This is an automated email from the ASF dual-hosted git repository.
bobbai00 pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/texera.git
The following commit(s) were added to refs/heads/main by this push:
new 0609d3d90f chore(deps): refresh LICENSE-binary for transitive version
drift (#4983)
0609d3d90f is described below
commit 0609d3d90f7f68214e35fffa99c192b8f93d017f
Author: Jiadong Bai <[email protected]>
AuthorDate: Fri May 8 14:47:38 2026 -0700
chore(deps): refresh LICENSE-binary for transitive version drift (#4983)
### What changes were proposed in this PR?
Refresh the per-module `LICENSE-binary` files so they match the bundled
versions reported by the nightly drift check on `b9bbf0d`. Every entry
stays in the license section it was already in, so the change is a pure
version-string substitution; reviewers should still confirm each
upstream's license at the new version is unchanged.
Drift covered:
- `frontend/LICENSE-binary` — `lodash` 4.17.23 → 4.18.1
- `amber/LICENSE-binary-java` and the 5 platform services
(`access-control-service`, `config-service`, `file-service`,
`workflow-compiling-service`, `computing-unit-managing-service`) —
`org.checkerframework.checker-qual` 3.42.0 → 3.52.0
- `amber/LICENSE-binary-python` —
- `hf-xet` 1.4.3 → 1.5.0
- `markdown-it-py` 4.0.0 → 4.1.0
- `pydantic` 2.13.3 → 2.13.4
- `pydantic-core` 2.46.3 → 2.46.4
All bumps are transitive, which is why PR-mode runs
(`check_binary_deps.py --ignore-transitive-version`) accepted them; only
the nightly strict run flagged the drift.
### Any related issues, documentation, discussions?
Resolves #4974.
### How was this PR tested?
- `python3 bin/licensing/test_check_binary_deps.py` — 27 tests pass.
- The check that originally flagged the drift (the nightly `License
Binary Checker` workflow, which calls `build.yml` with `mode: nightly`
and runs `check_binary_deps.py` without `--ignore-transitive-version`)
is exercised by the build matrix on this PR; the previously-failing
license steps for frontend, amber, the five platform services, and
python are expected to turn green.
### Was this PR authored or co-authored using generative AI tooling?
Generated-by: Claude Code (Opus 4.7, 1M context)
Co-authored-by: Bot Bai <[email protected]>
Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
---
access-control-service/LICENSE-binary | 2 +-
amber/LICENSE-binary-java | 2 +-
amber/LICENSE-binary-python | 8 ++++----
computing-unit-managing-service/LICENSE-binary | 2 +-
config-service/LICENSE-binary | 2 +-
file-service/LICENSE-binary | 2 +-
frontend/LICENSE-binary | 2 +-
workflow-compiling-service/LICENSE-binary | 2 +-
8 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/access-control-service/LICENSE-binary
b/access-control-service/LICENSE-binary
index 6bb66df548..9af04d35f5 100644
--- a/access-control-service/LICENSE-binary
+++ b/access-control-service/LICENSE-binary
@@ -324,7 +324,7 @@ Source files derived from third-party MIT-licensed projects:
Scala/Java jars:
- net.sourceforge.argparse4j.argparse4j-0.9.0.jar
- - org.checkerframework.checker-qual-3.42.0.jar
+ - org.checkerframework.checker-qual-3.52.0.jar
- org.slf4j.jul-to-slf4j-2.0.12.jar
- org.slf4j.slf4j-api-2.0.12.jar
diff --git a/amber/LICENSE-binary-java b/amber/LICENSE-binary-java
index 04c9732d3a..8fbd626ca4 100644
--- a/amber/LICENSE-binary-java
+++ b/amber/LICENSE-binary-java
@@ -572,7 +572,7 @@ Scala/Java jars:
- com.liveperson.dropwizard-websockets-1.3.14.jar
- io.github.classgraph.classgraph-4.8.157.jar
- net.sourceforge.argparse4j.argparse4j-0.8.1.jar
- - org.checkerframework.checker-qual-3.42.0.jar
+ - org.checkerframework.checker-qual-3.52.0.jar
- org.codehaus.mojo.animal-sniffer-annotations-1.23.jar
- org.projectlombok.lombok-1.18.24.jar
- org.reactivestreams.reactive-streams-1.0.4.jar
diff --git a/amber/LICENSE-binary-python b/amber/LICENSE-binary-python
index 5dfd64b6be..91b8a3dd19 100644
--- a/amber/LICENSE-binary-python
+++ b/amber/LICENSE-binary-python
@@ -217,7 +217,7 @@ Python packages:
- boto3==1.40.53
- botocore==1.40.53
- frozenlist==1.8.0
- - hf-xet==1.4.3
+ - hf-xet==1.5.0
- huggingface-hub==0.36.2
- multidict==6.7.1
- overrides==7.4.0
@@ -262,14 +262,14 @@ Python packages:
- iniconfig==1.1.1
- jmespath==1.1.0
- loguru==0.7.0
- - markdown-it-py==4.0.0
+ - markdown-it-py==4.1.0
- mdurl==0.1.2
- mmh3==5.2.1
- pampy==0.3.0
- plotly==5.24.1
- pluggy==1.6.0
- - pydantic==2.13.3
- - pydantic-core==2.46.3
+ - pydantic==2.13.4
+ - pydantic-core==2.46.4
- pyparsing==3.3.2
- pyroaring==1.1.0
- pytest==7.4.0
diff --git a/computing-unit-managing-service/LICENSE-binary
b/computing-unit-managing-service/LICENSE-binary
index efcee44a84..229fee7fde 100644
--- a/computing-unit-managing-service/LICENSE-binary
+++ b/computing-unit-managing-service/LICENSE-binary
@@ -540,7 +540,7 @@ Scala/Java jars:
- org.bouncycastle.bcpkix-jdk18on-1.78.1.jar
- org.bouncycastle.bcprov-jdk18on-1.78.1.jar
- org.bouncycastle.bcutil-jdk18on-1.78.1.jar
- - org.checkerframework.checker-qual-3.42.0.jar
+ - org.checkerframework.checker-qual-3.52.0.jar
- org.codehaus.mojo.animal-sniffer-annotations-1.23.jar
- org.projectlombok.lombok-1.18.24.jar
- org.reactivestreams.reactive-streams-1.0.4.jar
diff --git a/config-service/LICENSE-binary b/config-service/LICENSE-binary
index 99bb33f98d..73bff916d9 100644
--- a/config-service/LICENSE-binary
+++ b/config-service/LICENSE-binary
@@ -326,7 +326,7 @@ Source files derived from third-party MIT-licensed projects:
Scala/Java jars:
- net.sourceforge.argparse4j.argparse4j-0.9.0.jar
- - org.checkerframework.checker-qual-3.42.0.jar
+ - org.checkerframework.checker-qual-3.52.0.jar
- org.slf4j.jul-to-slf4j-2.0.12.jar
- org.slf4j.slf4j-api-2.0.12.jar
diff --git a/file-service/LICENSE-binary b/file-service/LICENSE-binary
index a242d5d4b4..01172fafb8 100644
--- a/file-service/LICENSE-binary
+++ b/file-service/LICENSE-binary
@@ -501,7 +501,7 @@ Source files derived from third-party MIT-licensed projects:
Scala/Java jars:
- net.sourceforge.argparse4j.argparse4j-0.9.0.jar
- - org.checkerframework.checker-qual-3.42.0.jar
+ - org.checkerframework.checker-qual-3.52.0.jar
- org.codehaus.mojo.animal-sniffer-annotations-1.23.jar
- org.projectlombok.lombok-1.18.24.jar
- org.reactivestreams.reactive-streams-1.0.4.jar
diff --git a/frontend/LICENSE-binary b/frontend/LICENSE-binary
index 3cfe8bab21..8e3904cadb 100644
--- a/frontend/LICENSE-binary
+++ b/frontend/LICENSE-binary
@@ -288,7 +288,7 @@ Angular / npm packages:
- [email protected]
- [email protected]
- [email protected]
- - [email protected]
+ - [email protected]
- [email protected]
- [email protected]
- [email protected]
diff --git a/workflow-compiling-service/LICENSE-binary
b/workflow-compiling-service/LICENSE-binary
index 67fa5e9180..7620977853 100644
--- a/workflow-compiling-service/LICENSE-binary
+++ b/workflow-compiling-service/LICENSE-binary
@@ -509,7 +509,7 @@ Scala/Java jars:
- com.konghq.unirest-java-3.14.2.jar
- io.github.classgraph.classgraph-4.8.157.jar
- net.sourceforge.argparse4j.argparse4j-0.9.0.jar
- - org.checkerframework.checker-qual-3.42.0.jar
+ - org.checkerframework.checker-qual-3.52.0.jar
- org.codehaus.mojo.animal-sniffer-annotations-1.23.jar
- org.projectlombok.lombok-1.18.24.jar
- org.reactivestreams.reactive-streams-1.0.4.jar
