New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE fix #656
CVE fix #656
Conversation
@@ -70,10 +72,27 @@ | |||
<repository> | |||
<id>confluent</id> | |||
<name>Confluent</name> | |||
<url>${confluent.maven.repo}</url> | |||
<url>https://packages.confluent.io/maven/</url> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
property definition for confluent.maven.repo is no longer needed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM post testing on docker playground.
Is there a reason to go with this scope limited fix instead of #652 ? |
@janjwerner-confluent |
|
Problem
https://confluentinc.atlassian.net/browse/CC-18965
https://confluentinc.atlassian.net/browse/CCMSG-2266
https://confluentinc.atlassian.net/browse/CCMSG-2248
Twistlock scan link: https://twistlock.tools.confluent-internal.io/#!/monitor/vulnerabilities/images/ci?search=Confluent%20Public%20Repo%20PR%20builder%2Fkafka-connect-hdfs%2FPR-656
Does this solution apply anywhere else?
If yes, where?
Test Strategy
Testing done:
Release Plan