[
https://issues.apache.org/jira/browse/HBASE-22109?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16802076#comment-16802076
]
Sean Busbey commented on HBASE-22109:
-------------------------------------
-1 on v1
Can we exclude the dependency instead? If not please fix the name of the
impacted license in the supplemental dependency information instead of
expanding our set of licenses
({{hbase-resource-bundle/src/main/resources/supplemental-models.xml}})
> Update hbase shaded content checker after guava update in hadoop branch-3.0
> to 27.0-jre
> ---------------------------------------------------------------------------------------
>
> Key: HBASE-22109
> URL: https://issues.apache.org/jira/browse/HBASE-22109
> Project: HBase
> Issue Type: Improvement
> Affects Versions: 3.0.0
> Reporter: Gabor Bota
> Assignee: Gabor Bota
> Priority: Minor
> Attachments: HBASE-22109.001.patch
>
>
> I'm updating guava version from 11.0.2 to 27.0-jre in HADOOP-15960 because of
> a CVE. I will create a patch for branch-3.0, 3.1, 3.2 and trunk (3.3).
> I wanted to be sure that HBase works with the updated guava, I compiled and
> run the HBase tests with my hadoop snapshot containing the updated version,
> but there were some issues that I had to fix:
> * New shaded dependency: org.checkerframework
> * New license needs to be added to LICENSE.vm: Apache 2.0
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
