You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@solr.apache.org by GitBox <gi...@apache.org> on 2023/01/12 14:58:58 UTC

[GitHub] [solr-site] janhoy commented on pull request #86: Share dependency vulnerability info

janhoy commented on PR #86:
URL: https://github.com/apache/solr-site/pull/86#issuecomment-1380504219

   > Not sure it makes sense to integrate those exclusions here as well - but something to keep in mind.
   
   Would be nice if we could maintain one vex file that could be used both at this website as well as to mute false positives in owasp.
   
   And I guess the idea is that anyone could download our vex file, and use it to "tame" the output of their own scanners so they get a much smaller output that is not yet vetted..


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org