upgrading main is fine, but it does not affect the release as we declare
minimum dependencies (SystemDS can be used with more recent Spark/Hadoop
versions) and minor/patch versions do not change the external behavior.
Regards,
Matthias
On 6/18/2022 7:50 PM, Baunsgaard, Sebastian wrote:
Based on the issue i say we need to upgrade
________________________________
From: Janardhan <janard...@apache.org>
Sent: Saturday, June 18, 2022 7:43:30 PM
To: dev@systemds.apache.org
Subject: Re: [QUESTION] Should a minor dependency upgrade stop our release
candidate?
The upgrade is a CVE with Severity marked as critical. Relevant
advisory[1] by Hadoop team.
[1] https://lists.apache.org/thread/2dk5flnszl7grpvfm7t3dg0w61r4jg9v
Thanks,
Janardhan
On Sat, Jun 18, 2022 at 10:55 PM Baunsgaard, Sebastian
<baunsga...@tugraz.at.invalid> wrote:
From my side i would hate if someone complain about the issue from Hadoop in
our release.
So i say new release candidate with upgrade. Or if possible without vote. Did
anyone look into what the Hadoop issue is ?
Br
Sebastian
________________________________
From: arnab phani <phaniar...@gmail.com>
Sent: Saturday, June 18, 2022 6:28:54 PM
To: dev@systemds.apache.org
Subject: Re: [QUESTION] Should a minor dependency upgrade stop our release
candidate?
In my opinion, this upgrade doesn't invalidate the release candidates. It
should be safe to continue.
Regards,
Arnab..
On Sat, Jun 18, 2022, 17:05 Janardhan <janard...@apache.org> wrote:
Hi,
We have a version of dependency minor upgrade[1]. Now, the release
candidate has enough votes to pass.
Shall we apply the patch or continue without it.
[1] https://github.com/apache/systemds/pull/1640
Best regards,
Janardhan
