946474
> @tobiasstadler Hi, I have enabled [SNYK](https://snyk.io) and Github Dependabot on my repo. This way SNYK [are opening PR's](https://github.com/bjornjorgensen/spark/pulls) and [Dependabot are opening issues](https://github.com/bjornjorgensen/spark/security/dependabot). > > Right now, most of these PR's are related to Hadoop 2.7 which we will remove in spark 3.5 or 3.6. > > I also build spark master and scan code with sonar > > [This one is for python and javascript](https://sonarcloud.io/project/issues?resolved=false&id=spark-python) > > [and this is for](https://sonarcloud.io/project/issues?resolved=false&id=sparklocal) java, scala and xml > > CC @panbingkun and @LuciferYang Is the problem detected by sonar worth fixing @bjornjorgensen ? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
