Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Suppress okio-fakefilesystem vulnerability: CVE-2023-3635 #17479

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Suppress okio-fakefilesystem vulnerability: CVE-2023-3635 #17479

wants to merge 1 commit into from

Conversation

Akshat-Jain
Copy link
Contributor

Description

This PR suppresses CVE-2023-3635 for okio-fakefilesystem dependency, which is a compile-time dependency for software.amazon.glue:schema-registry-serde.

This PR has:

  • been self-reviewed.
  • added documentation for new or modified features or behaviors.
  • a release note entry in the PR description.
  • added Javadocs for most classes and all non-trivial methods. Linked related entities via Javadoc links.
  • added or updated version, license, or notice information in licenses.yaml
  • added comments explaining the "why" and the intent of the code wherever would not be obvious for an unfamiliar reader.
  • added unit tests or modified existing tests to cover new code paths, ensuring the threshold for code coverage is met.
  • added integration tests.
  • been tested in a test Druid cluster.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@findingrish findingrish findingrish approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Akshat-Jain @findingrish