neo'

AsterixDB Code Review Fri, 06 Oct 2023 10:59:30 -0700

>From Michael Blow <[email protected]>:

Michael Blow has submitted this change. ( 
https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/17847 )


Change subject: Merge branch 'gerrit/7.1.x' into 'gerrit/neo'
......................................................................

Merge branch 'gerrit/7.1.x' into 'gerrit/neo'

Change-Id: I63e00f78c78f7f5c15c0a8587c8f591035b4df82
---
M asterixdb/pom.xml
D 
asterixdb/src/main/licenses/content/raw.githubusercontent.com_xerial_snappy-java_v1.1.10.1_NOTICE.txt
M asterixdb/src/main/appended-resources/supplemental-models.xml
M hyracks-fullstack/pom.xml
5 files changed, 34 insertions(+), 72 deletions(-)

Approvals:
  Jenkins: Verified
  Michael Blow: Looks good to me, approved; Verified




diff --git a/asterixdb/pom.xml b/asterixdb/pom.xml
index 924f8be..6e68ab4 100644
--- a/asterixdb/pom.xml
+++ b/asterixdb/pom.xml
@@ -82,15 +82,9 @@
     <skip-npm-touch.stage>none</skip-npm-touch.stage>

     <!-- Versions under dependencymanagement or used in many projects via 
properties -->
-<<<<<<< HEAD   (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of 
ChunkedNettyOu)
     <algebricks.version>0.3.8.2-SNAPSHOT</algebricks.version>
     <hyracks.version>0.3.8.2-SNAPSHOT</hyracks.version>
-    <hadoop.version>3.3.4</hadoop.version>
-=======
-    <algebricks.version>0.3.8-SNAPSHOT</algebricks.version>
-    <hyracks.version>0.3.8-SNAPSHOT</hyracks.version>
     <hadoop.version>3.3.6</hadoop.version>
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
     <jacoco.version>0.7.6.201602180812</jacoco.version>
     <log4j.version>2.19.0</log4j.version>
     <awsjavasdk.version>2.17.218</awsjavasdk.version>
@@ -1000,8 +994,8 @@
             <artifactId>slf4j-reload4j</artifactId>
           </exclusion>
           <exclusion>
-            <groupId>ch.qos.reload4j</groupId>
-            <artifactId>reload4j</artifactId>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
           </exclusion>
           <exclusion>
             <groupId>ch.qos.reload4j</groupId>
@@ -1110,8 +1104,8 @@
             <artifactId>slf4j-reload4j</artifactId>
           </exclusion>
           <exclusion>
-            <groupId>ch.qos.reload4j</groupId>
-            <artifactId>reload4j</artifactId>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
           </exclusion>
           <exclusion>
             <groupId>ch.qos.reload4j</groupId>
@@ -1167,8 +1161,8 @@
             <artifactId>slf4j-reload4j</artifactId>
           </exclusion>
           <exclusion>
-            <groupId>ch.qos.reload4j</groupId>
-            <artifactId>reload4j</artifactId>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
           </exclusion>
           <exclusion>
             <groupId>ch.qos.reload4j</groupId>
@@ -1191,8 +1185,8 @@
             <artifactId>slf4j-reload4j</artifactId>
           </exclusion>
           <exclusion>
-            <groupId>ch.qos.reload4j</groupId>
-            <artifactId>reload4j</artifactId>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
           </exclusion>
           <exclusion>
             <groupId>ch.qos.reload4j</groupId>
@@ -1934,20 +1928,9 @@
       </dependency>
       <!-- Hadoop Azure end -->
       <dependency>
-<<<<<<< HEAD   (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of 
ChunkedNettyOu)
-        <groupId>org.eclipse.jetty</groupId>
-        <artifactId>jetty-util</artifactId>
-        <version>9.4.51.v20230217</version>
-      </dependency>
-      <dependency>
-        <groupId>org.eclipse.jetty</groupId>
-        <artifactId>jetty-util-ajax</artifactId>
-        <version>9.4.51.v20230217</version>
-=======
         <groupId>org.codehaus.jettison</groupId>
         <artifactId>jettison</artifactId>
         <version>1.5.4</version>
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
       </dependency>
     </dependencies>
   </dependencyManagement>
diff --git a/asterixdb/src/main/appended-resources/supplemental-models.xml 
b/asterixdb/src/main/appended-resources/supplemental-models.xml
index b25b956..2b8e438 100644
--- a/asterixdb/src/main/appended-resources/supplemental-models.xml
+++ b/asterixdb/src/main/appended-resources/supplemental-models.xml
@@ -464,19 +464,12 @@
       <properties>
         <!-- snappy-java is ALv2, and does not contain any embedded LICENSE or 
NOTICE file -->
         <!-- license override not needed, ALv2 is specified in its pom.xml -->
-<<<<<<< HEAD   (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of 
ChunkedNettyOu)
-        <!-- see 
https://raw.githubusercontent.com/xerial/snappy-java/v1.1.10.1/LICENSE -->
-        
<license.ignoreMissingEmbeddedLicense>1.1.10.1</license.ignoreMissingEmbeddedLicense>
-        
<license.ignoreMissingEmbeddedNotice>1.1.10.1</license.ignoreMissingEmbeddedNotice>
-        <license.ignoreNoticeOverride>1.1.10.1</license.ignoreNoticeOverride>
-=======
         <!-- see 
https://raw.githubusercontent.com/xerial/snappy-java/1.1.10.5/LICENSE -->
         
<license.ignoreMissingEmbeddedLicense>1.1.10.5</license.ignoreMissingEmbeddedLicense>
         
<license.ignoreMissingEmbeddedNotice>1.1.10.5</license.ignoreMissingEmbeddedNotice>
         <!-- snappy does have a NOTICE file, we add an override to pick that 
up -->
         <!-- see 
https://raw.githubusercontent.com/xerial/snappy-java/1.1.10.5/NOTICE -->
         <license.ignoreNoticeOverride>1.1.10.5</license.ignoreNoticeOverride>
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
       </properties>
     </project>
   </supplement>
@@ -1489,7 +1482,7 @@
       </properties>
     </project>
   </supplement>
-
+
   <!-- io.grpc uses ALv2 -->
   <supplement>
     <project>
diff --git 
a/asterixdb/src/main/licenses/content/raw.githubusercontent.com_xerial_snappy-java_v1.1.10.1_NOTICE.txt
 
b/asterixdb/src/main/licenses/content/raw.githubusercontent.com_xerial_snappy-java_v1.1.10.1_NOTICE.txt
deleted file mode 100644
index 19301705..0000000
--- 
a/asterixdb/src/main/licenses/content/raw.githubusercontent.com_xerial_snappy-java_v1.1.10.1_NOTICE.txt
+++ /dev/null
@@ -1,16 +0,0 @@
-This product includes software developed by Google
- Snappy: http://code.google.com/p/snappy/ (New BSD License)
-
-This product includes software developed by Apache
- PureJavaCrc32C from apache-hadoop-common http://hadoop.apache.org/
- (Apache 2.0 license)
-
-This library containd statically linked libstdc++. This inclusion is allowed by
-"GCC RUntime Library Exception"
-http://gcc.gnu.org/onlinedocs/libstdc++/manual/license.html
-
-== Contributors ==
-  * Tatu Saloranta
-    * Providing benchmark suite
-  * Alec Wysoker
-    * Performance and memory usage improvement
diff --git a/hyracks-fullstack/pom.xml b/hyracks-fullstack/pom.xml
index 257dccb..0601b2f 100644
--- a/hyracks-fullstack/pom.xml
+++ b/hyracks-fullstack/pom.xml
@@ -73,13 +73,8 @@
     <hadoop.version>3.3.6</hadoop.version>
     <jacoco.version>0.7.6.201602180812</jacoco.version>
     <log4j.version>2.19.0</log4j.version>
-<<<<<<< HEAD   (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of 
ChunkedNettyOu)
-    <snappy.version>1.1.10.1</snappy.version>
-    <jackson.version>2.14.3</jackson.version>
-=======
     <snappy.version>1.1.10.5</snappy.version>
-    <jackson.version>2.14.1</jackson.version>
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
+    <jackson.version>2.14.3</jackson.version>
     <jackson-databind.version>${jackson.version}</jackson-databind.version>
     <netty.version>4.1.94.Final</netty.version>

@@ -205,8 +200,8 @@
             <artifactId>slf4j-reload4j</artifactId>
           </exclusion>
           <exclusion>
-            <groupId>ch.qos.reload4j</groupId>
-            <artifactId>reload4j</artifactId>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-log4j12</artifactId>
           </exclusion>
         </exclusions>
       </dependency>
@@ -242,6 +237,10 @@
             <groupId>ch.qos.reload4j</groupId>
             <artifactId>reload4j</artifactId>
           </exclusion>
+          <exclusion>
+            <groupId>log4j</groupId>
+            <artifactId>log4j</artifactId>
+          </exclusion>
         </exclusions>
       </dependency>
       <dependency>
@@ -458,21 +457,6 @@
         <artifactId>snappy-java</artifactId>
         <version>${snappy.version}</version>
       </dependency>
-<<<<<<< HEAD   (3227d3 [NO ISSUE][HYR][HTTP] Avoid double release of 
ChunkedNettyOu)
-      <!-- TODO(htowaileb): removed from hadoop transitively and added 
separately to avoid CVEs, can
-           be removed once upgraded to hadoop 3.3.4 as it addresses the CVEs 
-->
-      <dependency>
-        <groupId>org.eclipse.jetty</groupId>
-        <artifactId>jetty-util</artifactId>
-        <version>9.4.51.v20230217</version>
-      </dependency>
-      <dependency>
-        <groupId>org.eclipse.jetty</groupId>
-        <artifactId>jetty-util-ajax</artifactId>
-        <version>9.4.51.v20230217</version>
-      </dependency>
-=======
->>>>>>> BRANCH (667152 [NO ISSUE][*DB] Update commons-compress to 1.24.0)
       <!-- Manually included to avoid CVE-2023-1370 -->
       <dependency>
         <groupId>net.minidev</groupId>

--
To view, visit https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/17847
To unsubscribe, or for help writing mail filters, visit 
https://asterix-gerrit.ics.uci.edu/settings

Gerrit-Project: asterixdb
Gerrit-Branch: neo
Gerrit-Change-Id: I63e00f78c78f7f5c15c0a8587c8f591035b4df82
Gerrit-Change-Number: 17847
Gerrit-PatchSet: 2
Gerrit-Owner: Michael Blow <[email protected]>
Gerrit-Reviewer: Jenkins <[email protected]>
Gerrit-Reviewer: Michael Blow <[email protected]>
Gerrit-MessageType: merged

Change in asterixdb[neo]: Merge branch 'gerrit/7.1.x' into 'gerrit/neo'

Reply via email to