elharo commented on PR #88: URL: https://github.com/apache/maven-build-cache-extension/pull/88#issuecomment-1695546079
In the short term I'm OK with slf4j-simple but logback should never have been added. It's needless dependency bloat, and every extra dependency is a security risk. In the long term, nothing beyond the JDK is needed, nor has been since Java 1.4. I don't think it's a good idea to commit changes without going through PRs and code review. I would have approved https://github.com/apache/maven-build-cache-extension/commit/3b318bbed14703f5d9a539017baefa1060af0310 if it had been sent through the usual process, but the process should be followed. Ideally the repo should be configured to prevent accidental and deliberate pushes to master. I know I've fumble fingered that one more than once by editing on master when I thought I was on a branch,. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
