Skip to content

[SPARK-41695][BUILD][3.3] Upgrade netty to 4.1.86.Final #39196

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
tobiasstadler wants to merge 1 commit into from
Closed

[SPARK-41695][BUILD][3.3] Upgrade netty to 4.1.86.Final #39196

tobiasstadler wants to merge 1 commit into from

Conversation

@tobiasstadler
Copy link
Contributor

@tobiasstadler tobiasstadler commented Dec 23, 2022

What changes were proposed in this pull request?

Upgrade netty to 4.1.86.Final;

I cherry-picked

Why are the changes needed?

CVEs

Does this PR introduce any user-facing change?

No

How was this patch tested?

CI

@bjornjorgensen
Copy link
Contributor

bjornjorgensen commented Dec 24, 2022

Change [SPARK-41695][BUILD] Upgrade netty to 4.1.86.Final to [SPARK-41695][BUILD][3.3] Upgrade netty to 4.1.86.Final

@tobiasstadler tobiasstadler changed the title [SPARK-41695][BUILD] Upgrade netty to 4.1.86.Final [SPARK-41695][BUILD][3.3] Upgrade netty to 4.1.86.Final Dec 24, 2022
@AmplabJenkins
Copy link

AmplabJenkins commented Dec 24, 2022

Can one of the admins verify this patch?

dongjoon-hyun
dongjoon-hyun requested changes Dec 24, 2022
View reviewed changes
Copy link
Member

@dongjoon-hyun dongjoon-hyun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Does this affect Apache Spark technically, @tobiasstadler ?

@bjornjorgensen
Copy link
Contributor

bjornjorgensen commented Dec 25, 2022

56086cb

Does this PR introduce any user-facing change?

Yes, all changes are caused by the change of Netty.
If the user wants to maintain the same behavior as the previous version, the user needs to make the following configuration:

  • add -Dio.netty.allocator.useCacheForAllThreads=true to enable useCacheForAllThreads
  • add -Dio.netty.allocator.maxOrder=11 to keep the chunk size of PooledByteBufAllocator to 16m

@bjornjorgensen
Copy link
Contributor

bjornjorgensen commented Dec 25, 2022

And this one #38981

@tobiasstadler
Copy link
Contributor Author

tobiasstadler commented Dec 25, 2022

Ok, I didn‘t read that. I guess it is better to close the PR.

@bjornjorgensen
Copy link
Contributor

bjornjorgensen commented Dec 25, 2022
edited
Loading

@tobiasstadler
Hi, I have enabled SNYK and Github Dependabot on my repo.
This way SNYK are opening PR's and Dependabot are opening issues.

Right now, most of these PR's are related to Hadoop 2.7 which we will remove in spark 3.5 or 3.6.

I also build spark master and scan code with sonar

This one is for python and javascript

and this is for java, scala and xml

CC @panbingkun and @LuciferYang

@bjornjorgensen
Copy link
Contributor

bjornjorgensen commented Dec 25, 2022

Hmm.. you can't see the Dependabot page

image

@LuciferYang
Copy link
Contributor

LuciferYang commented Dec 26, 2022

@tobiasstadler Hi, I have enabled SNYK and Github Dependabot on my repo. This way SNYK are opening PR's and Dependabot are opening issues.

Right now, most of these PR's are related to Hadoop 2.7 which we will remove in spark 3.5 or 3.6.

I also build spark master and scan code with sonar

This one is for python and javascript

and this is for java, scala and xml

CC @panbingkun and @LuciferYang

Is the problem detected by sonar worth fixing @bjornjorgensen ?

@bjornjorgensen
Copy link
Contributor

bjornjorgensen commented Dec 26, 2022

My intentions are to explain to a new contributor how I do it and what tools I use. Sonar is built on best practice rules, the problem is that not everything hits equally well. Here are the ones that I have found using Sonar that have entered the code base.

#36465
#36383
#36364
#35775
#35755
#35741

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dongjoon-hyun dongjoon-hyun dongjoon-hyun requested changes

Assignees

No one assigned

Labels

BUILD CORE

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@tobiasstadler @bjornjorgensen @AmplabJenkins @LuciferYang @dongjoon-hyun