[
https://issues.apache.org/jira/browse/HADOOP-19152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17838323#comment-17838323
]
ASF GitHub Bot commented on HADOOP-19152:
-----------------------------------------
szetszwo commented on PR #6739:
URL: https://github.com/apache/hadoop/pull/6739#issuecomment-2061850531
@steveloughran , question to you:
```java
+++ b/hadoop-common-project/hadoop-common/pom.xml
@@ -375,6 +375,7 @@
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
+ <scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.kerby</groupId>
```
According to our [Compatibility Java_Classpath
doc](https://hadoop.apache.org/docs/stable/hadoop-project-dist/hadoop-common/Compatibility.html#Java_Classpath),
removing a dependency is a compatible change. The above change removes
`bcprov-jdk18on` changes the scope from `compile` to `test`. Is it a
compatible change?
Note that users currently using `BouncyCastleProvider` (and if all the
downstream projects do not have `bcprov-jdk18on` dependency) have to make
`bcprov-jdk18on` available by themselves with this change.
> Do not hard code security providers.
> ------------------------------------
>
> Key: HADOOP-19152
> URL: https://issues.apache.org/jira/browse/HADOOP-19152
> Project: Hadoop Common
> Issue Type: Improvement
> Components: security
> Reporter: Tsz-wo Sze
> Assignee: Tsz-wo Sze
> Priority: Major
> Labels: pull-request-available
>
> In order to support different security providers in different clusters, we
> should not hard code a provider in our code.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
