Skip to content

Add security report page on the website #2538

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 17, 2025
Merged

Add security report page on the website #2538

merged 1 commit into from
Sep 17, 2025

Conversation

@jbonofre
Copy link
Member

@jbonofre jbonofre commented Sep 10, 2025

This closes #2521

This page is good to have to improve Polaris Maturity Model.

@github-project-automation github-project-automation bot moved this to PRs In Progress in Basic Kanban Board Sep 10, 2025
adutra
adutra previously approved these changes Sep 10, 2025
View reviewed changes
@github-project-automation github-project-automation bot moved this from PRs In Progress to Ready to merge in Basic Kanban Board Sep 10, 2025
dimas-b
dimas-b previously approved these changes Sep 10, 2025
View reviewed changes
dimas-b
dimas-b reviewed Sep 10, 2025
View reviewed changes
@jbonofre jbonofre dismissed stale reviews from dimas-b and adutra via fc11ebf September 10, 2025 15:53
snazy
snazy previously approved these changes Sep 10, 2025
View reviewed changes
flyrain
flyrain reviewed Sep 10, 2025
View reviewed changes
dimas-b
dimas-b previously approved these changes Sep 10, 2025
View reviewed changes
flyrain
flyrain previously approved these changes Sep 14, 2025
View reviewed changes
@jbonofre jbonofre dismissed stale reviews from flyrain, dimas-b, and snazy via f11e8f5 September 17, 2025 08:43
snazy
snazy reviewed Sep 17, 2025
View reviewed changes
snazy
snazy approved these changes Sep 17, 2025
View reviewed changes
Copy link
Member

@snazy snazy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Take care wrt to your other PR (better rebase and adjust the weights)

@jbonofre jbonofre merged commit 5b3374a into apache:main Sep 17, 2025
14 checks passed
@github-project-automation github-project-automation bot moved this from Ready to merge to Done in Basic Kanban Board Sep 17, 2025
@jbonofre jbonofre deleted the security-report branch September 17, 2025 15:32
snazy added a commit to snazy/polaris that referenced this pull request Nov 20, 2025
@snazy @dimas-b
@clayburn @morningman @singhpk234 @MonkeyCanCode @renovate-bot @adam-christian-software @jbonofre
Dremio merge 2025 09 17 18 51 (apache#119)
ec64c46 
* Avoid exceptions on ETag matches (apache#2578)

Exceptions have runtime overhead, which is avoidable in this case.

* Publish build scans to develocity.apache.org for build insights (apache#2559)

* Site: add a blog for apache doris and polaris integration (apache#2571)

* Bump: iceberg 1.10 (apache#2586)

* Python client: add license check (apache#2580)

* Python client: add license check

* Python client: add license check

* Python client: add license check

* test

* Enable license check

* Fix license check for cryptography (apache#2591)

* Update plugin com.gradle.common-custom-user-data-gradle-plugin to v2.4.0 (apache#2582)

* Update plugin com.gradle.develocity to v4.2 (apache#2583)

* Build: remove unnecessary openapigenerator plugin usages (apache#2592)

* docs(changelog): Update the Changelog with 1.0.1, 1.0.0, & 0.9.0 Releases (apache#2587)

* Revert "Update plugin com.gradle.develocity to v4.2 (apache#2583)" (apache#2594)

This reverts commit 8cc0fad, build scans are not published to the ASF Develocity instance.

* Add security report page on the website (apache#2538)

This closes apache#2521

* CI: Fix Gradle cache usages (apache#2593)

The GH action `ci-incr-build-cache-prepare` calls the `setup-gradle` action with the "right" parameters, so the call of `setup-gradle` in jobs that use `ci-incr-build-cache-prepare` is superfluous. But this also renders the caching ineffective as `setup-gradle` is called w/o `cache-read-only: true` in "child jobs", which then attempt to store their Gradle cache contents. This leads to attempty storing the Gradle cache in `Post Setup Gradle` steps of the "child" jobs, conflicting with other child jobs and also conflicting with `Store Gradle Cache` purpose.

"Which cache" is then restored, is rather non-deterministic, but almost always at least "partial" leading to unnecessary (re)builds.

* Last merged commit f3d53f0

---------

Co-authored-by: Dmitri Bourlatchkov <dmitri.bourlatchkov@gmail.com>
Co-authored-by: Clay Johnson <cjohnson@gradle.com>
Co-authored-by: Mingyu Chen (Rayner) <yunyou@selectdb.com>
Co-authored-by: Prashant Singh <35593236+singhpk234@users.noreply.github.com>
Co-authored-by: Yong Zheng <yongzheng0809@gmail.com>
Co-authored-by: Mend Renovate <bot@renovateapp.com>
Co-authored-by: Adam Christian <105929021+adam-christian-software@users.noreply.github.com>
Co-authored-by: JB Onofré <jbonofre@apache.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@snazy snazy snazy approved these changes

@adutra adutra Awaiting requested review from adutra

@dimas-b dimas-b Awaiting requested review from dimas-b

@flyrain flyrain Awaiting requested review from flyrain

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Provide documentation on the website how to report security issue

5 participants

@jbonofre @adutra @snazy @flyrain @dimas-b