This is an automated email from the ASF dual-hosted git repository. mblow pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/asterixdb.git
commit aa0f6c780cdcfbbaee9fbf71d02c246da107fbed Author: Michael Blow <[email protected]> AuthorDate: Tue Oct 3 22:47:55 2023 -0400 [NO ISSUE] Upgrade Hadoop to 3.3.6 Change-Id: Ief6aff3081ada9ab42833bd894ded60f446cb167 Reviewed-on: https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/17837 Integration-Tests: Jenkins <[email protected]> Reviewed-by: Hussain Towaileb <[email protected]> Tested-by: Jenkins <[email protected]> --- asterixdb/asterix-external-data/pom.xml | 10 ---- asterixdb/pom.xml | 76 +++----------------------- hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml | 14 ----- hyracks-fullstack/pom.xml | 53 +----------------- 4 files changed, 10 insertions(+), 143 deletions(-) diff --git a/asterixdb/asterix-external-data/pom.xml b/asterixdb/asterix-external-data/pom.xml index b3ab6dae38..de14287a8c 100644 --- a/asterixdb/asterix-external-data/pom.xml +++ b/asterixdb/asterix-external-data/pom.xml @@ -541,16 +541,6 @@ <groupId>io.netty</groupId> <artifactId>netty-handler-proxy</artifactId> </dependency> - <!-- TODO(htowaileb): removed from hadoop transitively and added separately to avoid CVEs, can - be removed once upgraded to hadoop 3.3.4 as it addresses the CVEs --> - <dependency> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </dependency> - <dependency> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - </dependency> <!-- Manually included to avoid CVE-2023-1370 --> <dependency> <groupId>net.minidev</groupId> diff --git a/asterixdb/pom.xml b/asterixdb/pom.xml index 730d27b074..b2d8831763 100644 --- a/asterixdb/pom.xml +++ b/asterixdb/pom.xml @@ -84,7 +84,7 @@ <!-- Versions under dependencymanagement or used in many projects via properties --> <algebricks.version>0.3.8-SNAPSHOT</algebricks.version> <hyracks.version>0.3.8-SNAPSHOT</hyracks.version> - <hadoop.version>3.3.4</hadoop.version> + <hadoop.version>3.3.6</hadoop.version> <jacoco.version>0.7.6.201602180812</jacoco.version> <log4j.version>2.19.0</log4j.version> <awsjavasdk.version>2.17.218</awsjavasdk.version> @@ -1005,14 +1005,9 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> + <groupId>ch.qos.reload4j</groupId> + <artifactId>reload4j</artifactId> </exclusion> </exclusions> </dependency> @@ -1081,15 +1076,6 @@ <groupId>javax.ws.rs</groupId> <artifactId>jsr311-api</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - </exclusion> </exclusions> </dependency> <dependency> @@ -1137,14 +1123,9 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> + <groupId>ch.qos.reload4j</groupId> + <artifactId>reload4j</artifactId> </exclusion> </exclusions> </dependency> @@ -1173,11 +1154,6 @@ <groupId>org.jline</groupId> <artifactId>jline</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> </exclusions> </dependency> <dependency> @@ -1216,14 +1192,9 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> + <groupId>ch.qos.reload4j</groupId> + <artifactId>reload4j</artifactId> </exclusion> </exclusions> </dependency> @@ -1249,14 +1220,9 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> + <groupId>ch.qos.reload4j</groupId> + <artifactId>reload4j</artifactId> </exclusion> </exclusions> </dependency> @@ -1991,32 +1957,8 @@ <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-azure</artifactId> <version>${hadoop.version}</version> - <exclusions> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - </exclusion> - </exclusions> </dependency> <!-- Hadoop Azure end --> - - <!-- TODO(htowaileb): removed from hadoop transitively and added separately to avoid CVEs, can - be removed once upgraded to hadoop 3.3.4 as it addresses the CVEs --> - <dependency> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - <version>9.4.48.v20220622</version> - </dependency> - <dependency> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - <version>9.4.48.v20220622</version> - </dependency> </dependencies> </dependencyManagement> diff --git a/hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml b/hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml index 816746cfca..2010653560 100644 --- a/hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml +++ b/hyracks-fullstack/hyracks/hyracks-hdfs/pom.xml @@ -163,15 +163,6 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - </exclusion> </exclusions> </dependency> <dependency> @@ -198,11 +189,6 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> </exclusions> </dependency> <dependency> diff --git a/hyracks-fullstack/pom.xml b/hyracks-fullstack/pom.xml index 86a0ad7387..4b625e5f68 100644 --- a/hyracks-fullstack/pom.xml +++ b/hyracks-fullstack/pom.xml @@ -70,7 +70,7 @@ <test.includes>${global.test.includes}</test.includes> <test.excludes>${global.test.excludes}</test.excludes> <!-- Versions under dependencymanagement or used in many projects via properties --> - <hadoop.version>3.3.1</hadoop.version> + <hadoop.version>3.3.6</hadoop.version> <jacoco.version>0.7.6.201602180812</jacoco.version> <log4j.version>2.19.0</log4j.version> <snappy.version>1.1.8.4</snappy.version> @@ -192,15 +192,6 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - </exclusion> </exclusions> </dependency> <dependency> @@ -216,15 +207,6 @@ <groupId>log4j</groupId> <artifactId>log4j</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - </exclusion> </exclusions> </dependency> <dependency> @@ -236,28 +218,12 @@ <groupId>log4j</groupId> <artifactId>log4j</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - </exclusion> </exclusions> </dependency> <dependency> <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-mapreduce-client-core</artifactId> <version>${hadoop.version}</version> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusions> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> - </exclusions> </dependency> <dependency> <groupId>org.apache.hadoop</groupId> @@ -270,11 +236,6 @@ <groupId>log4j</groupId> <artifactId>log4j</artifactId> </exclusion> - <!-- TODO(htowaileb): Remove after updating to hadoop 3.3.4 --> - <exclusion> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - </exclusion> </exclusions> </dependency> <dependency> @@ -469,18 +430,6 @@ <artifactId>snappy-java</artifactId> <version>${snappy.version}</version> </dependency> - <!-- TODO(htowaileb): removed from hadoop transitively and added separately to avoid CVEs, can - be removed once upgraded to hadoop 3.3.4 as it addresses the CVEs --> - <dependency> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util</artifactId> - <version>9.4.48.v20220622</version> - </dependency> - <dependency> - <groupId>org.eclipse.jetty</groupId> - <artifactId>jetty-util-ajax</artifactId> - <version>9.4.48.v20220622</version> - </dependency> <!-- Manually included to avoid CVE-2023-1370 --> <dependency> <groupId>net.minidev</groupId>
