[jira] [Work logged] (HADOOP-18224) Upgrade maven compiler plugin to 3.10.1

Fri, 06 May 2022 12:59:34 -0700 


     [ 
https://issues.apache.org/jira/browse/HADOOP-18224?focusedWorklogId=767396&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-767396
 ]

ASF GitHub Bot logged work on HADOOP-18224:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 06/May/22 19:58
            Start Date: 06/May/22 19:58
    Worklog Time Spent: 10m 
      Work Description: virajjasani commented on PR #4267:
URL: https://github.com/apache/hadoop/pull/4267#issuecomment-1119966961

   @aajisaka It seems that newer versions of maven compiler and javadoc plugins 
are flagging issues with Javadoc. Shall we fix them later? Do you have any 
recommendations here?




Issue Time Tracking
-------------------

    Worklog Id:     (was: 767396)
    Time Spent: 1h  (was: 50m)

> Upgrade maven compiler plugin to 3.10.1
> ---------------------------------------
>
>                 Key: HADOOP-18224
>                 URL: https://issues.apache.org/jira/browse/HADOOP-18224
>             Project: Hadoop Common
>          Issue Type: Task
>            Reporter: Viraj Jasani
>            Assignee: Viraj Jasani
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 1h
>  Remaining Estimate: 0h
>
> Currently we are using maven-compiler-plugin 3.1 version, which is quite old 
> (2013) and it's also pulling in vulnerable log4j dependency:
> {code:java}
> [INFO]    
> org.apache.maven.plugins:maven-compiler-plugin:maven-plugin:3.1:runtime
> [INFO]       org.apache.maven.plugins:maven-compiler-plugin:jar:3.1
> [INFO]       org.apache.maven:maven-plugin-api:jar:2.0.9
> [INFO]       org.apache.maven:maven-artifact:jar:2.0.9
> [INFO]       org.codehaus.plexus:plexus-utils:jar:1.5.1
> [INFO]       org.apache.maven:maven-core:jar:2.0.9
> [INFO]       org.apache.maven:maven-settings:jar:2.0.9
> [INFO]       org.apache.maven:maven-plugin-parameter-documenter:jar:2.0.9
> ...
> ...
> ...
> [INFO]       log4j:log4j:jar:1.2.12
> [INFO]       commons-logging:commons-logging-api:jar:1.1
> [INFO]       com.google.collections:google-collections:jar:1.0
> [INFO]       junit:junit:jar:3.8.2
>  {code}
>  
> We should upgrade to 3.10.1 (latest Mar, 2022) version of 
> maven-compiler-plugin.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to