You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by "uschindler (via GitHub)" <gi...@apache.org> on 2023/06/07 20:16:30 UTC

[GitHub] [solr] uschindler commented on a diff in pull request #1653: Update dependency commons-io:commons-io to v2.12.0

uschindler commented on code in PR #1653:
URL: https://github.com/apache/solr/pull/1653#discussion_r1222109675


##########
gradle/validation/forbidden-apis.gradle:
##########
@@ -49,11 +49,6 @@ allprojects { prj ->
           logger.debug("Signature file omitted (does not exist): ${sig}")
         }
       }
-      
-      // commons-io is special: forbiddenapis has a versioned bundledSignature.
-      bundledSignatures += resolvedMods
-        .findAll { id -> id.group == 'commons-io' && id.name == 'commons-io' }
-        .collect { id -> "${id.name}-unsafe-${id.version}" as String }

Review Comment:
   Hi, the new version is to new. Can you open an issue or or for forbiddenapis?
   
   As workaround the easiest would be to use the 2.11 signatures file.
   
   I do not see the workaround in this PR... Where is it?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org