This is an automated email from the ASF dual-hosted git repository.
kgyrtkirk pushed a commit to branch 36.0.0
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/36.0.0 by this push:
new c5477f71e93 changes related to 36 release (#18975)
c5477f71e93 is described below
commit c5477f71e933d93d98199c594fe797f7ef809ff1
Author: Zoltan Haindrich <[email protected]>
AuthorDate: Mon Feb 2 20:06:18 2026 +0100
changes related to 36 release (#18975)
(cherry picked from commit 3761e4f3d15b89b49487cd39312bbfc475e9bad3)
---
embedded-tests/pom.xml | 7 ++++++
owasp-dependency-check-suppressions.xml | 2 ++
quidem-ut/README.md | 4 ++--
quidem-ut/pom.xml | 38 +++++++++++++++++++++------------
4 files changed, 35 insertions(+), 16 deletions(-)
diff --git a/embedded-tests/pom.xml b/embedded-tests/pom.xml
index 0a3b5c1b392..ae11da40652 100644
--- a/embedded-tests/pom.xml
+++ b/embedded-tests/pom.xml
@@ -578,6 +578,13 @@
<excludedGroups>docker-test</excludedGroups>
</configuration>
</plugin>
+ <plugin>
+ <groupId>org.owasp</groupId>
+ <artifactId>dependency-check-maven</artifactId>
+ <configuration>
+ <skip>true</skip>
+ </configuration>
+ </plugin>
</plugins>
</build>
diff --git a/owasp-dependency-check-suppressions.xml
b/owasp-dependency-check-suppressions.xml
index 133f4cd90df..743ceb160f6 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -144,6 +144,8 @@
<cve>CVE-2024-22201</cve> <!-- This seems to be a legitimate
vulnerability. We would need to go to a hadoop-client which was not yet
released -->
<cve>CVE-2025-52999</cve> <!-- This is vulneraability in all versions of
hadoop-client-runtime and has not been fixed by hadoop yet -->
<cve>CVE-2024-9823</cve> <!-- This is in hadoop's shadded jetty. no
version of hadoop has updated to fixed version. It is a jetty server vuln,
which should not be exploitable in hadoop client code -->
+ <cve>CVE-2025-27821</cve> <!-- native hdfs vulnerability -->
+ <cve>CVE-2025-5115</cve> <!-- netty issue in shaded hadoop -->
</suppress>
<!-- those are false positives, no other tools report any of those CVEs in
the hadoop package -->
diff --git a/quidem-ut/README.md b/quidem-ut/README.md
index 18d5f16b34b..b76191097db 100644
--- a/quidem-ut/README.md
+++ b/quidem-ut/README.md
@@ -60,12 +60,12 @@ git clone https://github.com/apache/druid
```
* launch the broker instance with:
```bash
- mvn exec:exec -pl quidem-ut -Dquidem.record.autostart=true
+ mvn exec:exec -pl quidem-ut -Pquidem -Dquidem.record.autostart=true
```
* the broker will be running at http://localhost:12345
* the used test configuration backend can configured by supplying
`quidem.uri`
```bash
- mvn exec:exec -pl quidem-ut
-Dquidem.uri=druidtest:///?componentSupplier=ThetaSketchComponentSupplier
+ mvn exec:exec -pl quidem-ut -Pquidem
-Dquidem.uri=druidtest:///?componentSupplier=ThetaSketchComponentSupplier
```
* new record files can be started by calling
http://localhost:12345/quidem/start
* if `quidem.record.autostart` is omitted recording will not start
diff --git a/quidem-ut/pom.xml b/quidem-ut/pom.xml
index af6e1035ce0..14afbe638fc 100644
--- a/quidem-ut/pom.xml
+++ b/quidem-ut/pom.xml
@@ -541,20 +541,30 @@
<skip>true</skip>
</configuration>
</plugin>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>exec-maven-plugin</artifactId>
- <configuration>
- <executable>java</executable>
- <arguments>
- <argument>-classpath</argument>
- <classpath />
- <argument>-Dquidem.uri=${quidem.uri}</argument>
-
<argument>-Dquidem.record.autostart=${quidem.record.autostart}</argument>
- <argument>org.apache.druid.quidem.Launcher</argument>
- </arguments>
- </configuration>
- </plugin>
</plugins>
</build>
+
+ <profiles>
+ <profile>
+ <id>quidem</id>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.codehaus.mojo</groupId>
+ <artifactId>exec-maven-plugin</artifactId>
+ <configuration>
+ <executable>java</executable>
+ <arguments>
+ <argument>-classpath</argument>
+ <classpath />
+ <argument>-Dquidem.uri=${quidem.uri}</argument>
+
<argument>-Dquidem.record.autostart=${quidem.record.autostart}</argument>
+
<argument>org.apache.druid.quidem.Launcher</argument>
+ </arguments>
+ </configuration>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
+ </profiles>
</project>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]