This is an automated email from the ASF dual-hosted git repository. volodymyr pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/drill.git
commit 6cb6438904d368e3fa0c8ad46de31a449ab989c7 Author: Volodymyr Vysotskyi <[email protected]> AuthorDate: Fri Apr 10 19:20:20 2020 +0300 DRILL-7702: Update httpclient, libthrift, httpdlog-parser, jetty, derby, exclude and ban log4j, jasper-runtime, commons-httpclient closes #2057 --- contrib/format-maprdb/pom.xml | 4 ++ contrib/storage-hbase/pom.xml | 62 +++++++++++++++------------- contrib/storage-hive/core/pom.xml | 16 +++++++ contrib/storage-hive/hive-exec-shade/pom.xml | 24 +++++++++++ exec/java-exec/pom.xml | 2 +- pom.xml | 54 ++++++++++++++++++++---- 6 files changed, 124 insertions(+), 38 deletions(-) diff --git a/contrib/format-maprdb/pom.xml b/contrib/format-maprdb/pom.xml index 80b50f7..d308970 100644 --- a/contrib/format-maprdb/pom.xml +++ b/contrib/format-maprdb/pom.xml @@ -140,6 +140,10 @@ <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/contrib/storage-hbase/pom.xml b/contrib/storage-hbase/pom.xml index 635026b..7aa69bb 100644 --- a/contrib/storage-hbase/pom.xml +++ b/contrib/storage-hbase/pom.xml @@ -173,25 +173,25 @@ <groupId>org.apache.hbase</groupId> <artifactId>hbase-client</artifactId> <exclusions> - <exclusion> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-mapreduce-client-core</artifactId> - </exclusion> <exclusion> - <groupId>io.netty</groupId> - <artifactId>netty</artifactId> + <groupId>org.apache.hadoop</groupId> + <artifactId>hadoop-mapreduce-client-core</artifactId> </exclusion> <exclusion> - <groupId>io.netty</groupId> - <artifactId>netty-all</artifactId> + <groupId>io.netty</groupId> + <artifactId>netty</artifactId> </exclusion> <exclusion> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> + <groupId>io.netty</groupId> + <artifactId>netty-all</artifactId> </exclusion> <exclusion> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </exclusion> + <exclusion> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> </exclusion> </exclusions> </dependency> @@ -206,10 +206,10 @@ <artifactId>log4j</artifactId> <groupId>log4j</groupId> </exclusion> - <exclusion> - <groupId>commons-codec</groupId> - <artifactId>commons-codec</artifactId> - </exclusion> + <exclusion> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + </exclusion> </exclusions> <scope>test</scope> </dependency> @@ -222,10 +222,10 @@ <artifactId>log4j</artifactId> <groupId>log4j</groupId> </exclusion> - <exclusion> - <groupId>commons-codec</groupId> - <artifactId>commons-codec</artifactId> - </exclusion> + <exclusion> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + </exclusion> </exclusions> </dependency> </dependencies> @@ -242,22 +242,22 @@ <artifactId>hbase-client</artifactId> <exclusions> <exclusion> - <groupId>io.netty</groupId> - <artifactId>netty</artifactId> + <groupId>io.netty</groupId> + <artifactId>netty</artifactId> </exclusion> <exclusion> - <groupId>io.netty</groupId> - <artifactId>netty-all</artifactId> + <groupId>io.netty</groupId> + <artifactId>netty-all</artifactId> </exclusion> <exclusion> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> </exclusion> <exclusion> - <groupId>commons-logging</groupId> - <artifactId>commons-logging</artifactId> + <groupId>commons-logging</groupId> + <artifactId>commons-logging</artifactId> </exclusion> - </exclusions> + </exclusions> </dependency> <dependency> <groupId>org.apache.hbase</groupId> @@ -269,6 +269,10 @@ <artifactId>log4j</artifactId> <groupId>log4j</groupId> </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </exclusion> </exclusions> </dependency> <dependency> diff --git a/contrib/storage-hive/core/pom.xml b/contrib/storage-hive/core/pom.xml index 60603ee..1c18176 100644 --- a/contrib/storage-hive/core/pom.xml +++ b/contrib/storage-hive/core/pom.xml @@ -94,6 +94,10 @@ <artifactId>hadoop-auth</artifactId> <groupId>org.apache.hadoop</groupId> </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -212,6 +216,18 @@ <groupId>io.netty</groupId> <artifactId>netty-all</artifactId> </exclusion> + <exclusion> + <groupId>tomcat</groupId> + <artifactId>jasper-compiler</artifactId> + </exclusion> + <exclusion> + <groupId>tomcat</groupId> + <artifactId>jasper-runtime</artifactId> + </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </exclusion> </exclusions> </dependency> diff --git a/contrib/storage-hive/hive-exec-shade/pom.xml b/contrib/storage-hive/hive-exec-shade/pom.xml index f6ba72e..6380eb3 100644 --- a/contrib/storage-hive/hive-exec-shade/pom.xml +++ b/contrib/storage-hive/hive-exec-shade/pom.xml @@ -80,6 +80,30 @@ <groupId>com.github.joshelser</groupId> <artifactId>dropwizard-metrics-hadoop-metrics2-reporter</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-1.2-api</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-slf4j-impl</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.logging.log4j</groupId> + <artifactId>log4j-web</artifactId> + </exclusion> + <exclusion> + <groupId>tomcat</groupId> + <artifactId>jasper-compiler</artifactId> + </exclusion> + <exclusion> + <groupId>tomcat</groupId> + <artifactId>jasper-runtime</artifactId> + </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </exclusion> </exclusions> </dependency> </dependencies> diff --git a/exec/java-exec/pom.xml b/exec/java-exec/pom.xml index d52eb4e..6c0aa18 100644 --- a/exec/java-exec/pom.xml +++ b/exec/java-exec/pom.xml @@ -526,7 +526,7 @@ <dependency> <groupId>nl.basjes.parse.httpdlog</groupId> <artifactId>httpdlog-parser</artifactId> - <version>5.2</version> + <version>5.3</version> <exclusions> <exclusion> <groupId>commons-codec</groupId> diff --git a/pom.xml b/pom.xml index a166998..0ca5c5f 100644 --- a/pom.xml +++ b/pom.xml @@ -78,8 +78,9 @@ <logback.version>1.2.3</logback.version> <mockito.version>2.28.2</mockito.version> <!-- - Currently Hive storage plugin only supports Apache Hive 2.3.2 or vendor specific variants of the - Apache Hive 2.3.2. If the version is changed, make sure the jars and their dependencies are updated. + Currently Hive storage plugin only supports Apache Hive 3.1.2 or vendor specific variants of the + Apache Hive 2.3.2. If the version is changed, make sure the jars and their dependencies are updated, + for example parquet-hadoop-bundle and derby dependencies. --> <hive.version>3.1.2</hive.version> <hadoop.version>3.2.1</hadoop.version> @@ -91,7 +92,7 @@ <reflections.version>0.9.10</reflections.version> <avro.version>1.9.1</avro.version> <metrics.version>4.0.2</metrics.version> - <jetty.version>9.3.25.v20180904</jetty.version> + <jetty.version>9.3.28.v20191105</jetty.version> <jersey.version>2.25.1</jersey.version> <asm.version>7.3.1</asm.version> <excludedGroups /> @@ -110,9 +111,12 @@ <joda.version>2.10.5</joda.version> <javax.el.version>3.0.0</javax.el.version> <surefire.version>3.0.0-M4</surefire.version> - <commons.compress.version>1.19</commons.compress.version> + <commons.compress.version>1.20</commons.compress.version> <hikari.version>3.4.2</hikari.version> <netty.version>4.0.48.Final</netty.version> + <httpclient.version>4.5.12</httpclient.version> + <libthrift.version>0.13.0</libthrift.version> + <derby.version>10.14.2.0</derby.version> </properties> <scm> @@ -606,10 +610,13 @@ <exclude>org.mortbay.jetty:servlet-api</exclude> <exclude>org.mortbay.jetty:servlet-api-2.5</exclude> <exclude>log4j:log4j</exclude> + <exclude>org.apache.logging.log4j:log4j-core</exclude> <exclude>jdk.tools:jdk.tools</exclude> <exclude>org.json:json</exclude> <exclude>org.beanshell:bsh</exclude> <exclude>org.apache.calcite:*</exclude> + <exclude>commons-httpclient:*</exclude> + <exclude>tomcat:*</exclude> </excludes> </bannedDependencies> </rules> @@ -1891,6 +1898,21 @@ <artifactId>HikariCP</artifactId> <version>${hikari.version}</version> </dependency> + <dependency> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + <version>${httpclient.version}</version> + </dependency> + <dependency> + <groupId>org.apache.thrift</groupId> + <artifactId>libthrift</artifactId> + <version>${libthrift.version}</version> + </dependency> + <dependency> + <groupId>org.apache.derby</groupId> + <artifactId>derby-project</artifactId> + <version>${derby.version}</version> + </dependency> </dependencies> </dependencyManagement> @@ -2045,8 +2067,8 @@ <artifactId>jackson-jaxrs</artifactId> </exclusion> <exclusion> - <groupId>io.netty</groupId> - <artifactId>netty</artifactId> + <groupId>io.netty</groupId> + <artifactId>netty</artifactId> </exclusion> </exclusions> </dependency> @@ -2192,8 +2214,12 @@ <artifactId>jackson-jaxrs</artifactId> </exclusion> <exclusion> - <groupId>io.netty</groupId> - <artifactId>netty</artifactId> + <groupId>io.netty</groupId> + <artifactId>netty</artifactId> + </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> </exclusion> </exclusions> </dependency> @@ -2886,6 +2912,10 @@ <groupId>io.netty</groupId> <artifactId>netty-all</artifactId> </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -3312,6 +3342,14 @@ <groupId>org.apache.hbase</groupId> <artifactId>hbase-annotations</artifactId> </exclusion> + <exclusion> + <groupId>tomcat</groupId> + <artifactId>jasper-compiler</artifactId> + </exclusion> + <exclusion> + <groupId>tomcat</groupId> + <artifactId>jasper-runtime</artifactId> + </exclusion> </exclusions> </dependency> <dependency>
