[
https://issues.apache.org/jira/browse/HADOOP-17534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Akira Ajisaka reassigned HADOOP-17534:
--------------------------------------
Assignee: Akira Ajisaka
> Upgrade Jackson databind to 2.10.5.1
> ------------------------------------
>
> Key: HADOOP-17534
> URL: https://issues.apache.org/jira/browse/HADOOP-17534
> Project: Hadoop Common
> Issue Type: Bug
> Components: build
> Affects Versions: 3.2.2
> Reporter: Adam Roberts
> Assignee: Akira Ajisaka
> Priority: Major
>
> Hey everyone, we've done a container scan of Hadoop 3.2.2 we are using to
> build a shaded version of a Flink uber jar with, and noticed several apparent
> problems that are primarily related to
> com.faster.xml.jackson.core_jackson-databind.
>
> Specifically the report claims version 2.4.0 of the library is used (am not
> sure about this part personally so I may be mistaken) and the fix suggestion
> I see is to move up to either 2.10.5.1, 2.9.10.8, 2.6.7.4 as appropriate.
>
> I believe 2.10.3 is actually what's currently in use based on
> [https://github.com/apache/hadoop/blob/4cf35315838a6e65f87ed64aaa8f1d31594c7fcd/hadoop-project/pom.xml#L75|https://github.com/apache/hadoop/blob/4cf35315838a6e65f87ed64aaa8f1d31594c7fcd/hadoop-project/pom.xml#L75.]
>
> Hopefully not a far-reaching change as I know changing dependencies can
> sometimes have a big knock-on effect, anyway - figured I'd report it incase
> someone plans to work on it.
>
> Again do note that this is using a scan of an image built for Flink 1.11.3,
> but using Hadoop so it has a bunch of the same classes in, and I do believe
> that in Flink itself, the version of Jackson pulled in does not have the same
> problems, thus my thinking it is related to the Hadoop dependencies.
> Thanks!
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
