[
https://issues.apache.org/jira/browse/PHOENIX-3659?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15875470#comment-15875470
]
Hudson commented on PHOENIX-3659:
---------------------------------
FAILURE: Integrated in Jenkins build Phoenix-master #1561 (See
[https://builds.apache.org/job/Phoenix-master/1561/])
PHOENIX-3659 Update to Apache HBase 1.2.4 from 1.2.0 (elserj: rev
e79fad947d4cad6da2af33c4f99c1d89ae6910be)
* (edit) pom.xml
> Remove transitive OWASP esapi dependency
> ----------------------------------------
>
> Key: PHOENIX-3659
> URL: https://issues.apache.org/jira/browse/PHOENIX-3659
> Project: Phoenix
> Issue Type: Task
> Reporter: Josh Elser
> Assignee: Josh Elser
> Priority: Blocker
> Fix For: 4.10.0
>
> Attachments: PHOENIX-3659.001.patch
>
>
> HBase accidentally let OWASP's ESAPI artifact slip into a few release which
> is not allowed (as there are GPL deps).
> This was resolved in 1.1.6 and 1.2.3. A trivial fix would be to upgrade the
> 1.1 and 1.2 branches to these versions, but I don't know if there are other
> implications to doing that..
> I'm not sure if there are runtime concerns if we just omit those
> dependencies. Would have to look at the suite of reverts that came in via
> HBASE-16317 to see if any of them would actually affect us in phoenix-landia.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
