Skip to content

Upgrade Hudi connector version to 0.14.0 #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
tdcmeehan wants to merge 22 commits into
base: master
Choose a base branch
from
Open

Upgrade Hudi connector version to 0.14.0 #10

tdcmeehan wants to merge 22 commits into from

Conversation

@tdcmeehan
Copy link
Owner

@tdcmeehan tdcmeehan commented Sep 18, 2025

Updated Hudi connector version from 1.0.2 to 0.14.0 in pom.xml.

Description

Motivation and Context

Impact

Test Plan

Contributor checklist

  • Please make sure your submission complies with our contributing guide, in particular code style and commit standards.
  • PR description addresses the issue accurately and concisely. If the change is non-trivial, a GitHub Issue is referenced.
  • Documented new properties (with its default value), SQL syntax, functions, or other functionality.
  • If release notes are required, they follow the release notes guidelines.
  • Adequate tests were added if applicable.
  • CI passed.

Release Notes

Please follow release notes guidelines and fill in the release notes below.

== RELEASE NOTES ==

General Changes
* ... 
* ... 

Hive Connector Changes
* ... 
* ...

If release note is NOT required, use:

== NO RELEASE NOTE ==

@tdcmeehan tdcmeehan closed this Sep 18, 2025
@tdcmeehan tdcmeehan reopened this Sep 18, 2025
@tdcmeehan
Modify dependency review to limit failure scopes
ec0f1e0 
Updated dependency review workflow to only fail on runtime vulnerabilities.
@tdcmeehan tdcmeehan closed this Sep 18, 2025
@tdcmeehan tdcmeehan reopened this Sep 18, 2025
@github-actions
Copy link

github-actions bot commented Sep 18, 2025
edited
Loading

Dependency Review

The following issues were found:
  • ❌ 1 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ✅ 0 package(s) with unknown licenses.
See the Details below.

Vulnerabilities

presto-hudi/pom.xml

NameVersionVulnerabilitySeverity
org.apache.logging.log4j:log4j-core2.14.1Incomplete fix for Apache Log4j vulnerabilitycritical
Remote code injection in Log4jcritical
Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursionhigh
Only included vulnerabilities with severity high or higher.

OpenSSF Scorecard

PackageVersionScoreDetails
maven/org.apache.logging.log4j:log4j-core 2.14.1 🟢 8.3
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 44 out of 9 merged PRs checked by a CI test -- score normalized to 4
CII-Best-Practices⚠️ 2badge detected: in_progress
Code-Review⚠️ 1found 20 unreviewed changesets out of 23 -- score normalized to 1
Contributors🟢 1046 different organizations found -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) out of 30 and 17 issue activity out of 30 found in the last 90 days -- score normalized to 10
Packaging⚠️ -1no published package detected
Pinned-Dependencies🟢 10all dependencies are pinned
SAST⚠️ 2SAST tool is not run on all commits -- score normalized to 2
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Vulnerabilities🟢 10no vulnerabilities detected
maven/junit:junit 4.11 🟢 5.8
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 5Found 9/17 approved changesets -- score normalized to 5
Maintained⚠️ 11 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 1
Security-Policy🟢 10security policy file detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Packaging🟢 10packaging workflow detected
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
maven/org.apache.hudi:hudi-presto-bundle 0.14.0 🟢 6.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Packaging🟢 10packaging workflow detected
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected

Scanned Files

  • presto-hudi/pom.xml

@tdcmeehan tdcmeehan mentioned this pull request Sep 19, 2025
Merged
6 tasks
@tdcmeehan tdcmeehan mentioned this pull request Sep 22, 2025
Merged
6 tasks
tdcmeehan pushed a commit that referenced this pull request Feb 8, 2026
@claude
Address Issue prestodb#14: condense Parquet BF section from 115 to 18…
353702f 
… lines

Move detailed FPR saturation math, cost comparison, and predicate interaction
analysis to GPU_ALGEBRAIC_MEMORY_TECHNIQUES.md Section 8. Main doc retains
only the conclusion and two-sentence summary of each failure mode. Remove
now-moot Open Question #10 (Parquet BF availability) and Parquet BF references
section.

https://claude.ai/code/session_01SAXk4AS8yQyQkhRVi6RQie
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tdcmeehan