[
https://issues.apache.org/jira/browse/SPARK-44445?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17816290#comment-17816290
]
Ronald Brill commented on SPARK-44445:
--------------------------------------
{{> This is a dependency that we are getting from selenium
[https://github.com/apache/spark/blob/dc68e4f7dc8f3b24d0328cbf7c0120d93f595c91/pom.xml#L722]}}
I clarified this with the selenium peoples - this is a really, really special
dependency if selenium itself (test scope only) for some technical test they
are doing. They use the js engine form HtmlUnit to run some js code as part of
there test suite. And they have update this recently.
I think you should use (and trust) the maven dependency resolutions by simply
reference only the selenium htmlunit web driver
<dependency>
<groupId>org.seleniumhq.selenium</groupId>
<artifactId>htmlunit3-driver</artifactId>
<version>${htmlunit-driver.version}</version>
<scope>test</scope>
</dependency>
This should bring all the required stuff to your project (). And please take
care of the new artifact id 'htmlunit3-driver'. see
https://github.com/SeleniumHQ/htmlunit-driver for a short overview and e.g.
https://mvnrepository.com/artifact/org.seleniumhq.selenium/htmlunit3-driver/4.17.0
for a dependency overview
> Upgrade to `htmlunit` 3.10.0 and `htmlunit3-driver` 4.17.0
> ----------------------------------------------------------
>
> Key: SPARK-44445
> URL: https://issues.apache.org/jira/browse/SPARK-44445
> Project: Spark
> Issue Type: Sub-task
> Components: Build
> Affects Versions: 3.5.0
> Reporter: Bjørn Jørgensen
> Assignee: Dongjoon Hyun
> Priority: Major
> Labels: pull-request-available
>
> [CVE-2023-26119|https://nvd.nist.gov/vuln/detail/CVE-2023-26119]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
