[jira] [Work logged] (HADOOP-18224) Upgrade maven compiler plugin to 3.10.1 and maven javadoc plugin to 3.4.0

Fri, 13 May 2022 09:21:05 -0700 


     [ 
https://issues.apache.org/jira/browse/HADOOP-18224?focusedWorklogId=770271&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-770271
 ]

ASF GitHub Bot logged work on HADOOP-18224:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 13/May/22 16:20
            Start Date: 13/May/22 16:20
    Worklog Time Spent: 10m 
      Work Description: aajisaka commented on PR #4267:
URL: https://github.com/apache/hadoop/pull/4267#issuecomment-1126231313

   Umm. We are facing more javadoc errors after upgrading the plugin. Maybe the 
tag check become more strict. We can fix them in separate issues.
   
https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4267/11/artifact/out/patch-javadoc-root-jdkPrivateBuild-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07.txt




Issue Time Tracking
-------------------

    Worklog Id:     (was: 770271)
    Time Spent: 3h 40m  (was: 3.5h)

> Upgrade maven compiler plugin to 3.10.1 and maven javadoc plugin to 3.4.0
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-18224
>                 URL: https://issues.apache.org/jira/browse/HADOOP-18224
>             Project: Hadoop Common
>          Issue Type: Task
>            Reporter: Viraj Jasani
>            Assignee: Viraj Jasani
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 3h 40m
>  Remaining Estimate: 0h
>
> Currently we are using maven-compiler-plugin 3.1 version, which is quite old 
> (2013) and it's also pulling in vulnerable log4j dependency:
> {code:java}
> [INFO]    
> org.apache.maven.plugins:maven-compiler-plugin:maven-plugin:3.1:runtime
> [INFO]       org.apache.maven.plugins:maven-compiler-plugin:jar:3.1
> [INFO]       org.apache.maven:maven-plugin-api:jar:2.0.9
> [INFO]       org.apache.maven:maven-artifact:jar:2.0.9
> [INFO]       org.codehaus.plexus:plexus-utils:jar:1.5.1
> [INFO]       org.apache.maven:maven-core:jar:2.0.9
> [INFO]       org.apache.maven:maven-settings:jar:2.0.9
> [INFO]       org.apache.maven:maven-plugin-parameter-documenter:jar:2.0.9
> ...
> ...
> ...
> [INFO]       log4j:log4j:jar:1.2.12
> [INFO]       commons-logging:commons-logging-api:jar:1.1
> [INFO]       com.google.collections:google-collections:jar:1.0
> [INFO]       junit:junit:jar:3.8.2
>  {code}
>  
> We should upgrade to 3.10.1 (latest Mar, 2022) version of 
> maven-compiler-plugin.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to