>From Michael Blow <[email protected]>:
Michael Blow has uploaded this change for review. (
https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/17847 )
Change subject: Merge branch 'gerrit/7.1.x' into 'gerrit/neo'
......................................................................
Merge branch 'gerrit/7.1.x' into 'gerrit/neo'
Change-Id: I63e00f78c78f7f5c15c0a8587c8f591035b4df82
---
M asterixdb/pom.xml
M asterixdb/src/main/appended-resources/supplemental-models.xml
M hyracks-fullstack/pom.xml
4 files changed, 34 insertions(+), 56 deletions(-)
git pull ssh://asterix-gerrit.ics.uci.edu:29418/asterixdb
refs/changes/47/17847/1
diff --git a/asterixdb/pom.xml b/asterixdb/pom.xml
index 924f8be..6e68ab4 100644
--- a/asterixdb/pom.xml
+++ b/asterixdb/pom.xml
@@ -82,15 +82,9 @@
<skip-npm-touch.stage>none</skip-npm-touch.stage>
<!-- Versions under dependencymanagement or used in many projects via
properties -->
-<<<<<<< HEAD (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of
ChunkedNettyOu)
<algebricks.version>0.3.8.2-SNAPSHOT</algebricks.version>
<hyracks.version>0.3.8.2-SNAPSHOT</hyracks.version>
- <hadoop.version>3.3.4</hadoop.version>
-=======
- <algebricks.version>0.3.8-SNAPSHOT</algebricks.version>
- <hyracks.version>0.3.8-SNAPSHOT</hyracks.version>
<hadoop.version>3.3.6</hadoop.version>
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
<jacoco.version>0.7.6.201602180812</jacoco.version>
<log4j.version>2.19.0</log4j.version>
<awsjavasdk.version>2.17.218</awsjavasdk.version>
@@ -1000,8 +994,8 @@
<artifactId>slf4j-reload4j</artifactId>
</exclusion>
<exclusion>
- <groupId>ch.qos.reload4j</groupId>
- <artifactId>reload4j</artifactId>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
</exclusion>
<exclusion>
<groupId>ch.qos.reload4j</groupId>
@@ -1110,8 +1104,8 @@
<artifactId>slf4j-reload4j</artifactId>
</exclusion>
<exclusion>
- <groupId>ch.qos.reload4j</groupId>
- <artifactId>reload4j</artifactId>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
</exclusion>
<exclusion>
<groupId>ch.qos.reload4j</groupId>
@@ -1167,8 +1161,8 @@
<artifactId>slf4j-reload4j</artifactId>
</exclusion>
<exclusion>
- <groupId>ch.qos.reload4j</groupId>
- <artifactId>reload4j</artifactId>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
</exclusion>
<exclusion>
<groupId>ch.qos.reload4j</groupId>
@@ -1191,8 +1185,8 @@
<artifactId>slf4j-reload4j</artifactId>
</exclusion>
<exclusion>
- <groupId>ch.qos.reload4j</groupId>
- <artifactId>reload4j</artifactId>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
</exclusion>
<exclusion>
<groupId>ch.qos.reload4j</groupId>
@@ -1934,20 +1928,9 @@
</dependency>
<!-- Hadoop Azure end -->
<dependency>
-<<<<<<< HEAD (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of
ChunkedNettyOu)
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- <version>9.4.51.v20230217</version>
- </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- <version>9.4.51.v20230217</version>
-=======
<groupId>org.codehaus.jettison</groupId>
<artifactId>jettison</artifactId>
<version>1.5.4</version>
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
</dependency>
</dependencies>
</dependencyManagement>
diff --git a/asterixdb/src/main/appended-resources/supplemental-models.xml
b/asterixdb/src/main/appended-resources/supplemental-models.xml
index b25b956..2b8e438 100644
--- a/asterixdb/src/main/appended-resources/supplemental-models.xml
+++ b/asterixdb/src/main/appended-resources/supplemental-models.xml
@@ -464,19 +464,12 @@
<properties>
<!-- snappy-java is ALv2, and does not contain any embedded LICENSE or
NOTICE file -->
<!-- license override not needed, ALv2 is specified in its pom.xml -->
-<<<<<<< HEAD (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of
ChunkedNettyOu)
- <!-- see
https://raw.githubusercontent.com/xerial/snappy-java/v1.1.10.1/LICENSE -->
-
<license.ignoreMissingEmbeddedLicense>1.1.10.1</license.ignoreMissingEmbeddedLicense>
-
<license.ignoreMissingEmbeddedNotice>1.1.10.1</license.ignoreMissingEmbeddedNotice>
- <license.ignoreNoticeOverride>1.1.10.1</license.ignoreNoticeOverride>
-=======
<!-- see
https://raw.githubusercontent.com/xerial/snappy-java/1.1.10.5/LICENSE -->
<license.ignoreMissingEmbeddedLicense>1.1.10.5</license.ignoreMissingEmbeddedLicense>
<license.ignoreMissingEmbeddedNotice>1.1.10.5</license.ignoreMissingEmbeddedNotice>
<!-- snappy does have a NOTICE file, we add an override to pick that
up -->
<!-- see
https://raw.githubusercontent.com/xerial/snappy-java/1.1.10.5/NOTICE -->
<license.ignoreNoticeOverride>1.1.10.5</license.ignoreNoticeOverride>
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
</properties>
</project>
</supplement>
@@ -1489,7 +1482,7 @@
</properties>
</project>
</supplement>
-
+
<!-- io.grpc uses ALv2 -->
<supplement>
<project>
diff --git a/hyracks-fullstack/pom.xml b/hyracks-fullstack/pom.xml
index 257dccb..0601b2f 100644
--- a/hyracks-fullstack/pom.xml
+++ b/hyracks-fullstack/pom.xml
@@ -73,13 +73,8 @@
<hadoop.version>3.3.6</hadoop.version>
<jacoco.version>0.7.6.201602180812</jacoco.version>
<log4j.version>2.19.0</log4j.version>
-<<<<<<< HEAD (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of
ChunkedNettyOu)
- <snappy.version>1.1.10.1</snappy.version>
- <jackson.version>2.14.3</jackson.version>
-=======
<snappy.version>1.1.10.5</snappy.version>
- <jackson.version>2.14.1</jackson.version>
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
+ <jackson.version>2.14.3</jackson.version>
<jackson-databind.version>${jackson.version}</jackson-databind.version>
<netty.version>4.1.94.Final</netty.version>
@@ -205,8 +200,8 @@
<artifactId>slf4j-reload4j</artifactId>
</exclusion>
<exclusion>
- <groupId>ch.qos.reload4j</groupId>
- <artifactId>reload4j</artifactId>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-log4j12</artifactId>
</exclusion>
</exclusions>
</dependency>
@@ -242,6 +237,10 @@
<groupId>ch.qos.reload4j</groupId>
<artifactId>reload4j</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>log4j</groupId>
+ <artifactId>log4j</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
@@ -458,21 +457,6 @@
<artifactId>snappy-java</artifactId>
<version>${snappy.version}</version>
</dependency>
-<<<<<<< HEAD (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of
ChunkedNettyOu)
- <!-- TODO(htowaileb): removed from hadoop transitively and added
separately to avoid CVEs, can
- be removed once upgraded to hadoop 3.3.4 as it addresses the CVEs
-->
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util</artifactId>
- <version>9.4.51.v20230217</version>
- </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-util-ajax</artifactId>
- <version>9.4.51.v20230217</version>
- </dependency>
-=======
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
<!-- Manually included to avoid CVE-2023-1370 -->
<dependency>
<groupId>net.minidev</groupId>
--
To view, visit https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/17847
To unsubscribe, or for help writing mail filters, visit
https://asterix-gerrit.ics.uci.edu/settings
Gerrit-Project: asterixdb
Gerrit-Branch: neo
Gerrit-Change-Id: I63e00f78c78f7f5c15c0a8587c8f591035b4df82
Gerrit-Change-Number: 17847
Gerrit-PatchSet: 1
Gerrit-Owner: Michael Blow <[email protected]>
Gerrit-MessageType: newchange
