This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/storm.git
The following commit(s) were added to refs/heads/master by this push:
new e3d9e9e3e Summarizes Dependency Updates (#8002)
e3d9e9e3e is described below
commit e3d9e9e3ed5f82b3ec81b39c7e4565c9dbbdf9eb
Author: Richard Zowalla <[email protected]>
AuthorDate: Mon Mar 24 16:48:42 2025 +0100
Summarizes Dependency Updates (#8002)
Includes:
Jackson 2.18.3 #8003
slf4j2 2.0.17 #8004
jetty 11.0.25 #8005
commons-csv 1.14.0 #8006
guava 33.4.5-jre #8007
* Bump com.fasterxml.jackson:jackson-bom from 2.18.2 to 2.18.3
Bumps
[com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom)
from 2.18.2 to 2.18.3.
-
[Commits](https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.18.2...jackson-bom-2.18.3)
---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
* Bump slf4j.version from 2.0.16 to 2.0.17
Bumps `slf4j.version` from 2.0.16 to 2.0.17.
Updates `org.slf4j:slf4j-api` from 2.0.16 to 2.0.17
Updates `org.slf4j:slf4j-log4j12` from 2.0.16 to 2.0.17
Updates `org.slf4j:log4j-over-slf4j` from 2.0.16 to 2.0.17
Updates `org.slf4j:jcl-over-slf4j` from 2.0.16 to 2.0.17
Updates `org.slf4j:jul-to-slf4j` from 2.0.16 to 2.0.17
---
updated-dependencies:
- dependency-name: org.slf4j:slf4j-api
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.slf4j:slf4j-log4j12
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.slf4j:log4j-over-slf4j
dependency-type: direct:development
update-type: version-update:semver-patch
- dependency-name: org.slf4j:jcl-over-slf4j
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.slf4j:jul-to-slf4j
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
* Bump com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.18.3
Bumps
[com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson)
from 2.18.2 to 2.18.3.
- [Commits](https://github.com/FasterXML/jackson/commits)
---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-databind
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
* Bump org.checkerframework:checker-qual from 3.49.0 to 3.49.1
Bumps
[org.checkerframework:checker-qual](https://github.com/typetools/checker-framework)
from 3.49.0 to 3.49.1.
- [Release notes](https://github.com/typetools/checker-framework/releases)
-
[Changelog](https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md)
-
[Commits](https://github.com/typetools/checker-framework/compare/checker-framework-3.49.0...checker-framework-3.49.1)
---
updated-dependencies:
- dependency-name: org.checkerframework:checker-qual
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
* Update DEPENDENCY-LICENSES
* Update LICENSE-binary
* Bump com.google.errorprone:error_prone_annotations from 2.36.0 to 2.37.0
Bumps
[com.google.errorprone:error_prone_annotations](https://github.com/google/error-prone)
from 2.36.0 to 2.37.0.
- [Release notes](https://github.com/google/error-prone/releases)
- [Commits](https://github.com/google/error-prone/compare/v2.36.0...v2.37.0)
---
updated-dependencies:
- dependency-name: com.google.errorprone:error_prone_annotations
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <[email protected]>
* Bump jetty.version from 11.0.24 to 11.0.25
Bumps `jetty.version` from 11.0.24 to 11.0.25.
Updates `org.eclipse.jetty:jetty-bom` from 11.0.24 to 11.0.25
- [Release notes](https://github.com/jetty/jetty.project/releases)
-
[Commits](https://github.com/jetty/jetty.project/compare/jetty-11.0.24...jetty-11.0.25)
Updates `org.eclipse.jetty:jetty-servlet` from 11.0.24 to 11.0.25
Updates `org.eclipse.jetty:jetty-servlets` from 11.0.24 to 11.0.25
---
updated-dependencies:
- dependency-name: org.eclipse.jetty:jetty-bom
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlet
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: org.eclipse.jetty:jetty-servlets
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
* Bump org.apache.commons:commons-csv from 1.13.0 to 1.14.0
Bumps
[org.apache.commons:commons-csv](https://github.com/apache/commons-csv) from
1.13.0 to 1.14.0.
-
[Changelog](https://github.com/apache/commons-csv/blob/master/RELEASE-NOTES.txt)
-
[Commits](https://github.com/apache/commons-csv/compare/rel/commons-csv-1.13.0...rel/commons-csv-1.14.0)
---
updated-dependencies:
- dependency-name: org.apache.commons:commons-csv
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <[email protected]>
* Bump com.google.guava:guava from 33.4.0-jre to 33.4.5-jre
Bumps [com.google.guava:guava](https://github.com/google/guava) from
33.4.0-jre to 33.4.5-jre.
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)
---
updated-dependencies:
- dependency-name: com.google.guava:guava
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <[email protected]>
* License
* LICENSE-binary
* Fix typo
* Fix typo
---------
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: reiabreu <[email protected]>
---
DEPENDENCY-LICENSES | 58 ++++++++++++------------
LICENSE-binary | 59 +++++++++++++------------
pom.xml | 14 +++---
sql/storm-sql-external/storm-sql-hdfs/pom.xml | 2 +-
sql/storm-sql-external/storm-sql-kafka/pom.xml | 2 +-
sql/storm-sql-runtime/pom.xml | 4 +-
storm-dist/binary/storm-sql-core-bin/pom.xml | 2 +-
storm-dist/binary/storm-sql-runtime-bin/pom.xml | 2 +-
8 files changed, 72 insertions(+), 71 deletions(-)
diff --git a/DEPENDENCY-LICENSES b/DEPENDENCY-LICENSES
index 88b6b4072..a40670f3d 100644
--- a/DEPENDENCY-LICENSES
+++ b/DEPENDENCY-LICENSES
@@ -16,7 +16,6 @@ List of third-party dependencies grouped by their license
type.
Apache License
* carbonite (org.clojars.bipinprasad:carbonite:1.6.0 -
https://github.com/bipinprasad/carbonite)
- * Log4j Implemented Over SLF4J (org.slf4j:log4j-over-slf4j:2.0.16 -
http://www.slf4j.org)
Apache License, Version 2.0
@@ -33,7 +32,7 @@ List of third-party dependencies grouped by their license
type.
* Apache Commons Compress (org.apache.commons:commons-compress:1.27.1
- https://commons.apache.org/proper/commons-compress/)
* Apache Commons Configuration
(org.apache.commons:commons-configuration2:2.11.0 -
https://commons.apache.org/proper/commons-configuration/)
* Apache Commons Crypto (org.apache.commons:commons-crypto:1.1.0 -
https://commons.apache.org/proper/commons-crypto/)
- * Apache Commons CSV (org.apache.commons:commons-csv:1.13.0 -
https://commons.apache.org/proper/commons-csv/)
+ * Apache Commons CSV (org.apache.commons:commons-csv:1.14.0 -
https://commons.apache.org/proper/commons-csv/)
* Apache Commons Exec (org.apache.commons:commons-exec:1.4.0 -
https://commons.apache.org/proper/commons-exec/)
* Apache Commons FileUpload (commons-fileupload:commons-fileupload:1.5
- https://commons.apache.org/proper/commons-fileupload/)
* Apache Commons IO (commons-io:commons-io:2.18.0 -
https://commons.apache.org/proper/commons-io/)
@@ -113,42 +112,42 @@ List of third-party dependencies grouped by their license
type.
* Dropwizard Servlet Support (io.dropwizard:dropwizard-servlets:4.0.12
-
http://www.dropwizard.io/4.0.12/dropwizard-bom/dropwizard-dependencies/dropwizard-parent/dropwizard-servlets)
* Dropwizard Utility Classes (io.dropwizard:dropwizard-util:4.0.12 -
http://www.dropwizard.io/4.0.12/dropwizard-bom/dropwizard-dependencies/dropwizard-parent/dropwizard-util)
* Dropwizard Validation Support
(io.dropwizard:dropwizard-validation:4.0.12 -
http://www.dropwizard.io/4.0.12/dropwizard-bom/dropwizard-dependencies/dropwizard-parent/dropwizard-validation)
- * error-prone annotations
(com.google.errorprone:error_prone_annotations:2.36.0 -
https://errorprone.info/error_prone_annotations)
+ * error-prone annotations
(com.google.errorprone:error_prone_annotations:2.37.0 -
https://errorprone.info/error_prone_annotations)
* Esri Geometry API for Java
(com.esri.geometry:esri-geometry-api:2.0.0 -
https://github.com/Esri/geometry-api-java)
* FindBugs-jsr305 (com.google.code.findbugs:jsr305:3.0.1 -
http://findbugs.sourceforge.net/)
* FindBugs-jsr305 (com.google.code.findbugs:jsr305:3.0.2 -
http://findbugs.sourceforge.net/)
* Google Guice - Core Library (com.google.inject:guice:4.2.1 -
https://github.com/google/guice/guice)
* Graphite Integration for Metrics
(io.dropwizard.metrics:metrics-graphite:4.2.30 -
https://metrics.dropwizard.io/metrics-graphite)
* Gson (com.google.code.gson:gson:2.12.1 -
https://github.com/google/gson)
- * Guava: Google Core Libraries for Java
(com.google.guava:guava:33.4.0-jre - https://github.com/google/guava)
- * Guava InternalFutureFailureAccess and InternalFutures
(com.google.guava:failureaccess:1.0.2 -
https://github.com/google/guava/failureaccess)
+ * Guava: Google Core Libraries for Java
(com.google.guava:guava:33.4.5-jre - https://github.com/google/guava)
+ * Guava InternalFutureFailureAccess and InternalFutures
(com.google.guava:failureaccess:1.0.3 -
https://github.com/google/guava/failureaccess)
* Guava ListenableFuture only
(com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava -
https://github.com/google/guava/listenablefuture)
* hawtbuf (org.fusesource.hawtbuf:hawtbuf:1.11 -
http://hawtbuf.fusesource.org/hawtbuf)
* Hibernate Validator Engine
(org.hibernate.validator:hibernate-validator:7.0.5.Final -
http://hibernate.org/validator/hibernate-validator)
* HikariCP (com.zaxxer:HikariCP:6.2.1 -
https://github.com/brettwooldridge/HikariCP)
* j2html (com.j2html:j2html:1.6.0 - http://j2html.com)
* J2ObjC Annotations (com.google.j2objc:j2objc-annotations:3.0.0 -
https://github.com/google/j2objc/)
- * Jackson-annotations
(com.fasterxml.jackson.core:jackson-annotations:2.18.2 -
https://github.com/FasterXML/jackson)
- * Jackson-core (com.fasterxml.jackson.core:jackson-core:2.18.2 -
https://github.com/FasterXML/jackson-core)
- * jackson-databind (com.fasterxml.jackson.core:jackson-databind:2.18.2
- https://github.com/FasterXML/jackson)
- * Jackson dataformat: Smile
(com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.18.2 -
https://github.com/FasterXML/jackson-dataformats-binary)
- * Jackson-dataformat-YAML
(com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.2 -
https://github.com/FasterXML/jackson-dataformats-text)
- * Jackson datatype: Guava
(com.fasterxml.jackson.datatype:jackson-datatype-guava:2.18.2 -
https://github.com/FasterXML/jackson-datatypes-collections)
- * Jackson datatype: jdk8
(com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.18.2 -
https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jdk8)
- * Jackson datatype: JSR310
(com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.2 -
https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jsr310)
+ * Jackson-annotations
(com.fasterxml.jackson.core:jackson-annotations:2.18.3 -
https://github.com/FasterXML/jackson)
+ * Jackson-core (com.fasterxml.jackson.core:jackson-core:2.18.3 -
https://github.com/FasterXML/jackson-core)
+ * jackson-databind (com.fasterxml.jackson.core:jackson-databind:2.18.3
- https://github.com/FasterXML/jackson)
+ * Jackson dataformat: Smile
(com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.18.3 -
https://github.com/FasterXML/jackson-dataformats-binary)
+ * Jackson-dataformat-YAML
(com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.3 -
https://github.com/FasterXML/jackson-dataformats-text)
+ * Jackson datatype: Guava
(com.fasterxml.jackson.datatype:jackson-datatype-guava:2.18.3 -
https://github.com/FasterXML/jackson-datatypes-collections)
+ * Jackson datatype: jdk8
(com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.18.3 -
https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jdk8)
+ * Jackson datatype: JSR310
(com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.3 -
https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jsr310)
* Jackson Integration for Metrics
(io.dropwizard.metrics:metrics-json:4.2.30 -
https://metrics.dropwizard.io/metrics-json)
- * Jackson Jakarta-RS: base
(com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-base:2.18.2 -
https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-base)
- * Jackson Jakarta-RS: JSON
(com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider:2.18.2 -
https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-json-provider)
- * Jackson module: Blackbird
(com.fasterxml.jackson.module:jackson-module-blackbird:2.18.2 -
https://github.com/FasterXML/jackson-modules-base)
- * Jackson module: Jakarta XML Bind Annotations (jakarta.xml.bind)
(com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations:2.18.2
- https://github.com/FasterXML/jackson-modules-base)
- * Jackson-module-parameter-names
(com.fasterxml.jackson.module:jackson-module-parameter-names:2.18.2 -
https://github.com/FasterXML/jackson-modules-java8/jackson-module-parameter-names)
+ * Jackson Jakarta-RS: base
(com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-base:2.18.3 -
https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-base)
+ * Jackson Jakarta-RS: JSON
(com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider:2.18.3 -
https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-json-provider)
+ * Jackson module: Blackbird
(com.fasterxml.jackson.module:jackson-module-blackbird:2.18.3 -
https://github.com/FasterXML/jackson-modules-base)
+ * Jackson module: Jakarta XML Bind Annotations (jakarta.xml.bind)
(com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations:2.18.3
- https://github.com/FasterXML/jackson-modules-base)
+ * Jackson-module-parameter-names
(com.fasterxml.jackson.module:jackson-module-parameter-names:2.18.3 -
https://github.com/FasterXML/jackson-modules-java8/jackson-module-parameter-names)
* Jakarta Bean Validation API
(jakarta.validation:jakarta.validation-api:3.0.2 - https://beanvalidation.org)
* Jakarta Dependency Injection
(jakarta.inject:jakarta.inject-api:2.0.1.MR -
https://github.com/eclipse-ee4j/injection-api)
* Java Concurrency Tools Core Library (org.jctools:jctools-core:4.0.5
- https://github.com/JCTools)
* javax.inject (javax.inject:javax.inject:1 -
http://code.google.com/p/atinject/)
* JBoss Logging 3 (org.jboss.logging:jboss-logging:3.6.0.Final -
http://www.jboss.org)
* JCIP Annotations under Apache License
(com.github.stephenc.jcip:jcip-annotations:1.0-1 -
http://stephenc.github.com/jcip-annotations)
- * JCL 1.2 implemented over SLF4J (org.slf4j:jcl-over-slf4j:2.0.16 -
http://www.slf4j.org)
+ * JCL 1.2 implemented over SLF4J (org.slf4j:jcl-over-slf4j:2.0.17 -
http://www.slf4j.org)
* jdependency (org.vafer:jdependency:2.10 -
http://github.com/tcurdt/jdependency)
* Jettison (org.codehaus.jettison:jettison:1.5.4 -
https://github.com/jettison-json/jettison)
* JSON Small and Fast Parser (net.minidev:json-smart:2.5.2 -
https://urielch.github.io/)
@@ -161,6 +160,7 @@ List of third-party dependencies grouped by their license
type.
* Kerby-kerb Util (org.apache.kerby:kerb-util:2.0.3 -
https://directory.apache.org/kerby/kerby-kerb/kerb-util)
* Kerby PKIX Project (org.apache.kerby:kerby-pkix:2.0.3 -
https://directory.apache.org/kerby/kerby-pkix)
* Kerby Util (org.apache.kerby:kerby-util:2.0.3 -
https://directory.apache.org/kerby/kerby-common/kerby-util)
+ * Log4j Implemented Over SLF4J (org.slf4j:log4j-over-slf4j:2.0.17 -
http://www.slf4j.org)
* Logging (commons-logging:commons-logging:1.0.3 -
http://jakarta.apache.org/commons/logging/)
* LZ4 and xxHash (org.lz4:lz4-java:1.8.0 -
https://github.com/lz4/lz4-java)
* Maven Artifact (org.apache.maven:maven-artifact:3.8.1 -
https://maven.apache.org/ref/3.8.1/maven-artifact/)
@@ -299,13 +299,13 @@ List of third-party dependencies grouped by their license
type.
Apache License, Version 2.0, Eclipse Public License - Version 2.0
- * Jetty :: Http Utility (org.eclipse.jetty:jetty-http:11.0.24 -
https://jetty.org/jetty-http)
- * Jetty :: IO Utility (org.eclipse.jetty:jetty-io:11.0.24 -
https://jetty.org/jetty-io)
- * Jetty :: Security (org.eclipse.jetty:jetty-security:11.0.24 -
https://jetty.org/jetty-security)
- * Jetty :: Server Core (org.eclipse.jetty:jetty-server:11.0.24 -
https://jetty.org/jetty-server)
- * Jetty :: Servlet Handling (org.eclipse.jetty:jetty-servlet:11.0.24 -
https://jetty.org/jetty-servlet)
- * Jetty :: Utilities (org.eclipse.jetty:jetty-util:11.0.24 -
https://jetty.org/jetty-util)
- * Jetty :: Utility Servlets and Filters
(org.eclipse.jetty:jetty-servlets:11.0.24 - https://jetty.org/jetty-servlets)
+ * Jetty :: Http Utility (org.eclipse.jetty:jetty-http:11.0.25 -
https://jetty.org/jetty-http)
+ * Jetty :: IO Utility (org.eclipse.jetty:jetty-io:11.0.25 -
https://jetty.org/jetty-io)
+ * Jetty :: Security (org.eclipse.jetty:jetty-security:11.0.25 -
https://jetty.org/jetty-security)
+ * Jetty :: Server Core (org.eclipse.jetty:jetty-server:11.0.25 -
https://jetty.org/jetty-server)
+ * Jetty :: Servlet Handling (org.eclipse.jetty:jetty-servlet:11.0.25 -
https://jetty.org/jetty-servlet)
+ * Jetty :: Utilities (org.eclipse.jetty:jetty-util:11.0.25 -
https://jetty.org/jetty-util)
+ * Jetty :: Utility Servlets and Filters
(org.eclipse.jetty:jetty-servlets:11.0.25 - https://jetty.org/jetty-servlets)
Apache License, Version 2.0, GNU General Public License, version 2
@@ -424,12 +424,12 @@ List of third-party dependencies grouped by their license
type.
MIT License
* argparse4j (net.sourceforge.argparse4j:argparse4j:0.9.0 -
https://argparse4j.github.io)
- * Checker Qual (org.checkerframework:checker-qual:3.49.0 -
https://checkerframework.org/)
+ * Checker Qual (org.checkerframework:checker-qual:3.49.1 -
https://checkerframework.org/)
* JCodings (org.jruby.jcodings:jcodings:1.0.58 -
http://nexus.sonatype.org/oss-repository-hosting.html/jcodings)
* Jedis (redis.clients:jedis:5.2.0 - https://github.com/redis/jedis)
* Joni (org.jruby.joni:joni:2.2.1 -
http://nexus.sonatype.org/oss-repository-hosting.html/joni)
- * JUL to SLF4J bridge (org.slf4j:jul-to-slf4j:2.0.16 -
http://www.slf4j.org)
- * SLF4J API Module (org.slf4j:slf4j-api:2.0.16 - http://www.slf4j.org)
+ * JUL to SLF4J bridge (org.slf4j:jul-to-slf4j:2.0.17 -
http://www.slf4j.org)
+ * SLF4J API Module (org.slf4j:slf4j-api:2.0.17 - http://www.slf4j.org)
* System Out and Err redirected to SLF4J
(uk.org.lidalia:sysout-over-slf4j:1.0.2 -
http://projects.lidalia.org.uk/sysout-over-slf4j/)
Public Domain
diff --git a/LICENSE-binary b/LICENSE-binary
index 8740f02d8..dbe8b8c7b 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -665,7 +665,7 @@ The license texts of these dependencies can be found in the
licenses directory.
Apache License
* carbonite (org.clojars.bipinprasad:carbonite:1.6.0 -
https://github.com/bipinprasad/carbonite)
- * Log4j Implemented Over SLF4J (org.slf4j:log4j-over-slf4j:2.0.16 -
http://www.slf4j.org)
+ * Log4j Implemented Over SLF4J (org.slf4j:log4j-over-slf4j:2.0.17 -
http://www.slf4j.org)
Apache License, Version 2.0
@@ -680,7 +680,7 @@ The license texts of these dependencies can be found in the
licenses directory.
* Apache Commons Compress (org.apache.commons:commons-compress:1.27.1
- https://commons.apache.org/proper/commons-compress/)
* Apache Commons Configuration
(org.apache.commons:commons-configuration2:2.11.0 -
https://commons.apache.org/proper/commons-configuration/)
* Apache Commons Crypto (org.apache.commons:commons-crypto:1.1.0 -
https://commons.apache.org/proper/commons-crypto/)
- * Apache Commons CSV (org.apache.commons:commons-csv:1.13.0 -
http://commons.apache.org/proper/commons-csv/)
+ * Apache Commons CSV (org.apache.commons:commons-csv:1.14.0 -
http://commons.apache.org/proper/commons-csv/)
* Apache Commons Exec (org.apache.commons:commons-exec:1.4.0 -
http://commons.apache.org/proper/commons-exec/)
* Apache Commons IO (commons-io:commons-io:2.18.0 -
https://commons.apache.org/proper/commons-io/)
* Apache Commons Logging (commons-logging:commons-logging:1.2 -
http://commons.apache.org/proper/commons-logging/)
@@ -744,38 +744,39 @@ The license texts of these dependencies can be found in
the licenses directory.
* Dropwizard Servlet Support (io.dropwizard:dropwizard-servlets:4.0.12
-
http://www.dropwizard.io/4.0.12/dropwizard-bom/dropwizard-dependencies/dropwizard-parent/dropwizard-servlets)
* Dropwizard Utility Classes (io.dropwizard:dropwizard-util:4.0.12 -
http://www.dropwizard.io/4.0.12/dropwizard-bom/dropwizard-dependencies/dropwizard-parent/dropwizard-util)
* Dropwizard Validation Support
(io.dropwizard:dropwizard-validation:4.0.12 -
http://www.dropwizard.io/4.0.12/dropwizard-bom/dropwizard-dependencies/dropwizard-parent/dropwizard-validation)
- * error-prone annotations
(com.google.errorprone:error_prone_annotations:2.36.0 -
https://errorprone.info/error_prone_annotations)
+ * error-prone annotations
(com.google.errorprone:error_prone_annotations:2.37.0 -
https://errorprone.info/error_prone_annotations)
* Esri Geometry API for Java
(com.esri.geometry:esri-geometry-api:2.0.0 -
https://github.com/Esri/geometry-api-java)
+ * FindBugs-jsr305 (com.google.code.findbugs:jsr305:3.0.1 -
http://findbugs.sourceforge.net/)
* FindBugs-jsr305 (com.google.code.findbugs:jsr305:3.0.2 -
http://findbugs.sourceforge.net/)
* Graphite Integration for Metrics
(io.dropwizard.metrics:metrics-graphite:4.2.30 -
https://metrics.dropwizard.io/metrics-graphite)
* Gson (com.google.code.gson:gson:2.12.1 -
https://github.com/google/gson/gson)
- * Guava: Google Core Libraries for Java
(com.google.guava:guava:33.4.0-jre - https://github.com/google/guava)
- * Guava InternalFutureFailureAccess and InternalFutures
(com.google.guava:failureaccess:1.0.2 -
https://github.com/google/guava/failureaccess)
+ * Guava: Google Core Libraries for Java
(com.google.guava:guava:33.4.5-jre - https://github.com/google/guava)
+ * Guava InternalFutureFailureAccess and InternalFutures
(com.google.guava:failureaccess:1.0.3 -
https://github.com/google/guava/failureaccess)
* Guava ListenableFuture only
(com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava -
https://github.com/google/guava/listenablefuture)
* Hibernate Validator Engine
(org.hibernate.validator:hibernate-validator:7.0.5.Final -
http://hibernate.org/validator/hibernate-validator)
* j2html (com.j2html:j2html:1.6.0 - http://j2html.com)
* J2ObjC Annotations (com.google.j2objc:j2objc-annotations:3.0.0 -
https://github.com/google/j2objc/)
- * Jackson-annotations
(com.fasterxml.jackson.core:jackson-annotations:2.18.2 -
https://github.com/FasterXML/jackson)
- * Jackson-core (com.fasterxml.jackson.core:jackson-core:2.18.2 -
https://github.com/FasterXML/jackson-core)
- * jackson-databind (com.fasterxml.jackson.core:jackson-databind:2.18.2
- https://github.com/FasterXML/jackson)
- * Jackson dataformat: Smile
(com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.18.2 -
https://github.com/FasterXML/jackson-dataformats-binary)
- * Jackson-dataformat-YAML
(com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.2 -
https://github.com/FasterXML/jackson-dataformats-text)
- * Jackson datatype: Guava
(com.fasterxml.jackson.datatype:jackson-datatype-guava:2.18.2 -
https://github.com/FasterXML/jackson-datatypes-collections)
- * Jackson datatype: jdk8
(com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.18.2 -
https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jdk8)
- * Jackson datatype: JSR310
(com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.2 -
https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jsr310)
+ * Jackson-annotations
(com.fasterxml.jackson.core:jackson-annotations:2.18.3 -
https://github.com/FasterXML/jackson)
+ * Jackson-core (com.fasterxml.jackson.core:jackson-core:2.18.3 -
https://github.com/FasterXML/jackson-core)
+ * jackson-databind (com.fasterxml.jackson.core:jackson-databind:2.18.3
- https://github.com/FasterXML/jackson)
+ * Jackson dataformat: Smile
(com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.18.3 -
https://github.com/FasterXML/jackson-dataformats-binary)
+ * Jackson-dataformat-YAML
(com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.3 -
https://github.com/FasterXML/jackson-dataformats-text)
+ * Jackson datatype: Guava
(com.fasterxml.jackson.datatype:jackson-datatype-guava:2.18.3 -
https://github.com/FasterXML/jackson-datatypes-collections)
+ * Jackson datatype: jdk8
(com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.18.3 -
https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jdk8)
+ * Jackson datatype: JSR310
(com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.3 -
https://github.com/FasterXML/jackson-modules-java8/jackson-datatype-jsr310)
* Jackson Integration for Metrics
(io.dropwizard.metrics:metrics-json:4.2.30 -
https://metrics.dropwizard.io/metrics-json)
- * Jackson Jakarta-RS: base
(com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-base:2.18.2 -
https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-base)
- * Jackson Jakarta-RS: JSON
(com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider:2.18.2 -
https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-json-provider)
- * Jackson module: Blackbird
(com.fasterxml.jackson.module:jackson-module-blackbird:2.18.2 -
https://github.com/FasterXML/jackson-modules-base)
- * Jackson module: Jakarta XML Bind Annotations (jakarta.xml.bind)
(com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations:2.18.2
- https://github.com/FasterXML/jackson-modules-base)
- * Jackson-module-parameter-names
(com.fasterxml.jackson.module:jackson-module-parameter-names:2.18.2 -
https://github.com/FasterXML/jackson-modules-java8/jackson-module-parameter-names)
+ * Jackson Jakarta-RS: base
(com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-base:2.18.3 -
https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-base)
+ * Jackson Jakarta-RS: JSON
(com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider:2.18.3 -
https://github.com/FasterXML/jackson-jakarta-rs-providers/jackson-jakarta-rs-json-provider)
+ * Jackson module: Blackbird
(com.fasterxml.jackson.module:jackson-module-blackbird:2.18.3 -
https://github.com/FasterXML/jackson-modules-base)
+ * Jackson module: Jakarta XML Bind Annotations (jakarta.xml.bind)
(com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations:2.18.3
- https://github.com/FasterXML/jackson-modules-base)
+ * Jackson-module-parameter-names
(com.fasterxml.jackson.module:jackson-module-parameter-names:2.18.3 -
https://github.com/FasterXML/jackson-modules-java8/jackson-module-parameter-names)
* Jakarta Bean Validation API
(jakarta.validation:jakarta.validation-api:3.0.2 - https://beanvalidation.org)
* Jakarta Dependency Injection
(jakarta.inject:jakarta.inject-api:2.0.1.MR -
https://github.com/eclipse-ee4j/injection-api)
* Java Concurrency Tools Core Library (org.jctools:jctools-core:4.0.5
- https://github.com/JCTools)
* javax.inject (javax.inject:javax.inject:1 -
http://code.google.com/p/atinject/)
* JBoss Logging 3 (org.jboss.logging:jboss-logging:3.6.0.Final -
http://www.jboss.org)
* JCIP Annotations under Apache License
(com.github.stephenc.jcip:jcip-annotations:1.0-1 -
http://stephenc.github.com/jcip-annotations)
- * JCL 1.2 implemented over SLF4J (org.slf4j:jcl-over-slf4j:2.0.16 -
http://www.slf4j.org)
+ * JCL 1.2 implemented over SLF4J (org.slf4j:jcl-over-slf4j:2.0.17 -
http://www.slf4j.org)
* Jettison (org.codehaus.jettison:jettison:1.5.4 - no url defined)
* JSON Small and Fast Parser (net.minidev:json-smart:2.5.2 -
https://urielch.github.io/)
* JSpecify annotations (org.jspecify:jspecify:1.0.0 -
http://jspecify.org/)
@@ -890,13 +891,13 @@ The license texts of these dependencies can be found in
the licenses directory.
Apache License, Version 2.0, Eclipse Public License - Version 2.0
- * Jetty :: Http Utility (org.eclipse.jetty:jetty-http:11.0.24 -
https://jetty.org/jetty/jetty-http)
- * Jetty :: IO Utility (org.eclipse.jetty:jetty-io:11.0.24 -
https://jetty.org/jetty/jetty-io)
- * Jetty :: Security (org.eclipse.jetty:jetty-security:11.0.24 -
https://jetty.org/jetty/jetty-security)
- * Jetty :: Server Core (org.eclipse.jetty:jetty-server:11.0.24 -
https://jetty.org/jetty/jetty-server)
- * Jetty :: Servlet Handling (org.eclipse.jetty:jetty-servlet:11.0.24 -
https://jetty.org/jetty/jetty-servlet)
- * Jetty :: Utilities (org.eclipse.jetty:jetty-util:11.0.24 -
https://jetty.org/jetty/jetty-util)
- * Jetty :: Utility Servlets and Filters
(org.eclipse.jetty:jetty-servlets:11.0.24 -
https://jetty.org/jetty/jetty-servlets)
+ * Jetty :: Http Utility (org.eclipse.jetty:jetty-http:11.0.25 -
https://jetty.org/jetty/jetty-http)
+ * Jetty :: IO Utility (org.eclipse.jetty:jetty-io:11.0.25 -
https://jetty.org/jetty/jetty-io)
+ * Jetty :: Security (org.eclipse.jetty:jetty-security:11.0.25 -
https://jetty.org/jetty/jetty-security)
+ * Jetty :: Server Core (org.eclipse.jetty:jetty-server:11.0.25 -
https://jetty.org/jetty/jetty-server)
+ * Jetty :: Servlet Handling (org.eclipse.jetty:jetty-servlet:11.0.25 -
https://jetty.org/jetty/jetty-servlet)
+ * Jetty :: Utilities (org.eclipse.jetty:jetty-util:11.0.25 -
https://jetty.org/jetty/jetty-util)
+ * Jetty :: Utility Servlets and Filters
(org.eclipse.jetty:jetty-servlets:11.0.25 -
https://jetty.org/jetty/jetty-servlets)
Apache License, Version 2.0, GNU General Public License, version 2
@@ -1001,11 +1002,11 @@ The license texts of these dependencies can be found in
the licenses directory.
MIT License
* argparse4j (net.sourceforge.argparse4j:argparse4j:0.9.0 -
https://argparse4j.github.io)
- * Checker Qual (org.checkerframework:checker-qual:3.49.0 -
https://checkerframework.org/)
+ * Checker Qual (org.checkerframework:checker-qual:3.49.1 -
https://checkerframework.org/)
* JCodings (org.jruby.jcodings:jcodings:1.0.58 -
http://nexus.sonatype.org/oss-repository-hosting.html/jcodings)
* Joni (org.jruby.joni:joni:2.2.1 -
http://nexus.sonatype.org/oss-repository-hosting.html/joni)
- * JUL to SLF4J bridge (org.slf4j:jul-to-slf4j:2.0.16 -
http://www.slf4j.org)
- * SLF4J API Module (org.slf4j:slf4j-api:2.0.16 - http://www.slf4j.org)
+ * JUL to SLF4J bridge (org.slf4j:jul-to-slf4j:2.0.17 -
http://www.slf4j.org)
+ * SLF4J API Module (org.slf4j:slf4j-api:2.0.17 - http://www.slf4j.org)
* System Out and Err redirected to SLF4J
(uk.org.lidalia:sysout-over-slf4j:1.0.2 -
http://projects.lidalia.org.uk/sysout-over-slf4j/)
The Go license
diff --git a/pom.xml b/pom.xml
index f28a371ee..1fa497df8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -94,7 +94,7 @@
<commons-text.version>1.13.0</commons-text.version>
<commons-cli.version>1.9.0</commons-cli.version>
<curator.version>5.8.0</curator.version>
- <jetty.version>11.0.24</jetty.version>
+ <jetty.version>11.0.25</jetty.version>
<clojure.tools.logging.version>1.3.0</clojure.tools.logging.version>
<carbonite.version>1.6.0</carbonite.version>
<snakeyaml.version>2.2</snakeyaml.version>
@@ -102,13 +102,13 @@
<httpclient.core.version>4.4.16</httpclient.core.version>
<jctools.version>4.0.5</jctools.version>
<jgrapht.version>0.9.0</jgrapht.version>
- <guava.version>33.4.0-jre</guava.version>
+ <guava.version>33.4.5-jre</guava.version>
<auto-service.version>1.1.1</auto-service.version>
<netty-tcnative.version>2.0.70.Final</netty-tcnative.version>
<netty.version>4.1.119.Final</netty.version>
<sysout-over-slf4j.version>1.0.2</sysout-over-slf4j.version>
<log4j.version>2.24.3</log4j.version>
- <slf4j.version>2.0.16</slf4j.version>
+ <slf4j.version>2.0.17</slf4j.version>
<metrics.version>4.2.30</metrics.version>
<mockito.version>5.14.2</mockito.version>
<zookeeper.version>3.9.3</zookeeper.version>
@@ -132,8 +132,8 @@
<jedis.version>5.2.0</jedis.version>
<activemq.version>5.18.3</activemq.version>
- <jackson.version>2.18.2</jackson.version>
- <jackson.databind.version>2.18.2</jackson.databind.version>
+ <jackson.version>2.18.3</jackson.version>
+ <jackson.databind.version>2.18.3</jackson.databind.version>
<storm.kafka.client.version>3.9.0</storm.kafka.client.version>
<testcontainers.version>1.20.6</testcontainers.version>
@@ -164,8 +164,8 @@
<provided.scope>provided</provided.scope>
<jakarta-el.version>3.0.1-b12</jakarta-el.version>
<asm.version>9.7.1</asm.version>
- <checker-qual.version>3.49.0</checker-qual.version>
-
<error_prone_annotations.version>2.36.0</error_prone_annotations.version>
+ <checker-qual.version>3.49.1</checker-qual.version>
+
<error_prone_annotations.version>2.37.0</error_prone_annotations.version>
<bouncycastle.version>1.80</bouncycastle.version>
</properties>
diff --git a/sql/storm-sql-external/storm-sql-hdfs/pom.xml
b/sql/storm-sql-external/storm-sql-hdfs/pom.xml
index 5003b18c0..3a9c1b147 100644
--- a/sql/storm-sql-external/storm-sql-hdfs/pom.xml
+++ b/sql/storm-sql-external/storm-sql-hdfs/pom.xml
@@ -39,7 +39,7 @@
-->
<storm-sql-hdfs.test.introspection.argLine>--add-opens
java.security.jgss/sun.security.krb5=ALL-UNNAMED</storm-sql-hdfs.test.introspection.argLine>
<!-- Required downgrade by calcite-core 1.16.0
https://mvnrepository.com/artifact/org.apache.calcite/calcite-core/1.16.0 -->
- <guava.version.downgrade>33.4.0-jre</guava.version.downgrade>
+ <guava.version.downgrade>33.4.5-jre</guava.version.downgrade>
</properties>
<developers>
diff --git a/sql/storm-sql-external/storm-sql-kafka/pom.xml
b/sql/storm-sql-external/storm-sql-kafka/pom.xml
index f19f00310..961e85167 100644
--- a/sql/storm-sql-external/storm-sql-kafka/pom.xml
+++ b/sql/storm-sql-external/storm-sql-kafka/pom.xml
@@ -29,7 +29,7 @@
<properties>
<!-- Required downgrade by calcite-core 1.15.0 -->
- <guava.version>33.4.0-jre</guava.version>
+ <guava.version>33.4.5-jre</guava.version>
</properties>
<developers>
diff --git a/sql/storm-sql-runtime/pom.xml b/sql/storm-sql-runtime/pom.xml
index 737cd366b..e75f19131 100644
--- a/sql/storm-sql-runtime/pom.xml
+++ b/sql/storm-sql-runtime/pom.xml
@@ -29,7 +29,7 @@
<properties>
<!-- Required downgrade by calcite-core 1.15.0 -->
- <guava.version>33.4.0-jre</guava.version>
+ <guava.version>33.4.5-jre</guava.version>
</properties>
<developers>
@@ -119,7 +119,7 @@
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-csv</artifactId>
- <version>1.13.0</version>
+ <version>1.14.0</version>
</dependency>
<dependency>
<groupId>org.mockito</groupId>
diff --git a/storm-dist/binary/storm-sql-core-bin/pom.xml
b/storm-dist/binary/storm-sql-core-bin/pom.xml
index 5244ae359..2f25bd4c5 100644
--- a/storm-dist/binary/storm-sql-core-bin/pom.xml
+++ b/storm-dist/binary/storm-sql-core-bin/pom.xml
@@ -27,7 +27,7 @@
<properties>
<!-- Required downgrade by calcite-core 1.14.0 -->
- <guava.version>33.4.0-jre</guava.version>
+ <guava.version>33.4.5-jre</guava.version>
</properties>
<dependencies>
diff --git a/storm-dist/binary/storm-sql-runtime-bin/pom.xml
b/storm-dist/binary/storm-sql-runtime-bin/pom.xml
index 7a9acb460..bbab502f6 100644
--- a/storm-dist/binary/storm-sql-runtime-bin/pom.xml
+++ b/storm-dist/binary/storm-sql-runtime-bin/pom.xml
@@ -27,7 +27,7 @@
<properties>
<!-- Required downgrade by calcite-core 1.14.0 -->
- <guava.version>33.4.0-jre</guava.version>
+ <guava.version>33.4.5-jre</guava.version>
</properties>
<dependencies>