[jira] [Work logged] (HADOOP-18224) Upgrade maven compiler plugin to 3.10.1

[ASF GitHub Bot (Jira)]

     [ 
https://issues.apache.org/jira/browse/HADOOP-18224?focusedWorklogId=767727&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-767727
 ]

ASF GitHub Bot logged work on HADOOP-18224:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 09/May/22 00:42
            Start Date: 09/May/22 00:42
    Worklog Time Spent: 10m 
      Work Description: aajisaka commented on PR #4267:
URL: https://github.com/apache/hadoop/pull/4267#issuecomment-1120522730

   There is only 1 error
   ```
   [ERROR] 
/home/jenkins/jenkins-home/workspace/hadoop-multibranch_PR-4267/ubuntu-focal/src/hadoop-yarn-project/hadoop-yarn/hadoop-yarn-applications/hadoop-yarn-services/hadoop-yarn-services-core/src/main/java/org/apache/hadoop/yarn/service/api/records/Component.java:120:
 error: invalid use of @return
   [ERROR]    * @return restartPolicy
   ```
   and all the rest are warning. You can double check by grepping `error:`. I 
think we should fix only the above error in this PR. The warnings should be 
fixed in separate jiras.




Issue Time Tracking
-------------------

    Worklog Id:     (was: 767727)
    Time Spent: 1.5h  (was: 1h 20m)

> Upgrade maven compiler plugin to 3.10.1
> ---------------------------------------
>
>                 Key: HADOOP-18224
>                 URL: https://issues.apache.org/jira/browse/HADOOP-18224
>             Project: Hadoop Common
>          Issue Type: Task
>            Reporter: Viraj Jasani
>            Assignee: Viraj Jasani
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 1.5h
>  Remaining Estimate: 0h
>
> Currently we are using maven-compiler-plugin 3.1 version, which is quite old 
> (2013) and it's also pulling in vulnerable log4j dependency:
> {code:java}
> [INFO]    
> org.apache.maven.plugins:maven-compiler-plugin:maven-plugin:3.1:runtime
> [INFO]       org.apache.maven.plugins:maven-compiler-plugin:jar:3.1
> [INFO]       org.apache.maven:maven-plugin-api:jar:2.0.9
> [INFO]       org.apache.maven:maven-artifact:jar:2.0.9
> [INFO]       org.codehaus.plexus:plexus-utils:jar:1.5.1
> [INFO]       org.apache.maven:maven-core:jar:2.0.9
> [INFO]       org.apache.maven:maven-settings:jar:2.0.9
> [INFO]       org.apache.maven:maven-plugin-parameter-documenter:jar:2.0.9
> ...
> ...
> ...
> [INFO]       log4j:log4j:jar:1.2.12
> [INFO]       commons-logging:commons-logging-api:jar:1.1
> [INFO]       com.google.collections:google-collections:jar:1.0
> [INFO]       junit:junit:jar:3.8.2
>  {code}
>  
> We should upgrade to 3.10.1 (latest Mar, 2022) version of 
> maven-compiler-plugin.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org