You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@bookkeeper.apache.org by GitBox <gi...@apache.org> on 2022/03/10 08:22:58 UTC

[GitHub] [bookkeeper] eolivelli commented on pull request #3084: Upgrade ZooKeeper dependency to 3.8.0

eolivelli commented on pull request #3084:
URL: https://github.com/apache/bookkeeper/pull/3084#issuecomment-1063789689


   @dlg99 
   
   regarding OWASP we can follow this discussion
   https://github.com/apache/pulsar/pull/14630
   
   basically there are false positives about "Jetty" that the OWASP checker reports in zookeeper jars
   
   in ZooKeeper project we added these exclusions
   https://github.com/apache/zookeeper/commit/3004c909b78b3056985c8e39925e14bde3baa430
   
   
   Regarding the LICENSE check...my Gradle Fu is very weak and I am not able to tell Gradle to fully exclude LogBack and fix the package.
   
   Any suggestion is really appreciated


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@bookkeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org