[GitHub] [pulsar] alexku7 added a comment to the discussion: Automated security and update routine before every release

[GitBox <gi...@apache.org>]

GitHub user alexku7 added a comment to the discussion: Automated security and update routine before every release

Hello guys

We try to certify the pulsar according the few security standards .
We scanned the pulsar image 2.7.0 by  WhiteSource 
Unfortunately  , 167 high risk CVE have be discovered in the 55 outdated libraries that were marked is High risk vulnerable .


It's "bit" makes our effort to certify the pulsar for the highly secured production environment to be complicated :disappointed:

On the other hand , there is  the opened issue about automated security scanning.

Any change to move this issue forward or at least t upgrade the outdated libraries with high risk?
Could make significant boost to adoption the pulsar by many security regulated environments 

GitHub link: https://github.com/apache/pulsar/discussions/19093#discussioncomment-4508902

----
This is an automatically sent email for commits@pulsar.apache.org.
To unsubscribe, please send an email to: commits-unsubscribe@pulsar.apache.org