This is an automated email from the ASF dual-hosted git repository.
penghui pushed a commit to branch branch-2.10
in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/branch-2.10 by this push:
new bff920a4af9 [branch-2.10][improve][build] Upgrade snakeyaml version to
2.0 (#20118)
bff920a4af9 is described below
commit bff920a4af95bcb2f2629b6c91a3aace109992d5
Author: Jiwei Guo <[email protected]>
AuthorDate: Tue Apr 18 11:13:20 2023 +0800
[branch-2.10][improve][build] Upgrade snakeyaml version to 2.0 (#20118)
---
buildtools/pom.xml | 2 +-
distribution/server/src/assemble/LICENSE.bin.txt | 26 +++++++++----------
pom.xml | 6 ++---
.../auth/KubernetesSecretsTokenAuthProvider.java | 8 +++---
.../runtime/kubernetes/KubernetesRuntime.java | 8 +++---
.../kubernetes/KubernetesRuntimeFactory.java | 2 +-
.../KubernetesSecretsTokenAuthProviderTest.java | 2 +-
.../kubernetes/KubernetesRuntimeFactoryTest.java | 6 ++---
pulsar-functions/secrets/pom.xml | 14 ++++++++++
pulsar-sql/presto-distribution/LICENSE | 30 +++++++++++-----------
src/owasp-dependency-check-suppressions.xml | 8 ------
11 files changed, 59 insertions(+), 53 deletions(-)
diff --git a/buildtools/pom.xml b/buildtools/pom.xml
index 0197f033262..58c67109ae5 100644
--- a/buildtools/pom.xml
+++ b/buildtools/pom.xml
@@ -49,7 +49,7 @@
<guice.version>4.2.3</guice.version>
<guava.version>31.0.1-jre</guava.version>
<ant.version>1.10.12</ant.version>
- <snakeyaml.version>1.32</snakeyaml.version>
+ <snakeyaml.version>2.0</snakeyaml.version>
<test.additional.args></test.additional.args>
<mockito.version>3.12.4</mockito.version>
</properties>
diff --git a/distribution/server/src/assemble/LICENSE.bin.txt
b/distribution/server/src/assemble/LICENSE.bin.txt
index 1ce81c73443..f80923b791c 100644
--- a/distribution/server/src/assemble/LICENSE.bin.txt
+++ b/distribution/server/src/assemble/LICENSE.bin.txt
@@ -312,18 +312,18 @@ The Apache Software License, Version 2.0
* JCommander -- com.beust-jcommander-1.78.jar
* High Performance Primitive Collections for Java --
com.carrotsearch-hppc-0.7.3.jar
* Jackson
- - com.fasterxml.jackson.core-jackson-annotations-2.13.4.jar
- - com.fasterxml.jackson.core-jackson-core-2.13.4.jar
- - com.fasterxml.jackson.core-jackson-databind-2.13.4.2.jar
- - com.fasterxml.jackson.dataformat-jackson-dataformat-yaml-2.13.4.jar
- - com.fasterxml.jackson.jaxrs-jackson-jaxrs-base-2.13.4.jar
- - com.fasterxml.jackson.jaxrs-jackson-jaxrs-json-provider-2.13.4.jar
- - com.fasterxml.jackson.module-jackson-module-jaxb-annotations-2.13.4.jar
- - com.fasterxml.jackson.module-jackson-module-jsonSchema-2.13.4.jar
+ - com.fasterxml.jackson.core-jackson-annotations-2.14.2.jar
+ - com.fasterxml.jackson.core-jackson-core-2.14.2.jar
+ - com.fasterxml.jackson.core-jackson-databind-2.14.2.jar
+ - com.fasterxml.jackson.dataformat-jackson-dataformat-yaml-2.14.2.jar
+ - com.fasterxml.jackson.jaxrs-jackson-jaxrs-base-2.14.2.jar
+ - com.fasterxml.jackson.jaxrs-jackson-jaxrs-json-provider-2.14.2.jar
+ - com.fasterxml.jackson.module-jackson-module-jaxb-annotations-2.14.2.jar
+ - com.fasterxml.jackson.module-jackson-module-jsonSchema-2.14.2.jar
* Caffeine -- com.github.ben-manes.caffeine-caffeine-2.9.1.jar
* Conscrypt -- org.conscrypt-conscrypt-openjdk-uber-2.5.2.jar
* Proto Google Common Protos --
com.google.api.grpc-proto-google-common-protos-2.0.1.jar
- * Bitbucket -- org.bitbucket.b_c-jose4j-0.7.6.jar
+ * Bitbucket -- org.bitbucket.b_c-jose4j-0.9.3.jar
* Gson
- com.google.code.gson-gson-2.8.9.jar
- io.gsonfire-gson-fire-1.8.5.jar
@@ -449,7 +449,7 @@ The Apache Software License, Version 2.0
- org.eclipse.jetty.websocket-websocket-servlet-9.4.48.v20220622.jar
- org.eclipse.jetty-jetty-alpn-conscrypt-server-9.4.48.v20220622.jar
- org.eclipse.jetty-jetty-alpn-server-9.4.48.v20220622.jar
- * SnakeYaml -- org.yaml-snakeyaml-1.32.jar
+ * SnakeYaml -- org.yaml-snakeyaml-2.0.jar
* RocksDB - org.rocksdb-rocksdbjni-6.10.2.jar
* Google Error Prone Annotations -
com.google.errorprone-error_prone_annotations-2.5.1.jar
* Apache Thrift - org.apache.thrift-libthrift-0.14.2.jar
@@ -500,9 +500,9 @@ The Apache Software License, Version 2.0
* Apache Yetus
- org.apache.yetus-audience-annotations-0.5.0.jar
* Kubernetes Client
- - io.kubernetes-client-java-12.0.1.jar
- - io.kubernetes-client-java-api-12.0.1.jar
- - io.kubernetes-client-java-proto-12.0.1.jar
+ - io.kubernetes-client-java-18.0.0.jar
+ - io.kubernetes-client-java-api-18.0.0.jar
+ - io.kubernetes-client-java-proto-18.0.0.jar
* Dropwizard
- io.dropwizard.metrics-metrics-core-3.2.5.jar
- io.dropwizard.metrics-metrics-graphite-3.2.5.jar
diff --git a/pom.xml b/pom.xml
index 69adebd4df3..545af19bc0d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -124,7 +124,7 @@ flexible messaging model and an intuitive client
API.</description>
<log4j2.version>2.18.0</log4j2.version>
<bouncycastle.version>1.69</bouncycastle.version>
<bouncycastlefips.version>1.0.2</bouncycastlefips.version>
- <jackson.version>2.13.4.20221013</jackson.version>
+ <jackson.version>2.14.2</jackson.version>
<reflections.version>0.9.11</reflections.version>
<swagger.version>1.6.2</swagger.version>
<puppycrawl.checkstyle.version>8.37</puppycrawl.checkstyle.version>
@@ -198,7 +198,7 @@ flexible messaging model and an intuitive client
API.</description>
<jakarta.xml.bind.version>2.3.3</jakarta.xml.bind.version>
<jakarta.validation.version>2.0.2</jakarta.validation.version>
<jna.version>4.2.0</jna.version>
- <kubernetesclient.version>12.0.1</kubernetesclient.version>
+ <kubernetesclient.version>18.0.0</kubernetesclient.version>
<okhttp3.version>4.9.3</okhttp3.version>
<!-- use okio version that matches the okhttp3 version -->
<okio.version>2.8.0</okio.version>
@@ -209,7 +209,7 @@ flexible messaging model and an intuitive client
API.</description>
<spring-context.version>5.3.19</spring-context.version>
<apache-http-client.version>4.5.13</apache-http-client.version>
<jetcd.version>0.5.11</jetcd.version>
- <snakeyaml.version>1.32</snakeyaml.version>
+ <snakeyaml.version>2.0</snakeyaml.version>
<ant.version>1.10.12</ant.version>
<seancfoley.ipaddress.version>5.3.3</seancfoley.ipaddress.version>
<netty-reactive-streams.version>2.0.6</netty-reactive-streams.version>
diff --git
a/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/auth/KubernetesSecretsTokenAuthProvider.java
b/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/auth/KubernetesSecretsTokenAuthProvider.java
index 262928ca183..60f7c13f9ac 100644
---
a/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/auth/KubernetesSecretsTokenAuthProvider.java
+++
b/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/auth/KubernetesSecretsTokenAuthProvider.java
@@ -203,7 +203,7 @@ public class KubernetesSecretsTokenAuthProvider implements
KubernetesFunctionAut
.supplier(() -> {
try {
coreClient.readNamespacedSecret(secretName,
kubeNamespace,
- null, null, null);
+ null);
} catch (ApiException e) {
// statefulset is gone
@@ -298,11 +298,11 @@ public class KubernetesSecretsTokenAuthProvider
implements KubernetesFunctionAut
.data(buildSecretMap(token));
try {
- coreClient.createNamespacedSecret(kubeNamespace,
v1Secret, null, null, null);
+ coreClient.createNamespacedSecret(kubeNamespace,
v1Secret, null, null, null, null);
} catch (ApiException e) {
if (e.getCode() == HTTP_CONFLICT) {
try {
- coreClient.replaceNamespacedSecret(secretName,
kubeNamespace, v1Secret, null, null, null);
+ coreClient.replaceNamespacedSecret(secretName,
kubeNamespace, v1Secret, null, null, null, null);
return
Actions.ActionResult.builder().success(true).build();
} catch (ApiException e1) {
@@ -354,7 +354,7 @@ public class KubernetesSecretsTokenAuthProvider implements
KubernetesFunctionAut
.metadata(new
V1ObjectMeta().name(getSecretName(id)))
.data(buildSecretMap(token));
try {
- coreClient.createNamespacedSecret(kubeNamespace,
v1Secret, null, null, null);
+ coreClient.createNamespacedSecret(kubeNamespace,
v1Secret, null, null, null, null);
} catch (ApiException e) {
// already exists
if (e.getCode() == HTTP_CONFLICT) {
diff --git
a/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntime.java
b/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntime.java
index 59d688a834d..c13a46d6b9b 100644
---
a/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntime.java
+++
b/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntime.java
@@ -452,7 +452,7 @@ public class KubernetesRuntime implements Runtime {
.supplier(() -> {
final V1Service response;
try {
- response =
coreClient.createNamespacedService(jobNamespace, service, null, null, null);
+ response =
coreClient.createNamespacedService(jobNamespace, service, null, null, null,
null);
} catch (ApiException e) {
// already exists
if (e.getCode() == HTTP_CONFLICT) {
@@ -537,7 +537,7 @@ public class KubernetesRuntime implements Runtime {
.supplier(() -> {
final V1StatefulSet response;
try {
- response =
appsClient.createNamespacedStatefulSet(jobNamespace, statefulSet, null, null,
null);
+ response =
appsClient.createNamespacedStatefulSet(jobNamespace, statefulSet, null, null,
null, null);
} catch (ApiException e) {
// already exists
if (e.getCode() == HTTP_CONFLICT) {
@@ -634,7 +634,7 @@ public class KubernetesRuntime implements Runtime {
V1StatefulSet response;
try {
response =
appsClient.readNamespacedStatefulSet(statefulSetName, jobNamespace,
- null, null, null);
+ null);
} catch (ApiException e) {
// statefulset is gone
if (e.getCode() == HTTP_NOT_FOUND) {
@@ -782,7 +782,7 @@ public class KubernetesRuntime implements Runtime {
V1Service response;
try {
response =
coreClient.readNamespacedService(serviceName, jobNamespace,
- null, null, null);
+ null);
} catch (ApiException e) {
// statefulset is gone
diff --git
a/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntimeFactory.java
b/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntimeFactory.java
index 4b2c7e72325..f43c6768be1 100644
---
a/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntimeFactory.java
+++
b/pulsar-functions/runtime/src/main/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntimeFactory.java
@@ -391,7 +391,7 @@ public class KubernetesRuntimeFactory implements
RuntimeFactory {
String changeConfigMapNamespace,
KubernetesRuntimeFactory
kubernetesRuntimeFactory) {
try {
- V1ConfigMap v1ConfigMap =
coreClient.readNamespacedConfigMap(changeConfigMap, changeConfigMapNamespace,
null, true, false);
+ V1ConfigMap v1ConfigMap =
coreClient.readNamespacedConfigMap(changeConfigMap, changeConfigMapNamespace,
null);
Map<String, String> data = v1ConfigMap.getData();
if (data != null) {
overRideKubernetesConfig(data, kubernetesRuntimeFactory);
diff --git
a/pulsar-functions/runtime/src/test/java/org/apache/pulsar/functions/auth/KubernetesSecretsTokenAuthProviderTest.java
b/pulsar-functions/runtime/src/test/java/org/apache/pulsar/functions/auth/KubernetesSecretsTokenAuthProviderTest.java
index 38dd91426b4..714434d625c 100644
---
a/pulsar-functions/runtime/src/test/java/org/apache/pulsar/functions/auth/KubernetesSecretsTokenAuthProviderTest.java
+++
b/pulsar-functions/runtime/src/test/java/org/apache/pulsar/functions/auth/KubernetesSecretsTokenAuthProviderTest.java
@@ -103,7 +103,7 @@ public class KubernetesSecretsTokenAuthProviderTest {
@Test
public void testCacheAuthData() throws ApiException {
CoreV1Api coreV1Api = mock(CoreV1Api.class);
- doReturn(new
V1Secret()).when(coreV1Api).createNamespacedSecret(anyString(), any(),
anyString(), anyString(), anyString());
+ doReturn(new
V1Secret()).when(coreV1Api).createNamespacedSecret(anyString(), any(),
anyString(), anyString(), anyString(), anyString());
KubernetesSecretsTokenAuthProvider kubernetesSecretsTokenAuthProvider
= new KubernetesSecretsTokenAuthProvider();
kubernetesSecretsTokenAuthProvider.initialize(coreV1Api, null, (fd)
-> "default");
Function.FunctionDetails funcDetails =
Function.FunctionDetails.newBuilder().setTenant("test-tenant").setNamespace("test-ns").setName("test-func").build();
diff --git
a/pulsar-functions/runtime/src/test/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntimeFactoryTest.java
b/pulsar-functions/runtime/src/test/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntimeFactoryTest.java
index 40887e225a8..30ed46b8715 100644
---
a/pulsar-functions/runtime/src/test/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntimeFactoryTest.java
+++
b/pulsar-functions/runtime/src/test/java/org/apache/pulsar/functions/runtime/kubernetes/KubernetesRuntimeFactoryTest.java
@@ -476,9 +476,9 @@ public class KubernetesRuntimeFactoryTest {
KubernetesRuntimeFactory kubernetesRuntimeFactory =
getKuberentesRuntimeFactory();
CoreV1Api coreV1Api = Mockito.mock(CoreV1Api.class);
V1ConfigMap v1ConfigMap = new V1ConfigMap();
-
Mockito.doReturn(v1ConfigMap).when(coreV1Api).readNamespacedConfigMap(any(),
any(), any(), any(), any());
+
Mockito.doReturn(v1ConfigMap).when(coreV1Api).readNamespacedConfigMap(any(),
any(), any());
KubernetesRuntimeFactory.fetchConfigMap(coreV1Api, changeConfigMap,
changeConfigNamespace, kubernetesRuntimeFactory);
- Mockito.verify(coreV1Api,
Mockito.times(1)).readNamespacedConfigMap(eq(changeConfigMap),
eq(changeConfigNamespace), eq(null), eq(true), eq(false));
+ Mockito.verify(coreV1Api,
Mockito.times(1)).readNamespacedConfigMap(eq(changeConfigMap),
eq(changeConfigNamespace), eq(null));
KubernetesRuntimeFactory expected = getKuberentesRuntimeFactory();
assertEquals(kubernetesRuntimeFactory, expected);
@@ -487,7 +487,7 @@ public class KubernetesRuntimeFactoryTest {
configs.put("imagePullPolicy", "test_imagePullPolicy2");
v1ConfigMap.setData(configs);
KubernetesRuntimeFactory.fetchConfigMap(coreV1Api, changeConfigMap,
changeConfigNamespace, kubernetesRuntimeFactory);
- Mockito.verify(coreV1Api,
Mockito.times(2)).readNamespacedConfigMap(eq(changeConfigMap),
eq(changeConfigNamespace), eq(null), eq(true), eq(false));
+ Mockito.verify(coreV1Api,
Mockito.times(2)).readNamespacedConfigMap(eq(changeConfigMap),
eq(changeConfigNamespace), eq(null));
assertEquals(kubernetesRuntimeFactory.getPulsarDockerImageName(),
"test_dockerImage2");
assertEquals(kubernetesRuntimeFactory.getImagePullPolicy(),
"test_imagePullPolicy2");
diff --git a/pulsar-functions/secrets/pom.xml b/pulsar-functions/secrets/pom.xml
index ddee304a064..f26a5814d13 100644
--- a/pulsar-functions/secrets/pom.xml
+++ b/pulsar-functions/secrets/pom.xml
@@ -35,6 +35,20 @@
<groupId>io.kubernetes</groupId>
<artifactId>client-java</artifactId>
<version>${kubernetesclient.version}</version>
+ <exclusions>
+ <exclusion>
+ <artifactId>bcpkix-jdk18on</artifactId>
+ <groupId>org.bouncycastle</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>bcutil-jdk18on</artifactId>
+ <groupId>org.bouncycastle</groupId>
+ </exclusion>
+ <exclusion>
+ <artifactId>bcprov-jdk18on</artifactId>
+ <groupId>org.bouncycastle</groupId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
diff --git a/pulsar-sql/presto-distribution/LICENSE
b/pulsar-sql/presto-distribution/LICENSE
index 4087b9e83e0..049ff6c8e7e 100644
--- a/pulsar-sql/presto-distribution/LICENSE
+++ b/pulsar-sql/presto-distribution/LICENSE
@@ -207,19 +207,19 @@ This projects includes binary packages with the following
licenses:
The Apache Software License, Version 2.0
* Jackson
- - jackson-annotations-2.13.4.jar
- - jackson-core-2.13.4.jar
- - jackson-databind-2.13.4.2.jar
- - jackson-dataformat-smile-2.13.4.jar
- - jackson-datatype-guava-2.13.4.jar
- - jackson-datatype-jdk8-2.13.4.jar
- - jackson-datatype-joda-2.13.4.jar
- - jackson-datatype-jsr310-2.13.4.jar
- - jackson-dataformat-yaml-2.13.4.jar
- - jackson-jaxrs-base-2.13.4.jar
- - jackson-jaxrs-json-provider-2.13.4.jar
- - jackson-module-jaxb-annotations-2.13.4.jar
- - jackson-module-jsonSchema-2.13.4.jar
+ - jackson-annotations-2.14.2.jar
+ - jackson-core-2.14.2.jar
+ - jackson-databind-2.14.2.jar
+ - jackson-dataformat-smile-2.14.2.jar
+ - jackson-datatype-guava-2.14.2.jar
+ - jackson-datatype-jdk8-2.14.2.jar
+ - jackson-datatype-joda-2.14.2.jar
+ - jackson-datatype-jsr310-2.14.2.jar
+ - jackson-dataformat-yaml-2.14.2.jar
+ - jackson-jaxrs-base-2.14.2.jar
+ - jackson-jaxrs-json-provider-2.14.2.jar
+ - jackson-module-jaxb-annotations-2.14.2.jar
+ - jackson-module-jsonSchema-2.14.2.jar
* Guava
- guava-31.0.1-jre.jar
- listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
@@ -413,7 +413,7 @@ The Apache Software License, Version 2.0
* RocksDB JNI
- rocksdbjni-6.10.2.jar
* SnakeYAML
- - snakeyaml-1.32.jar
+ - snakeyaml-2.0.jar
* Bean Validation API
- validation-api-2.0.1.Final.jar
* Objectsize
@@ -459,7 +459,7 @@ The Apache Software License, Version 2.0
* Snappy
- snappy-java-1.1.7.jar
* Jackson
- - jackson-module-parameter-names-2.13.4.jar
+ - jackson-module-parameter-names-2.14.2.jar
* Java Assist
- javassist-3.25.0-GA.jar
* Java Native Access
diff --git a/src/owasp-dependency-check-suppressions.xml
b/src/owasp-dependency-check-suppressions.xml
index 201a23baa03..8d54b3cbe08 100644
--- a/src/owasp-dependency-check-suppressions.xml
+++ b/src/owasp-dependency-check-suppressions.xml
@@ -36,14 +36,6 @@
<gav>org.apache.thrift:libthrift:0.12.0</gav>
<vulnerabilityName regex="true">.*</vulnerabilityName>
</suppress>
- <suppress>
- <notes><![CDATA[
- file name: snakeyaml-1.32.jar
- ]]></notes>
- <sha1>e80612549feb5c9191c498de628c1aa80693cf0b</sha1>
- <cve>CVE-2022-1471</cve>
- </suppress>
-
<!-- influxdb dependencies -->
<suppress>
<notes><