HADOOP-19544. Upgrade to Jackson 2.18.5

[pjfanning]

Description of PR

HADOOP-19544 replacing #7623

How was this patch tested?

For code changes:

• Does the title or this PR starts with the corresponding JIRA issue id (e.g. 'HADOOP-17799. Your PR title ...')?
• Object storage: have the integration tests been executed and the endpoint declared according to the connector-specific documentation?
• If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
• If applicable, have you updated the LICENSE, LICENSE-binary, NOTICE-binary files?

[stoty]

It would be easier to use jackson-bom for version management.

[steveloughran]

or at least define jackson2.databind.version as ${jackson2.version} until some need to actually diverge surfaces again in future

[stoty]

See #8074 for the jackson-bom change.

[steveloughran]

+1 pending that build.

@stoty I see the BOM PR and think we can consider that separately; merge this in and then look at it.

[stoty]

Sure, the BOM change can be done independently either before or after

[pjfanning]

I don't know what happened to https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8070/1/

It looks like it failed but I'm not sure what the issue is.

[stoty]

I have restarted the CI job.
Looks like some transitent Jenkins issue

[hadoop-yetus]

💔 -1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	1m 0s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 1s		codespell was not available.
+0 🆗	detsecrets	0m 1s		detect-secrets was not available.
+0 🆗	xmllint	0m 1s		xmllint was not available.
+0 🆗	shelldocs	0m 1s		Shelldocs was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
-1 ❌	test4tests	0m 0s		The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
			_ trunk Compile Tests _
+0 🆗	mvndep	7m 55s		Maven dependency ordering for branch
+1 💚	mvninstall	28m 41s		trunk passed
+1 💚	compile	18m 41s		trunk passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	compile	18m 44s		trunk passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+1 💚	checkstyle	2m 50s		trunk passed
-1 ❌	mvnsite	9m 19s	/branch-mvnsite-root.txt	root in trunk failed.
+1 💚	javadoc	9m 56s		trunk passed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04
+1 💚	javadoc	9m 5s		trunk passed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
+0 🆗	spotbugs	0m 26s		branch/hadoop-project no spotbugs output file (spotbugsXml.xml)
-1 ❌	spotbugs	2m 35s	/branch-spotbugs-hadoop-yarn-project_hadoop-yarn_hadoop-yarn-common-warnings.html	hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common in trunk has 1100 extant spotbugs warnings.
-1 ❌	spotbugs	41m 29s	/branch-spotbugs-root-warnings.html	root in trunk has 9242 extant spotbugs warnings.
+1 💚	shadedclient	70m 22s		branch has no errors when building and testing our client artifacts.
			_ Patch Compile Tests _
+0 🆗	mvndep	0m 22s		Maven dependency ordering for patch
-1 ❌	mvninstall	6m 53s	/patch-mvninstall-root.txt	root in the patch failed.
-1 ❌	mvninstall	0m 19s	/patch-mvninstall-hadoop-yarn-project_hadoop-yarn_hadoop-yarn-common.txt	hadoop-yarn-common in the patch failed.
-1 ❌	compile	1m 37s	/patch-compile-root-jdkUbuntu-21.0.7+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04.
-1 ❌	javac	1m 37s	/patch-compile-root-jdkUbuntu-21.0.7+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04.
-1 ❌	compile	1m 36s	/patch-compile-root-jdkUbuntu-17.0.15+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04.
-1 ❌	javac	1m 36s	/patch-compile-root-jdkUbuntu-17.0.15+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04.
+1 💚	blanks	0m 0s		The patch has no blanks issues.
-0 ⚠️	checkstyle	1m 9s	/buildtool-patch-checkstyle-root.txt	The patch fails to run checkstyle in root
-1 ❌	mvnsite	1m 10s	/patch-mvnsite-root.txt	root in the patch failed.
+1 💚	shellcheck	0m 0s		No new issues.
-1 ❌	javadoc	1m 31s	/patch-javadoc-root-jdkUbuntu-21.0.7+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04.
-1 ❌	javadoc	1m 29s	/patch-javadoc-root-jdkUbuntu-17.0.15+6-Ubuntu-0ubuntu120.04.txt	root in the patch failed with JDK Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04.
+0 🆗	spotbugs	0m 17s		hadoop-project has no data from spotbugs
-1 ❌	spotbugs	4m 6s	/patch-spotbugs-root.txt	root in the patch failed.
-1 ❌	spotbugs	0m 16s	/patch-spotbugs-hadoop-yarn-project_hadoop-yarn_hadoop-yarn-common.txt	hadoop-yarn-common in the patch failed.
-1 ❌	shadedclient	5m 20s		patch has errors when building and testing our client artifacts.
			_ Other Tests _
-1 ❌	unit	33m 46s	/patch-unit-root.txt	root in the patch failed.
+1 💚	asflicense	0m 48s		The patch does not generate ASF License warnings.
		245m 28s

Reason	Tests
Failed junit tests	hadoop.security.ssl.TestDelegatingSSLSocketFactory

Subsystem	Report/Notes
Docker	ClientAPI=1.52 ServerAPI=1.52 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8070/2/artifact/out/Dockerfile
GITHUB PR	#8070
Optional Tests	dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient codespell detsecrets xmllint spotbugs checkstyle shellcheck shelldocs
uname	Linux cb4871ac3cd3 5.15.0-153-generic #163-Ubuntu SMP Thu Aug 7 16:37:18 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/bin/hadoop.sh
git revision	trunk / 4bc142b
Default Java	Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Multi-JDK versions	/usr/lib/jvm/java-21-openjdk-amd64:Ubuntu-21.0.7+6-Ubuntu-0ubuntu120.04 /usr/lib/jvm/java-17-openjdk-amd64:Ubuntu-17.0.15+6-Ubuntu-0ubuntu120.04
Test Results	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8070/2/testReport/
Max. process+thread count	3143 (vs. ulimit of 5500)
modules	C: hadoop-project . hadoop-yarn-project/hadoop-yarn/hadoop-yarn-common U: .
Console output	https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-8070/2/console
versions	git=2.25.1 maven=3.9.11 spotbugs=4.9.7 shellcheck=0.7.0
Powered by	Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

[steveloughran]

TestDelegatingSSLSocketFactory.testOpenSSL failure unrelated; #8071 fixes it. I just want a complete build there before the merge (it's already approved).

[ayushtkn]

@pjfanning I think the patch is failing compilation

ERROR] Failed to execute goal on project hadoop-hdfs-client: Could not resolve dependencies for project org.apache.hadoop:hadoop-hdfs-client:jar:3.5.0-SNAPSHOT
[ERROR] dependency: javax.xml.bind:jaxb-api:jar:2.3.9 (test)
[ERROR] 	javax.xml.bind:jaxb-api:jar:2.3.9 was not found in https://repository.jboss.org/nexus/content/groups/public/ during a previous attempt. This failure was cached in the local repository and resolution is not reattempted until the update interval of repository.jboss.org has elapsed or updates are forced
[ERROR] 	javax.xml.bind:jaxb-api:jar:2.3.9 was not found in https://repo.maven.apache.org/maven2 during a previous attempt. This failure was cached in the local repository and resolution is not reattempted until the update interval of central has elapsed or updates are forced
[ERROR] -> [Help 1]

can you check once

[pjfanning]

@ayushtkn looks like this PR is affected by HADOOP-19674

I'll see if it can be fixed

[pjfanning]

I'll reopen this when the solution to https://issues.apache.org/jira/browse/HADOOP-19746 is merged

[steveloughran]

What do we do on a backport to branch-3.4 here? same PR is good?

[steveloughran]

what triggers this? I'm worried about transitive complications.

Is there a jackson issue we could link to in the release notes to warn/explain?

[pjfanning]

I have no idea what is causing this.

[pjfanning]

What do we do on a backport to branch-3.4 here? same PR is good?

I wouldn't aim to backport this to 3.4.

[steveloughran]

LGTM
+1