kevinjqliu opened a new pull request, #16962: URL: https://github.com/apache/iceberg/pull/16962
This is a draft test PR to validate the CVE scan GitHub Actions UI. What changed: - Keep the Trivy scan step green so it can generate SARIF. - Move the PR-blocking failure into the reporting step that prints the actionable CVE findings. - Remove the Spark 3.5 Jackson CVE ignore entries on this test branch only, so the PR run should produce a predictable CVE scan failure. Validation before opening the PR: - `git diff --check` - YAML parse of `.github/workflows/cve-scan.yml` - Synthetic SARIF report-step harness for no-findings PR, findings PR, and findings push cases This PR is intentionally expected to fail the CVE Scan job. The goal is to verify whether GitHub opens the `Report Trivy scan results` step and shows the PR annotation clearly. --- **AI Disclosure** - Model: GPT-5 Codex - Platform/Tool: Codex - Human Oversight: partially reviewed - Prompt Summary: Improve and test the Apache Iceberg CVE scan GitHub Actions PR failure UI. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
