pan3793 commented on PR #53429: URL: https://github.com/apache/spark/pull/53429#issuecomment-3641571034
@LaurentGoderre, thanks for creating this backport PR. I think the backport decision depends on CVE severity and compatibility risk. As the author of the original patch, I'm neutral on it, but if you really want to do such a backport, please include #50022 too. PS: I backported it to the internal Spark 3 branches, and it has been running well for over 6 months in our production cluster and many customer clusters, so I'm confident about the patch itself. The risk comes from the libthrift API change, this might surprise Spark downstream projects or users who use libthrift. cc more PMC members for making a decision - @dongjoon-hyun @LuciferYang @wangyum @sarutak -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
