[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16609541#comment-16609541
]
Hudson commented on HBASE-21143:
Results for branch branch-2.1
[build #305 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/305/]:
(x) *{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/305//General_Nightly_Build_Report/]
(x) {color:red}-1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/305//JDK8_Nightly_Build_Report_(Hadoop2)/]
(x) {color:red}-1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.1/305//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Fix For: 3.0.0, 2.2.0, 2.1.1, 2.0.3
>
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16609501#comment-16609501
]
Hudson commented on HBASE-21143:
Results for branch branch-2.0
[build #795 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/795/]:
(x) *{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/795//General_Nightly_Build_Report/]
(/) {color:green}+1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/795//JDK8_Nightly_Build_Report_(Hadoop2)/]
(x) {color:red}-1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2.0/795//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Fix For: 3.0.0, 2.2.0, 2.1.1, 2.0.3
>
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16608963#comment-16608963
]
Guangxu Cheng commented on HBASE-21143:
---
[~Apache9] Thanks for your commit.:)
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Fix For: 3.0.0, 2.2.0, 2.1.1, 2.0.3
>
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16607277#comment-16607277
]
Hudson commented on HBASE-21143:
Results for branch master
[build #478 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/master/478/]: (x)
*{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/master/478//General_Nightly_Build_Report/]
(x) {color:red}-1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/master/478//JDK8_Nightly_Build_Report_(Hadoop2)/]
(x) {color:red}-1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/master/478//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16607033#comment-16607033
]
Hudson commented on HBASE-21143:
Results for branch branch-2
[build #1213 on
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1213/]:
(x) *{color:red}-1 overall{color}*
details (if available):
(/) {color:green}+1 general checks{color}
-- For more information [see general
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1213//General_Nightly_Build_Report/]
(x) {color:red}-1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1213//JDK8_Nightly_Build_Report_(Hadoop2)/]
(/) {color:green}+1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3)
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/1213//JDK8_Nightly_Build_Report_(Hadoop3)/]
(/) {color:green}+1 source release artifact{color}
-- See build output for details.
(/) {color:green}+1 client integration test{color}
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Fix For: 3.0.0, 2.2.0
>
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16606616#comment-16606616
]
Guangxu Cheng commented on HBASE-21143:
---
pushed to master and branch-2.
Thank [~mdrob] for review.
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16606006#comment-16606006
]
Guangxu Cheng commented on HBASE-21143:
---
So if no objections I will commit the patch to branch-2.0+ later.Thanks
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16605241#comment-16605241
]
Mike Drob commented on HBASE-21143:
---
+1
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16605225#comment-16605225
]
Guangxu Cheng commented on HBASE-21143:
---
[~busbey] [~mdrob] mind taking a look at it ? thanks
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16604069#comment-16604069
]
Hadoop QA commented on HBASE-21143:
---
| (x) *{color:red}-1 overall{color}* |
\\
\\
|| Vote || Subsystem || Runtime || Comment ||
| {color:blue}0{color} | {color:blue} reexec {color} | {color:blue} 0m
25s{color} | {color:blue} Docker mode activated. {color} |
|| || || || {color:brown} Prechecks {color} ||
| {color:green}+1{color} | {color:green} @author {color} | {color:green} 0m
0s{color} | {color:green} The patch does not contain any @author tags. {color} |
| {color:orange}-0{color} | {color:orange} test4tests {color} | {color:orange}
0m 0s{color} | {color:orange} The patch doesn't appear to include any new or
modified tests. Please justify why no new tests are needed for this patch. Also
please list what manual steps were performed to verify this patch. {color} |
|| || || || {color:brown} master Compile Tests {color} ||
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 5m
26s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 7m
11s{color} | {color:green} master passed {color} |
| {color:green}+1{color} | {color:green} shadedjars {color} | {color:green} 4m
34s{color} | {color:green} branch has no errors when building our shaded
downstream artifacts. {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m
36s{color} | {color:green} master passed {color} |
|| || || || {color:brown} Patch Compile Tests {color} ||
| {color:green}+1{color} | {color:green} mvninstall {color} | {color:green} 3m
45s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} compile {color} | {color:green} 6m
29s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} javac {color} | {color:green} 6m
29s{color} | {color:green} the patch passed {color} |
| {color:green}+1{color} | {color:green} whitespace {color} | {color:green} 0m
0s{color} | {color:green} The patch has no whitespace issues. {color} |
| {color:green}+1{color} | {color:green} xml {color} | {color:green} 0m
1s{color} | {color:green} The patch has no ill-formed XML file. {color} |
| {color:green}+1{color} | {color:green} shadedjars {color} | {color:green} 4m
15s{color} | {color:green} patch has no errors when building our shaded
downstream artifacts. {color} |
| {color:green}+1{color} | {color:green} hadoopcheck {color} | {color:green}
7m 39s{color} | {color:green} Patch does not cause any errors with Hadoop 2.7.4
or 3.0.0. {color} |
| {color:green}+1{color} | {color:green} javadoc {color} | {color:green} 2m
35s{color} | {color:green} the patch passed {color} |
|| || || || {color:brown} Other Tests {color} ||
| {color:red}-1{color} | {color:red} unit {color} | {color:red}288m 19s{color}
| {color:red} root in the patch failed. {color} |
| {color:green}+1{color} | {color:green} asflicense {color} | {color:green} 0m
30s{color} | {color:green} The patch does not generate ASF License warnings.
{color} |
| {color:black}{color} | {color:black} {color} | {color:black}334m 12s{color} |
{color:black} {color} |
\\
\\
|| Reason || Tests ||
| Failed junit tests | hadoop.hbase.client.TestAdminShell |
\\
\\
|| Subsystem || Report/Notes ||
| Docker | Client=17.05.0-ce Server=17.05.0-ce Image:yetus/hbase:b002b0b |
| JIRA Issue | HBASE-21143 |
| JIRA Patch URL |
https://issues.apache.org/jira/secure/attachment/12938099/HBASE-21143.master.001.patch
|
| Optional Tests | asflicense javac javadoc unit shadedjars hadoopcheck
xml compile |
| uname | Linux e78863b0348a 3.13.0-143-generic #192-Ubuntu SMP Tue Feb 27
10:45:36 UTC 2018 x86_64 GNU/Linux |
| Build tool | maven |
| Personality |
/home/jenkins/jenkins-slave/workspace/PreCommit-HBASE-Build/component/dev-support/hbase-personality.sh
|
| git revision | master / b62ac3cb11 |
| maven | version: Apache Maven 3.5.4
(1edded0938998edf8bf061f1ceb3cfdeccf443fe; 2018-06-17T18:33:14Z) |
| Default Java | 1.8.0_181 |
| unit |
https://builds.apache.org/job/PreCommit-HBASE-Build/14306/artifact/patchprocess/patch-unit-root.txt
|
| Test Results |
https://builds.apache.org/job/PreCommit-HBASE-Build/14306/testReport/ |
| Max. process+thread count | 4826 (vs. ulimit of 1) |
| modules | C: . U: . |
| Console output |
https://builds.apache.org/job/PreCommit-HBASE-Build/14306/console |
| Powered by | Apache Yetus 0.7.0 http://yetus.apache.org |
This message was automatically generated.
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0,
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16603818#comment-16603818
]
Guangxu Cheng commented on HBASE-21143:
---
[~stack] boss, mind taking a look at it ? thanks
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Commented] (HBASE-21143) Update findbugs-maven-plugin to 3.0.4
[
https://issues.apache.org/jira/browse/HBASE-21143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16601835#comment-16601835
]
Guangxu Cheng commented on HBASE-21143:
---
simple patch.
> Update findbugs-maven-plugin to 3.0.4
> -
>
> Key: HBASE-21143
> URL: https://issues.apache.org/jira/browse/HBASE-21143
> Project: HBase
> Issue Type: Bug
> Components: pom
>Affects Versions: 3.0.0, 2.1.0, 2.2.0, 2.0.2
>Reporter: Guangxu Cheng
>Assignee: Guangxu Cheng
>Priority: Major
> Attachments: HBASE-21143.master.001.patch
>
>
> {code}
> Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs
> (default) on project hbase: Execution default of goal
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs failed: Plugin
> org.codehaus.mojo:findbugs-maven-plugin:3.0.0 or one of its dependencies
> could not be resolved: Failed to collect dependencies at
> org.codehaus.mojo:findbugs-maven-plugin:jar:3.0.0 ->
> org.codehaus.groovy:groovy-all:jar:1.7.4: Failed to read artifact descriptor
> for org.codehaus.groovy:groovy-all:jar:1.7.4: Could not transfer artifact
> org.codehaus.groovy:groovy-all:pom:1.7.4 from/to mirror
> (http://xxx..xxx/nexus/content/groups/public): Failed to transfer file:
> http://xxx..xxx/nexus/content/groups/public/org/codehaus/groovy/groovy-all/1.7.4/groovy-all-1.7.4.pom.
> Return code is: 418 , ReasonPhrase:Artifact is in Tencent Blacklist! Please
> update to the safe version, more information:
> http://xxx..xxx/?tab=blackList.
> {code}
> Recently, when I compile HBase with a new machine, I got the above error.
> Since the machine could not connect to the external network, we visited our
> internal Maven repository, but org.codehaus.groovy:groovy-all:jar:1.7.4 was
> added to the blacklist and could not be downloaded. See details,
> org.codehaus.groovy:groovy-all:jar:1.7.4 is marked as vulnerable by
> [CVE-2015-3253|https://www.cvedetails.com/cve/CVE-2015-3253], so we should
> upgrade the version.
> {code:xml}
> org.codehaus.mojo
> findbugs-maven-plugin
> 3.0.0
>
>
>
> ${project.basedir}/../dev-support/findbugs-exclude.xml
> {code}
> Look at the history commit record, findbugs-maven-plugin has been upgraded to
> 3.0.4 in HBASE-18264, but one place is missing which still using the version
> of 3.0.0.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
