Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ISS-924 Add Dependency FAQ #186

Merged
merged 2 commits into from
Aug 9, 2024
Merged

ISS-924 Add Dependency FAQ #186

merged 2 commits into from
Aug 9, 2024

Conversation

dhafley
Copy link
Contributor

@dhafley dhafley commented Aug 8, 2024
edited
Loading

/close #work

@dhafley
Copy link
Contributor Author

dhafley commented Aug 8, 2024

/close iss-925

drdavella
drdavella requested changes Aug 8, 2024
View reviewed changes
docs/faqs.md Outdated Show resolved Hide resolved
@dhafley @drdavella
Update docs/faqs.md
2387451 
Co-authored-by: Dan D'Avella <[email protected]>
gilday
gilday approved these changes Aug 9, 2024
View reviewed changes
docs/faqs.md
@@ -39,3 +39,11 @@ See our [Preferences](configuring.md#configuring-automatic-formatting) page for
### Where can I learn more and discuss Pixeebot?

Users can join the Pixee community [on Slack](https://join.slack.com/t/openpixee/shared_invite/zt-1pnk7jqdd-kfwilrfG7Ov4M8rorfOnUA). This channel can be used to engage with peers who are also interested in Pixee. Feel free to email us at [email protected] with any questions or comments.

### Why does pixee sometimes add new dependencies to my project?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Uppercase Pixee for consistency

docs/faqs.md

### Why does pixee sometimes add new dependencies to my project?

We always prefer to use existing controls built into a language, or a control from a well-known and trusted community dependency. When this is not an option, we add our own open source dependency to the project to ensure maximum readability and maintainability. All dependencies utilize permissive open-source licenses.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider expanding on "when this is not an option". Why is not an option? Maybe "when no such dependency exists that meets that criteria"

docs/faqs.md

We always prefer to use existing controls built into a language, or a control from a well-known and trusted community dependency. When this is not an option, we add our own open source dependency to the project to ensure maximum readability and maintainability. All dependencies utilize permissive open-source licenses.

Learn more about the [Java Security Toolkit (io.github.pixee.java-security-toolkit) on Maven Central](https://central.sonatype.com/artifact/io.github.pixee/java-security-toolkit/overview).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's another Java toolkit we maintain specifically for xstream.

@dhafley dhafley merged commit 2591790 into main Aug 9, 2024
3 checks passed
@dhafley dhafley deleted the iss-924 branch August 9, 2024 12:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@drdavella drdavella drdavella approved these changes

@gilday gilday gilday approved these changes

@citizenjosh citizenjosh Awaiting requested review from citizenjosh

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dhafley @gilday @drdavella