Skip to content

TEZ-4573: Upgrade momentjs to 2.29.4 due to CVE-2022-24785, CVE-2022-31129 and CVE-2017-18214 #363

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
abstractdog merged 1 commit into from
Aug 2, 2024
Merged

TEZ-4573: Upgrade momentjs to 2.29.4 due to CVE-2022-24785, CVE-2022-31129 and CVE-2017-18214 #363

abstractdog merged 1 commit into from
Aug 2, 2024

Conversation

@mayankkunwar
Copy link
Contributor

@mayankkunwar mayankkunwar commented Jul 30, 2024
edited by abstractdog
Loading

No description provided.

@tez-yetus
Copy link

tez-yetus commented Jul 30, 2024

🎊 +1 overall

Vote Subsystem Runtime Comment
+0 🆗 reexec 13m 26s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
_ master Compile Tests _
_ Patch Compile Tests _
+1 💚 whitespace 0m 0s The patch has no whitespace issues.
_ Other Tests _
+1 💚 asflicense 1m 24s The patch does not generate ASF License warnings.
15m 34s
Subsystem Report/Notes
Docker ClientAPI=1.46 ServerAPI=1.46 base: https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-363/1/artifact/out/Dockerfile
GITHUB PR #363
Optional Tests dupname asflicense
uname Linux 40c138b32d11 5.15.0-106-generic #116-Ubuntu SMP Wed Apr 17 09:17:56 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality personality/tez.sh
git revision master / c745edf
Max. process+thread count 51 (vs. ulimit of 5500)
modules C: tez-ui U: tez-ui
Console output https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-363/1/console
versions git=2.34.1 maven=3.6.3
Powered by Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

@abstractdog abstractdog self-requested a review July 30, 2024 12:04
@abstractdog abstractdog changed the title TEZ-4573: Upgrade momentjs to 2.29.4 due to CVE-2022-24785, CVE-2022-… TEZ-4573: Upgrade momentjs to 2.29.4 due to CVE-2022-24785, CVE-2022-31129 and CVE-2017-18214 Jul 30, 2024
abstractdog
abstractdog approved these changes Jul 30, 2024
View reviewed changes
Copy link
Contributor

@abstractdog abstractdog left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@abstractdog
Copy link
Contributor

abstractdog commented Aug 2, 2024

unfortunately, this one cannot be merged yet
https://github.com/apache/tez/actions/runs/10160242449/job/28255702930?pr=363

[INFO] bower moment#2.29.4                   ENORESTARGET No version found that was able to satisfy 2.29.4

can you please check it @mayankkunwar ?

@tez-yetus
Copy link

tez-yetus commented Aug 2, 2024

🎊 +1 overall

Vote Subsystem Runtime Comment
+0 🆗 reexec 0m 9s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
_ master Compile Tests _
_ Patch Compile Tests _
+1 💚 whitespace 0m 0s The patch has no whitespace issues.
_ Other Tests _
+1 💚 asflicense 1m 21s The patch does not generate ASF License warnings.
2m 13s
Subsystem Report/Notes
Docker ClientAPI=1.46 ServerAPI=1.46 base: https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-363/2/artifact/out/Dockerfile
GITHUB PR #363
JIRA Issue TEZ-4573
Optional Tests dupname asflicense
uname Linux e8d18f6f5bb6 5.15.0-106-generic #116-Ubuntu SMP Wed Apr 17 09:17:56 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality personality/tez.sh
git revision master / c745edf
Max. process+thread count 51 (vs. ulimit of 5500)
modules C: tez-ui U: tez-ui
Console output https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-363/2/console
versions git=2.34.1 maven=3.6.3
Powered by Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

@tez-yetus
Copy link

tez-yetus commented Aug 2, 2024

🎊 +1 overall

Vote Subsystem Runtime Comment
+0 🆗 reexec 0m 9s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
_ master Compile Tests _
_ Patch Compile Tests _
+1 💚 whitespace 0m 0s The patch has no whitespace issues.
_ Other Tests _
+1 💚 asflicense 1m 9s The patch does not generate ASF License warnings.
1m 59s
Subsystem Report/Notes
Docker ClientAPI=1.46 ServerAPI=1.46 base: https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-363/3/artifact/out/Dockerfile
GITHUB PR #363
JIRA Issue TEZ-4573
Optional Tests dupname asflicense
uname Linux f4a582ce95c0 5.15.0-106-generic #116-Ubuntu SMP Wed Apr 17 09:17:56 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality personality/tez.sh
git revision master / c745edf
Max. process+thread count 51 (vs. ulimit of 5500)
modules C: tez-ui U: tez-ui
Console output https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-363/3/console
versions git=2.34.1 maven=3.6.3
Powered by Apache Yetus 0.12.0 https://yetus.apache.org

This message was automatically generated.

@mayankkunwar
Copy link
Contributor Author

mayankkunwar commented Aug 2, 2024
edited
Loading

@abstractdog, I have added changes. Build is green.

@abstractdog
Copy link
Contributor

abstractdog commented Aug 2, 2024

LGTM

@abstractdog abstractdog merged commit 70d79b2 into apache:master Aug 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@abstractdog abstractdog abstractdog approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mayankkunwar @tez-yetus @abstractdog