GitHub user hpvd added a comment to the discussion: Arguments for "why pulsar is secure?"
before writing this issue, I had a conversation with Apache Security team, that it is no problem to contribute this as normal issue: > we'd warmly welcome .... if you'd contribute this finding as a normal bug > report and/or patch to the project. Since outdated dependencies > without further analysis are quite public, there is no need to use this > private reporting mechanism in that case. GitHub link: https://github.com/apache/pulsar/discussions/18754#discussioncomment-4321237 ---- This is an automatically sent email for dev@pulsar.apache.org. To unsubscribe, please send an email to: dev-unsubscr...@pulsar.apache.org
