panbingkun opened a new pull request, #37511: URL: https://github.com/apache/spark/pull/37511
### What changes were proposed in this pull request? This PR upgrade `apache-rat` to 0.14. ### Why are the changes needed? #### 1.This brings security issues fix like the following: > 1.Update to doxia 1.11.1 in order to get CVE-2020-13956-httpclient problem fixes in doxia. Fixes [RAT-275](https://issues.apache.org/jira/browse/RAT-275) > 2.Update to latest Commons IO to fix CVE-2021-29425 (Moderate severity). Fixes [RAT-281](https://issues.apache.org/jira/browse/RAT-281). > 3.Update to junit 4.13.1 to fix CVE-2020-15250. Fixes [RAT-277](https://issues.apache.org/jira/browse/RAT-277) > 4.Update to latest Apache Ant 1.10.9 to fix CVE-2020-11979. Update to JDK8 as minimal version/compiler version. Fixes [RAT-274](https://issues.apache.org/jira/browse/RAT-274) > 5.Update to latest Apache Ant to fix CVE-2020-1945. Fixes [RAT-269](https://issues.apache.org/jira/browse/RAT-269) > 6.Update to latest commons-compress to fix CVE-2019-12402. Fixes [RAT-258](https://issues.apache.org/jira/browse/RAT-258) > 7.Update compiler level to 1.7 to allow building with more recent JDKs. Update plugins and dependencies to more modern versions to fix security issues (CVE-warnings). Fixes [RAT-244](https://issues.apache.org/jira/browse/RAT-244). #### 2.Release notes: > https://creadur.apache.org/rat/changes-report.html#a0.14 ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? Pass GA & manual tests: ./dev/check-license -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
