This is an automated email from the ASF dual-hosted git repository.
liuxun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/submarine.git
The following commit(s) were added to refs/heads/master by this push:
new c95d715 SUBMARINE-696. Vulnerability upgrade recommended
c95d715 is described below
commit c95d7151ba45e743ed75701e6c794a028fa6e45a
Author: Lisa <[email protected]>
AuthorDate: Wed Mar 24 13:24:17 2021 +0800
SUBMARINE-696. Vulnerability upgrade recommended
### What is this PR for?
Update some dependence cause vulnerability
### What type of PR is it?
[Improvement]
### Todos
* [ ] - Task
### What is the Jira issue?
https://issues.apache.org/jira/projects/SUBMARINE/issues/SUBMARINE-696
### How should this be tested?
https://travis-ci.org/github/aeioulisa/submarine/builds/766093669
### Screenshots (if appropriate)
### Questions:
* Does the licenses files need update? No
* Is there breaking changes for older versions? No
* Does this needs documentation? No
Author: Lisa <[email protected]>
Signed-off-by: Liu Xun <[email protected]>
Closes #552 from aeioulisa/SUBMARINE-696 and squashes the following commits:
9e445b7 [Lisa] Vulnerability upgrade
---
pom.xml | 6 +--
.../client/cli/param/runjob/RunJobParameters.java | 2 +-
submarine-security/spark-security/pom.xml | 2 +-
.../server-submitter/submitter-yarn/pom.xml | 49 +++++++++++++++++++++-
4 files changed, 53 insertions(+), 6 deletions(-)
diff --git a/pom.xml b/pom.xml
index 1906f03..ec42c8f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -69,7 +69,7 @@
<tony.version>0.3.25</tony.version>
<jersey.version>2.27</jersey.version>
<jersey.servlet.version>1.13</jersey.servlet.version>
- <jetty.version>9.4.18.v20190429</jetty.version>
+ <jetty.version>9.4.35.v20201120</jetty.version>
<javax.ws.rsapi.version>2.1</javax.ws.rsapi.version>
<pagehelper.version>5.1.10</pagehelper.version>
@@ -82,7 +82,7 @@
<cglib.version>3.2.2</cglib.version>
<mybatis.version>3.2.8</mybatis.version>
- <mysql-connector-java.version>5.1.39</mysql-connector-java.version>
+ <mysql-connector-java.version>5.1.41</mysql-connector-java.version>
<grpc.version>1.25.0</grpc.version>
<!-- frontend maven plugin related versions-->
@@ -97,7 +97,7 @@
<log4j.version>1.2.17</log4j.version>
<commons.logging.version>1.1.3</commons.logging.version>
<commons.cli.version>1.2</commons.cli.version>
- <snakeyaml.version>1.16</snakeyaml.version>
+ <snakeyaml.version>1.26</snakeyaml.version>
<httpcore.version>4.4.4</httpcore.version>
<httpclient.version>4.5.2</httpclient.version>
<commons-lang.version>2.6</commons-lang.version>
diff --git
a/submarine-client/src/main/java/org/apache/submarine/client/cli/param/runjob/RunJobParameters.java
b/submarine-client/src/main/java/org/apache/submarine/client/cli/param/runjob/RunJobParameters.java
index f219ef5..64b01b1 100644
---
a/submarine-client/src/main/java/org/apache/submarine/client/cli/param/runjob/RunJobParameters.java
+++
b/submarine-client/src/main/java/org/apache/submarine/client/cli/param/runjob/RunJobParameters.java
@@ -347,7 +347,7 @@ public abstract class RunJobParameters extends
RunParameters {
@VisibleForTesting
public static class UnderscoreConverterPropertyUtils extends PropertyUtils {
@Override
- public Property getProperty(Class<? extends Object> type, String name)
throws IntrospectionException {
+ public Property getProperty(Class<? extends Object> type, String name) {
if (name.indexOf('_') > -1) {
name = convertName(name);
}
diff --git a/submarine-security/spark-security/pom.xml
b/submarine-security/spark-security/pom.xml
index 6e813c2..14f385f 100644
--- a/submarine-security/spark-security/pom.xml
+++ b/submarine-security/spark-security/pom.xml
@@ -50,7 +50,7 @@
<scala.version>2.11.8</scala.version>
<scala.binary.version>2.11</scala.binary.version>
<scalatest.version>2.2.6</scalatest.version>
- <solr.version>5.5.4</solr.version>
+ <solr.version>8.4.0</solr.version>
<spark.version>2.4.7</spark.version>
<spark.scope>provided</spark.scope>
<gethostname4j.version>0.0.2</gethostname4j.version>
diff --git a/submarine-server/server-submitter/submitter-yarn/pom.xml
b/submarine-server/server-submitter/submitter-yarn/pom.xml
index 1f6ea10..7c2ff49 100644
--- a/submarine-server/server-submitter/submitter-yarn/pom.xml
+++ b/submarine-server/server-submitter/submitter-yarn/pom.xml
@@ -27,7 +27,6 @@
<artifactId>submarine-submitter-yarn</artifactId>
<version>0.6.0-SNAPSHOT</version>
<name>Submarine: YARN Submitter</name>
-
<dependencies>
<dependency>
<groupId>org.apache.submarine</groupId>
@@ -306,6 +305,30 @@
</exclusion>
</exclusions>
</dependency>
+ <dependency>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-hdfs</artifactId>
+ <version>${hadoop.version}</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-util-ajax</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>io.netty</groupId>
+ <artifactId>netty</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
</dependencies>
</profile>
@@ -324,6 +347,30 @@
</exclusion>
</exclusions>
</dependency>
+ <dependency>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-hdfs</artifactId>
+ <version>${hadoop.version}</version>
+ <scope>compile</scope>
+ <exclusions>
+ <exclusion>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-util-ajax</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>io.netty</groupId>
+ <artifactId>netty</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ </exclusion>
+ </exclusions>
+ </dependency>
</dependencies>
</profile>
</profiles>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
