[ https://issues.apache.org/jira/browse/HADOOP-18224?focusedWorklogId=767396&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-767396 ]
ASF GitHub Bot logged work on HADOOP-18224: ------------------------------------------- Author: ASF GitHub Bot Created on: 06/May/22 19:58 Start Date: 06/May/22 19:58 Worklog Time Spent: 10m Work Description: virajjasani commented on PR #4267: URL: https://github.com/apache/hadoop/pull/4267#issuecomment-1119966961 @aajisaka It seems that newer versions of maven compiler and javadoc plugins are flagging issues with Javadoc. Shall we fix them later? Do you have any recommendations here? Issue Time Tracking ------------------- Worklog Id: (was: 767396) Time Spent: 1h (was: 50m) > Upgrade maven compiler plugin to 3.10.1 > --------------------------------------- > > Key: HADOOP-18224 > URL: https://issues.apache.org/jira/browse/HADOOP-18224 > Project: Hadoop Common > Issue Type: Task > Reporter: Viraj Jasani > Assignee: Viraj Jasani > Priority: Major > Labels: pull-request-available > Time Spent: 1h > Remaining Estimate: 0h > > Currently we are using maven-compiler-plugin 3.1 version, which is quite old > (2013) and it's also pulling in vulnerable log4j dependency: > {code:java} > [INFO] > org.apache.maven.plugins:maven-compiler-plugin:maven-plugin:3.1:runtime > [INFO] org.apache.maven.plugins:maven-compiler-plugin:jar:3.1 > [INFO] org.apache.maven:maven-plugin-api:jar:2.0.9 > [INFO] org.apache.maven:maven-artifact:jar:2.0.9 > [INFO] org.codehaus.plexus:plexus-utils:jar:1.5.1 > [INFO] org.apache.maven:maven-core:jar:2.0.9 > [INFO] org.apache.maven:maven-settings:jar:2.0.9 > [INFO] org.apache.maven:maven-plugin-parameter-documenter:jar:2.0.9 > ... > ... > ... > [INFO] log4j:log4j:jar:1.2.12 > [INFO] commons-logging:commons-logging-api:jar:1.1 > [INFO] com.google.collections:google-collections:jar:1.0 > [INFO] junit:junit:jar:3.8.2 > {code} > > We should upgrade to 3.10.1 (latest Mar, 2022) version of > maven-compiler-plugin. -- This message was sent by Atlassian Jira (v8.20.7#820007) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org