-
It's being inherited from `log4j-bom`. In 3.2.x (Log4j 2.21), it's contributing management for the following dependencies:
- `biz.aQute.bnd:biz.aQute.bnd.annotation:6.4.1`
- `com.github.spotbugs:s…
-
I have a couple of questions around dependency management:
1. The `org.example.gradle.base.dependency-rules` plugin references the `versions` platform project, but in turn the `versions` project in…
-
### Task Title
Pip to Poetry
### Task Description
將 PIP 管理移至 Poetry。
效益:
1. 提升依賴管理風險
2. 整合虛擬環境
3. 統一工具,像是 virtualenv、pip 等
### Skills Required
1. 熟悉 Poetry
2. 改變 Dockerfile
-
**Reason:** The project uses [Rush](https://rushjs.io/) for the backend part. The frontend part was moved into another repository, but the code was kept in the backend repo (see above).
This makes us…
-
Add dependency management tools like requirements.txt or pyproject.toml
-
I was going to file an issue about the dependencies missing from requirements.txt, but then I saw your post showing an Arch CLI command installing that other set of dependencies. Maybe you have a good…
-
**Is your feature request related to a problem? Please describe.**
When working with azure-sdk's BOM, there are different versions of com.microsoft.azure:msal4j being imported.
[azure-sdk-bom](https:…
-
Currently when instantiating `S3SeekableInputStream` and `LogicalIoFactory` we create `ParquetColumnPrefetchStore`, even though this may not be required if we are not further reading parquet files.
…
-
### Description
Right now our hand written script with checksums work but we might want to consider https://github.com/jdx/mise for these things.
-
/kind feature
**Describe the solution you'd like**
After a brief review of the vulnerabilities in an SCA scan, I'm curious if SCA scanning takes place for this repo? Using one SCA tool, 16 critica…