This is an automated email from the ASF dual-hosted git repository.
kgyrtkirk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/master by this push:
new 691ea3c1a72 Bump jackson to 2.18.4 and fabric8 to 7.2.0 (#18013)
691ea3c1a72 is described below
commit 691ea3c1a7289cbdbea0d7a45ae65f4dd057ac3c
Author: Lucas Capistrant <[email protected]>
AuthorDate: Thu Jun 19 03:06:02 2025 -0500
Bump jackson to 2.18.4 and fabric8 to 7.2.0 (#18013)
---
extensions-contrib/aliyun-oss-extensions/pom.xml | 6 +++
extensions-contrib/ddsketch/pom.xml | 6 +++
.../druid-deltalake-extensions/pom.xml | 2 +-
extensions-contrib/tdigestsketch/pom.xml | 12 +++++
extensions-core/datasketches/pom.xml | 6 +++
extensions-core/druid-catalog/pom.xml | 6 +++
.../kubernetes-overlord-extensions/pom.xml | 22 ++-------
extensions-core/multi-stage-query/pom.xml | 6 +++
extensions-core/testing-tools/pom.xml | 6 +++
indexing-service/pom.xml | 6 +++
integration-tests/pom.xml | 6 +++
licenses.yaml | 53 ++++++++++++++++------
pom.xml | 7 ++-
.../java/org/apache/druid/jackson/JodaStuff.java | 3 +-
.../druid/jackson/DefaultObjectMapperTest.java | 14 ++++++
quidem-ut/pom.xml | 6 +++
server/pom.xml | 12 +++++
services/pom.xml | 6 +++
18 files changed, 148 insertions(+), 37 deletions(-)
diff --git a/extensions-contrib/aliyun-oss-extensions/pom.xml
b/extensions-contrib/aliyun-oss-extensions/pom.xml
index ac79e63df55..7d280355bf2 100644
--- a/extensions-contrib/aliyun-oss-extensions/pom.xml
+++ b/extensions-contrib/aliyun-oss-extensions/pom.xml
@@ -43,6 +43,12 @@
<groupId>com.aliyun.oss</groupId>
<artifactId>aliyun-sdk-oss</artifactId>
<version>3.11.3</version>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
diff --git a/extensions-contrib/ddsketch/pom.xml
b/extensions-contrib/ddsketch/pom.xml
index a2a5925135a..cb44cfaf92c 100644
--- a/extensions-contrib/ddsketch/pom.xml
+++ b/extensions-contrib/ddsketch/pom.xml
@@ -88,6 +88,12 @@
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
diff --git a/extensions-contrib/druid-deltalake-extensions/pom.xml
b/extensions-contrib/druid-deltalake-extensions/pom.xml
index 635d1a3b6ab..282039fc198 100644
--- a/extensions-contrib/druid-deltalake-extensions/pom.xml
+++ b/extensions-contrib/druid-deltalake-extensions/pom.xml
@@ -96,7 +96,7 @@
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
- <version>2.12.7.1</version>
+ <version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>it.unimi.dsi</groupId>
diff --git a/extensions-contrib/tdigestsketch/pom.xml
b/extensions-contrib/tdigestsketch/pom.xml
index b7ba250613e..efd101ecec6 100644
--- a/extensions-contrib/tdigestsketch/pom.xml
+++ b/extensions-contrib/tdigestsketch/pom.xml
@@ -84,11 +84,23 @@
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-smile-provider</artifactId>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>it.unimi.dsi</groupId>
diff --git a/extensions-core/datasketches/pom.xml
b/extensions-core/datasketches/pom.xml
index 919e5e8d820..f6afcfab74e 100644
--- a/extensions-core/datasketches/pom.xml
+++ b/extensions-core/datasketches/pom.xml
@@ -137,6 +137,12 @@
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
diff --git a/extensions-core/druid-catalog/pom.xml
b/extensions-core/druid-catalog/pom.xml
index c854e97055d..0ad27d295c6 100644
--- a/extensions-core/druid-catalog/pom.xml
+++ b/extensions-core/druid-catalog/pom.xml
@@ -129,6 +129,12 @@
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-smile-provider</artifactId>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>javax.ws.rs</groupId>
diff --git a/extensions-core/kubernetes-overlord-extensions/pom.xml
b/extensions-core/kubernetes-overlord-extensions/pom.xml
index 80e61cec9ee..ec731a59034 100644
--- a/extensions-core/kubernetes-overlord-extensions/pom.xml
+++ b/extensions-core/kubernetes-overlord-extensions/pom.xml
@@ -35,25 +35,9 @@
</parent>
<properties>
- <!-- fabric8 6.13.2+ is incompatible with jackson 2.12
- ~ due to fix for
https://github.com/fabric8io/kubernetes-client/issues/6110.
- ~ GoIntegerDeserializer uses a _parseInteger method that does not exist
in 2.12 (introduced in 2.14) -->
- <fabric8.version>6.13.1</fabric8.version>
+ <fabric8.version>7.2.0</fabric8.version>
</properties>
- <dependencyManagement>
- <dependencies>
- <!-- snakeyaml explicitly pinned to version 1.33 as it is
- a transitive dependency of
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml 2.12.7
- please remove this pin, after updating jackson-dataform-yaml to
version > 2.14.3 / 2.15.0 -->
- <dependency>
- <groupId>org.yaml</groupId>
- <artifactId>snakeyaml</artifactId>
- <version>1.33</version>
- </dependency>
- </dependencies>
- </dependencyManagement>
-
<dependencies>
<dependency>
<groupId>org.apache.druid</groupId>
@@ -155,7 +139,7 @@
<dependency>
<groupId>io.vertx</groupId>
<artifactId>vertx-core</artifactId>
- <version>4.5.8</version>
+ <version>4.5.14</version>
</dependency>
<dependency>
<groupId>javax.ws.rs</groupId>
@@ -198,7 +182,7 @@
<dependency>
<groupId>io.fabric8</groupId>
<artifactId>mockwebserver</artifactId>
- <version>0.2.2</version>
+ <version>${fabric8.version}</version>
<scope>test</scope>
</dependency>
<dependency>
diff --git a/extensions-core/multi-stage-query/pom.xml
b/extensions-core/multi-stage-query/pom.xml
index 77f18c78f62..7c9607a6301 100644
--- a/extensions-core/multi-stage-query/pom.xml
+++ b/extensions-core/multi-stage-query/pom.xml
@@ -140,6 +140,12 @@
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-smile-provider</artifactId>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>javax.ws.rs</groupId>
diff --git a/extensions-core/testing-tools/pom.xml
b/extensions-core/testing-tools/pom.xml
index 2042b8033b5..aec558b3f38 100644
--- a/extensions-core/testing-tools/pom.xml
+++ b/extensions-core/testing-tools/pom.xml
@@ -114,6 +114,12 @@
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId>
<scope>provided</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
diff --git a/indexing-service/pom.xml b/indexing-service/pom.xml
index da30e431e8f..b99de223c42 100644
--- a/indexing-service/pom.xml
+++ b/indexing-service/pom.xml
@@ -153,6 +153,12 @@
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-smile-provider</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.google.errorprone</groupId>
diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml
index f54e88c9304..d9d53fff0cf 100644
--- a/integration-tests/pom.xml
+++ b/integration-tests/pom.xml
@@ -307,6 +307,12 @@
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-smile-provider</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
diff --git a/licenses.yaml b/licenses.yaml
index 0ecc3cf2899..3ee7f3ca3e9 100644
--- a/licenses.yaml
+++ b/licenses.yaml
@@ -223,10 +223,40 @@ name: Jackson
license_category: binary
module: java-core
license_name: Apache License version 2.0
-version: 2.12.7
+version: 2.18.4.1
libraries:
- - com.fasterxml.jackson.core: jackson-annotations
- com.fasterxml.jackson.core: jackson-core
+notice: |
+ # Jackson JSON processor
+
+ Jackson is a high-performance, Free/Open Source JSON processing library.
+ It was originally written by Tatu Saloranta ([email protected]), and has
+ been in development since 2007.
+ It is currently developed by a community of developers, as well as supported
+ commercially by FasterXML.com.
+
+ ## Licensing
+
+ Jackson core and extension components may licensed under different licenses.
+ To find the details that apply to this artifact see the accompanying LICENSE
file.
+ For more information, including possible other licensing options, contact
+ FasterXML.com (http://fasterxml.com).
+
+ ## Credits
+
+ A list of contributors may be found from CREDITS file, which is included
+ in some artifacts (usually source distributions); but is always available
+ from the source code management (SCM) system project uses.
+
+---
+
+name: Jackson
+license_category: binary
+module: java-core
+license_name: Apache License version 2.0
+version: 2.18.4
+libraries:
+ - com.fasterxml.jackson.core: jackson-annotations
- com.fasterxml.jackson.dataformat: jackson-dataformat-cbor
- com.fasterxml.jackson.dataformat: jackson-dataformat-smile
- com.fasterxml.jackson.dataformat: jackson-dataformat-xml
@@ -264,29 +294,24 @@ notice: |
name: Jackson
license_category: binary
-module: java-core
+module: extensions-contrib/druid-deltalake-extensions
license_name: Apache License version 2.0
-version: 2.12.7.1
+version: 2.18.4
libraries:
- com.fasterxml.jackson.core: jackson-databind
notice: |
# Jackson JSON processor
-
Jackson is a high-performance, Free/Open Source JSON processing library.
It was originally written by Tatu Saloranta ([email protected]), and has
been in development since 2007.
It is currently developed by a community of developers, as well as supported
commercially by FasterXML.com.
-
## Licensing
-
Jackson core and extension components may licensed under different licenses.
To find the details that apply to this artifact see the accompanying LICENSE
file.
For more information, including possible other licensing options, contact
FasterXML.com (http://fasterxml.com).
-
## Credits
-
A list of contributors may be found from CREDITS file, which is included
in some artifacts (usually source distributions); but is always available
from the source code management (SCM) system project uses.
@@ -855,7 +880,7 @@ name: kubernetes fabric java client
license_category: binary
module: extensions-core/kubernetes-overlord-extensions
license_name: Apache License version 2.0
-version: 6.13.1
+version: 7.2.0
libraries:
- io.fabric8: kubernetes-client-api
- io.fabric8: kubernetes-model-batch
@@ -887,7 +912,7 @@ name: vertx
license_category: binary
module: extensions-core/kubernetes-overlord-extensions
license_name: Apache License version 2.0
-version: 4.5.8
+version: 4.5.14
libraries:
- io.vertx: vertx-auth-common
- io.vertx: vertx-core
@@ -1064,7 +1089,7 @@ name: org.snakeyaml snakeyaml-engine
license_category: binary
module: extensions-core/druid-kubernetes-overlord-extensions
license_name: Apache License version 2.0
-version: 2.7
+version: 2.9
libraries:
- org.snakeyaml: snakeyaml-engine
@@ -1074,7 +1099,7 @@ name: org.yaml snakeyaml
license_category: binary
module: extensions-core/druid-kubernetes-overlord-extensions
license_name: Apache License version 2.0
-version: 1.33
+version: 2.3
libraries:
- org.yaml: snakeyaml
@@ -2859,7 +2884,7 @@ libraries:
---
name: Jackson Dataformat Yaml
-version: 2.12.7
+version: 2.18.4
license_category: binary
module: extensions/druid-avro-extensions
license_name: Apache License version 2.0
diff --git a/pom.xml b/pom.xml
index 2179ca91a1c..d75291bc2ed 100644
--- a/pom.xml
+++ b/pom.xml
@@ -100,7 +100,8 @@
<hamcrest.version>1.3</hamcrest.version>
<jetty.version>9.4.57.v20241219</jetty.version>
<jersey.version>1.19.4</jersey.version>
- <jackson.version>2.12.7.20221012</jackson.version>
+ <jackson.core.version>2.18.4.1</jackson.core.version>
+ <jackson.version>2.18.4</jackson.version>
<codehaus.jackson.version>1.9.13</codehaus.jackson.version>
<log4j.version>2.22.1</log4j.version>
<mysql.version>8.2.0</mysql.version>
@@ -615,7 +616,7 @@
<dependency>
<groupId>com.fasterxml.jackson</groupId>
<artifactId>jackson-bom</artifactId>
- <version>${jackson.version}</version>
+ <version>${jackson.core.version}</version>
<scope>import</scope>
<type>pom</type>
</dependency>
@@ -1701,6 +1702,8 @@
<excludes>
<!--LGPL licenced library-->
<exclude>com.google.code.findbugs:annotations</exclude>
+ <!-- See
https://github.com/apache/druid/pull/17370 -->
+
<exclude>javax.xml.bind:jaxb-api</exclude>
</excludes>
</bannedDependencies>
</rules>
diff --git a/processing/src/main/java/org/apache/druid/jackson/JodaStuff.java
b/processing/src/main/java/org/apache/druid/jackson/JodaStuff.java
index 573af0a0828..ae89d90bb04 100644
--- a/processing/src/main/java/org/apache/druid/jackson/JodaStuff.java
+++ b/processing/src/main/java/org/apache/druid/jackson/JodaStuff.java
@@ -117,7 +117,8 @@ class JodaStuff
// make sure to preserve time zone information when parsing timestamps
return DateTimes.ISO_DATE_OR_TIME_WITH_OFFSET.parse(str);
}
- throw ctxt.mappingException(getValueClass());
+ ctxt.reportWrongTokenException(handledType(),
JsonToken.VALUE_NUMBER_INT, "expected int or string token");
+ return null; // unreachable ... required for compiler, but
ctxt.reportWrongTokenException always throws
}
}
}
diff --git
a/processing/src/test/java/org/apache/druid/jackson/DefaultObjectMapperTest.java
b/processing/src/test/java/org/apache/druid/jackson/DefaultObjectMapperTest.java
index 92c8a2cb298..ae461d26c2a 100644
---
a/processing/src/test/java/org/apache/druid/jackson/DefaultObjectMapperTest.java
+++
b/processing/src/test/java/org/apache/druid/jackson/DefaultObjectMapperTest.java
@@ -56,6 +56,20 @@ public class DefaultObjectMapperTest
final DateTime time = DateTimes.nowUtc();
Assert.assertEquals(StringUtils.format("\"%s\"", time),
mapper.writeValueAsString(time));
+
+ // string token
+ Assert.assertEquals(time, mapper.readValue(StringUtils.format("\"%s\"",
time), DateTime.class));
+
+ // int token
+ DateTime result = mapper.readValue("1717267200000", DateTime.class);
+ Assert.assertEquals(DateTimes.utc(1717267200000L), result);
+
+ // unexpected token
+ String badString = "{\"dateTime\": true}";
+ Exception ex = Assert.assertThrows(Exception.class, () -> {
+ mapper.readValue(badString, DateTime.class);
+ });
+ Assert.assertTrue(ex.getMessage().contains("expected int or string
token"));
}
@Test
diff --git a/quidem-ut/pom.xml b/quidem-ut/pom.xml
index c8d50c0d796..5cab737337f 100644
--- a/quidem-ut/pom.xml
+++ b/quidem-ut/pom.xml
@@ -286,6 +286,12 @@
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-smile-provider</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
diff --git a/server/pom.xml b/server/pom.xml
index 5de233b3705..285e51ee7ed 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -90,10 +90,22 @@
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-smile-provider</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
diff --git a/services/pom.xml b/services/pom.xml
index fad8933fb2c..6df89ecb44f 100644
--- a/services/pom.xml
+++ b/services/pom.xml
@@ -124,6 +124,12 @@
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-smile-provider</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>javax.xml.bind</groupId>
+ <artifactId>jaxb-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.dataformat</groupId>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
