Skip to content

HDDS-5083. Bump version of common-compress #2139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
elek merged 5 commits into from
Apr 22, 2021
Merged

HDDS-5083. Bump version of common-compress #2139

elek merged 5 commits into from
Apr 22, 2021

Conversation

@elek
Copy link
Member

@elek elek commented Apr 9, 2021
edited
Loading

JIRA: https://issues.apache.org/jira/browse/HDDS-5083

What changes were proposed in this pull request?

This is similar to #2131. Based on my understanding Ozone is not affected by the reported CVE-2018-11771

But as it's very cheap to bump the version, it can be better to do it (and avoid the false-positive notification from the security scanners)

How was this patch tested?

Full CI test.

@elek elek changed the title Bump version of common-compress HDDS-5083. Bump version of common-compress Apr 9, 2021
@mukul1987
Copy link
Contributor

mukul1987 commented Apr 9, 2021

#1617 fixes a buffer overflow, I guess the PR number is wrong here :)

@elek elek changed the base branch from common-compress-bump to master April 9, 2021 13:30
@elek
Copy link
Member Author

elek commented Apr 9, 2021

Ups, thanks for the notification. You are right, I mean #2131 (guava update)

adoroszlai
adoroszlai approved these changes Apr 20, 2021
View reviewed changes
Copy link
Contributor

@adoroszlai adoroszlai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @elek for the bump. Note that commons-compress no longer pulls org.tukaani:xz, so it may be removed from the license.

@elek
Copy link
Member Author

elek commented Apr 21, 2021

so it may be removed from the license.

Good point. I am planning to create a simple check to void some mistakes. I think we can commit the current list of the jars and compare it during the build. (Similar to the proto dependency check).

Will create a PR soon based on this experiment: elek@2dc476e (if it works on the fork)

@elek
Copy link
Member Author

elek commented Apr 22, 2021

Merging it after the green build. Thanks the review @adoroszlai

@elek elek merged commit f2ff682 into apache:master Apr 22, 2021
@elek elek mentioned this pull request Apr 23, 2021
Merged
@elek elek mentioned this pull request Apr 29, 2021
Merged
errose28 added a commit to errose28/ozone that referenced this pull request May 4, 2021
@errose28
Merge remote-tracking branch 'upstream/master' into HDDS-3698-nonroll…
253cc55 
…ing-upgrade-master-merge2

* upstream/master: (56 commits)
  HDDS-2212. Genconf tool should generate config files for secure clust… (apache#1788)
  HDDS-5166. Remove duplicate assignment of OZONE_OPTS for freon and sh (apache#2195)
  Revert "HDDS-5144. Create github check to alert when dependency tree is changed (apache#2177)"
  HDDS-4983. Display key offset for each block in command key info (apache#2051)
  HDDS-5144. Create github check to alert when dependency tree is changed (apache#2177)
  HDDS-4585. Support bucket acl operation in S3g (apache#1701)
  HDDS-5153. Decommissioning a dead node should complete immediately (apache#2190)
  HDDS-5147. Intermittent test failure in TestContainerDeletionChoosingPolicy#testRandomChoosingPolicy (apache#2188)
  HDDS-5152. Fix Suggested leader in Client. (apache#2189)
  HDDS-5148. Bump ratis version to 2.1.0-ff8aa66-SNAPSHOT (apache#2184)
  HDDS-4515. Datanodes should be able to persist and load CRL (apache#2181)
  HDDS-5060. [SCM HA Security] Make InterSCM grpc channel secure. (apache#2187)
  HDDS-5051. Ensure failover to suggested leader if any for NotLeaderException. (apache#2141)
  HDDS-5127. Fix getServiceList when SCM HA is enabled (apache#2173)
  HDDS-4889. Add simple CI check for docs (apache#2156)
  HDDS-5131. Use timeout in github actions (apache#2176)
  HDDS-5103. Fix Install Snapshot Mechanism in SCMStateMachine. (apache#2155)
  HDDS-5124. Use OzoneConsts.OZONE_TIME_ZONE instead of "GMT" (apache#2166)
  HDDS-5047. Refactor Pipeline to use ReplicationConfig instead of factor/type (apache#2096)
  HDDS-5083. Bump version of common-compress (apache#2139)
  ...

Conflicts:
	hadoop-hdds/common/pom.xml
	hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/OzoneConfigKeys.java
	hadoop-hdds/common/src/main/java/org/apache/hadoop/ozone/OzoneConsts.java
	hadoop-hdds/container-service/src/main/java/org/apache/hadoop/ozone/HddsDatanodeService.java
	hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/node/SCMNodeManager.java
	hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/pipeline/PipelineManager.java
	hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/SCMStorageConfig.java
	hadoop-hdds/server-scm/src/main/java/org/apache/hadoop/hdds/scm/server/StorageContainerManager.java
	hadoop-hdds/server-scm/src/test/java/org/apache/hadoop/hdds/scm/node/TestSCMNodeManager.java
	hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/MiniOzoneClusterImpl.java
	hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OMStorage.java
	hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
	hadoop-ozone/recon/src/main/java/org/apache/hadoop/ozone/recon/scm/ReconStorageContainerManagerFacade.java
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adoroszlai adoroszlai adoroszlai approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@elek @mukul1987 @adoroszlai