[jira] [Updated] (STORM-3867) Update Apache MQ to ActiveMQ 5.16.5 (jdk8)
[ https://issues.apache.org/jira/browse/STORM-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3867: Issue Type: Dependency upgrade (was: Task) > Update Apache MQ to ActiveMQ 5.16.5 (jdk8) > -- > > Key: STORM-3867 > URL: https://issues.apache.org/jira/browse/STORM-3867 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Update ActiveMQ version to latest version of Active MQ for JDK8, namely > ActiveMQ 5.16.5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3866) Update Rockdb version from 5.18.4 to 6.27.3
[ https://issues.apache.org/jira/browse/STORM-3866?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3866: Issue Type: Dependency upgrade (was: Task) > Update Rockdb version from 5.18.4 to 6.27.3 > --- > > Key: STORM-3866 > URL: https://issues.apache.org/jira/browse/STORM-3866 > Project: Apache Storm > Issue Type: Dependency upgrade >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > This version of rocksdb is compatible with s390. > https://github.com/apache/storm/pull/3476 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3868) Bump spring-core from 5.3.19 to 5.3.20 in /examples/storm-jms-examples
[ https://issues.apache.org/jira/browse/STORM-3868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3868: Issue Type: Dependency upgrade (was: Task) > Bump spring-core from 5.3.19 to 5.3.20 in /examples/storm-jms-examples > -- > > Key: STORM-3868 > URL: https://issues.apache.org/jira/browse/STORM-3868 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: examples >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Bump spring-core from 5.3.19 to 5.3.20 in /examples/storm-jms-examples > Created by dependabot. > PR is https://github.com/apache/storm/pull/3481 > Prior PR for update of version was: https://github.com/apache/storm/pull/3473 > This required additional changes in DEPENDENCY-LICENSES to > {code:java} > * Spring AOP (org.springframework:spring-aop:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Beans (org.springframework:spring-beans:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Commons Logging Bridge > (org.springframework:spring-jcl:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Context (org.springframework:spring-context:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Core (org.springframework:spring-core:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Expression Language (SpEL) > (org.springframework:spring-expression:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring JMS (org.springframework:spring-jms:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Messaging (org.springframework:spring-messaging:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Transaction (org.springframework:spring-tx:5.3.19 - > https://github.com/spring-projects/spring-framework) > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3864) Bump gson from 2.8.0 to 2.8.9 in /integration-test
[ https://issues.apache.org/jira/browse/STORM-3864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3864: Issue Type: Dependency upgrade (was: Task) > Bump gson from 2.8.0 to 2.8.9 in /integration-test > --- > > Key: STORM-3864 > URL: https://issues.apache.org/jira/browse/STORM-3864 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: integration-test >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Change integration-test/pom.xml and DEPENDENCY-LICENSES. > This PR was automatically generated by "dependabot", but license file has to > be manually updated. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3865) Bump hadoop-common from 2.8.5 to 2.10.1
[ https://issues.apache.org/jira/browse/STORM-3865?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3865: Issue Type: Dependency upgrade (was: Task) > Bump hadoop-common from 2.8.5 to 2.10.1 > --- > > Key: STORM-3865 > URL: https://issues.apache.org/jira/browse/STORM-3865 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Original PR created by dependabot https://github.com/apache/storm/pull/3468 > Requires changed to DEPENDENCY-LICENCES and LICENSE-binary -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3853) Upgrade maven-pmd-plugin from 3.12.0 to 3.16.0
[ https://issues.apache.org/jira/browse/STORM-3853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3853: Issue Type: Dependency upgrade (was: Task) > Upgrade maven-pmd-plugin from 3.12.0 to 3.16.0 > -- > > Key: STORM-3853 > URL: https://issues.apache.org/jira/browse/STORM-3853 > Project: Apache Storm > Issue Type: Dependency upgrade >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Also fix any PMPD exception when running: > {code:java} > mvn pmd:check > {code} > Do not fix PMD parsing errors when running "mvn pmd:pmd". That will be > addressed in a separate Jira. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3855) Remove Python2 Support in Travis and storm.py - Breaking Change
[ https://issues.apache.org/jira/browse/STORM-3855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3855: Issue Type: New Feature (was: Task) > Remove Python2 Support in Travis and storm.py - Breaking Change > --- > > Key: STORM-3855 > URL: https://issues.apache.org/jira/browse/STORM-3855 > Project: Apache Storm > Issue Type: New Feature > Components: build, documentation, storm-submit-tools >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Python2 was sunset Jan 1, 2020. More details here > https://www.python.org/doc/sunset-python-2/ > Python2 dependence is holding back storm.py from using python3 language > features. > When new storm release is made, independent verifiers cannot install python2 > to verify the release. > https://docs.python.org/3/howto/pyporting.html -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3857) Bump spring-core from 5.3.18 to 5.3.19 in /examples/storm-jms-examples
[ https://issues.apache.org/jira/browse/STORM-3857?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3857: Issue Type: Dependency upgrade (was: Task) > Bump spring-core from 5.3.18 to 5.3.19 in /examples/storm-jms-examples > -- > > Key: STORM-3857 > URL: https://issues.apache.org/jira/browse/STORM-3857 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: examples >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3921) Bump spring-core from 5.3.26 to 5.3.27 in /examples/storm-jms-examples
[ https://issues.apache.org/jira/browse/STORM-3921?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3921: Issue Type: Dependency upgrade (was: Improvement) > Bump spring-core from 5.3.26 to 5.3.27 in /examples/storm-jms-examples > -- > > Key: STORM-3921 > URL: https://issues.apache.org/jira/browse/STORM-3921 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: storm-jms >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Pull Request [https://github.com/apache/storm/pull/3538] created by > Dependabot. > Fix license for successful build. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3922) Update Acker Related Scheduling Changes
[ https://issues.apache.org/jira/browse/STORM-3922?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3922: Issue Type: New Feature (was: Improvement) > Update Acker Related Scheduling Changes > --- > > Key: STORM-3922 > URL: https://issues.apache.org/jira/browse/STORM-3922 > Project: Apache Storm > Issue Type: New Feature > Components: storm-server >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Separate out Acker related changes to storm-server from Round Robin Strategy -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3920) Update the Secure Storm documentation
[ https://issues.apache.org/jira/browse/STORM-3920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3920: Issue Type: Documentation (was: Improvement) > Update the Secure Storm documentation > - > > Key: STORM-3920 > URL: https://issues.apache.org/jira/browse/STORM-3920 > Project: Apache Storm > Issue Type: Documentation >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Update [https://storm.apache.org/releases/2.4.0/SECURITY.html] > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3918) Bump snakeyaml from 1.32 to 2.0
[ https://issues.apache.org/jira/browse/STORM-3918?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3918: Issue Type: Dependency upgrade (was: Improvement) > Bump snakeyaml from 1.32 to 2.0 > --- > > Key: STORM-3918 > URL: https://issues.apache.org/jira/browse/STORM-3918 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: storm-core >Affects Versions: 2.4.0 >Reporter: Alexandre Vermeerbergen >Assignee: Alexandre Vermeerbergen >Priority: Critical > Fix For: 2.5.0 > > > Current snakeyaml version is vulnerable to > [CVE-2022-1471|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471] > which is rated [9.8 > CRITICAL|https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-1471=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H=3.1=NIST] > by NIST. > Trivial fix is to update to snakeyaml 2.0. > I tried to manually replace existing snakeyaml JAR with 2.0 version (but > keeping the same JAR file name to avoid issue with potentially hard coded > CLASSPATH), and then I restarted all Storm related processes (Nimbus, > logview, Supervisor, Nimbus UI...) and deployed some topologies => everything > worked fine > So it looks like a trivial task > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3907) Update mockito to version 4.11.0
[ https://issues.apache.org/jira/browse/STORM-3907?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3907: Issue Type: Dependency upgrade (was: Improvement) > Update mockito to version 4.11.0 > > > Key: STORM-3907 > URL: https://issues.apache.org/jira/browse/STORM-3907 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Update mockito to version 4. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3886) Adding IgnoreUnrecognizedVMOptions to make worker start with jdk-11
[ https://issues.apache.org/jira/browse/STORM-3886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3886: Issue Type: New Feature (was: Improvement) > Adding IgnoreUnrecognizedVMOptions to make worker start with jdk-11 > --- > > Key: STORM-3886 > URL: https://issues.apache.org/jira/browse/STORM-3886 > Project: Apache Storm > Issue Type: New Feature > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > > Fixed in PR [https://github.com/apache/storm/pull/3503] > by [~atulsm] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3897) Replace Travis with GitHub Actions
[ https://issues.apache.org/jira/browse/STORM-3897?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3897: Issue Type: New Feature (was: Improvement) > Replace Travis with GitHub Actions > -- > > Key: STORM-3897 > URL: https://issues.apache.org/jira/browse/STORM-3897 > Project: Apache Storm > Issue Type: New Feature >Reporter: Richard Zowalla >Priority: Major > Fix For: 2.5.0 > > Time Spent: 1h > Remaining Estimate: 0h > > Travis isn't ASF anymore. We need to migrate -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3900) Upgrade Cassandra version to avoid depedency on snakeyaml 1.3
[ https://issues.apache.org/jira/browse/STORM-3900?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3900: Issue Type: Dependency upgrade (was: Improvement) > Upgrade Cassandra version to avoid depedency on snakeyaml 1.3 > - > > Key: STORM-3900 > URL: https://issues.apache.org/jira/browse/STORM-3900 > Project: Apache Storm > Issue Type: Dependency upgrade >Reporter: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Snakeyaml 1.3 has a security vulnerability. Cassandra version is storm has > pulls in this version. Upgrade Cassandra to a version that uses snakeyaml 2.0. > See Storm snakeyaml 2.0 upgrade in PR: > https://github.com/apache/storm/pull/3523 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3889) Bump snakeyaml from 1.26 to 1.32
[ https://issues.apache.org/jira/browse/STORM-3889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3889: Issue Type: Dependency upgrade (was: Improvement) > Bump snakeyaml from 1.26 to 1.32 > > > Key: STORM-3889 > URL: https://issues.apache.org/jira/browse/STORM-3889 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 50m > Remaining Estimate: 0h > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3839) Upgrade org.springframework:spring-core for CVE-2022-22965
[ https://issues.apache.org/jira/browse/STORM-3839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3839: Issue Type: Dependency upgrade (was: Improvement) > Upgrade org.springframework:spring-core for CVE-2022-22965 > -- > > Key: STORM-3839 > URL: https://issues.apache.org/jira/browse/STORM-3839 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: examples >Reporter: Bipin Prasad >Priority: Critical > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Upgrade org.springframework:spring-beans to version 5.2.20 or later. For > example: > {code:java} > > org.springframework > spring-beans > [5.2.20,) > > {code} > Upgrade org.springframework:spring-core to version 5.2.20 or later. For > example: > {code:java} > > org.springframework > spring-core > [5.2.20,) > > {code} > [CVE-2022-22965 |https://tanzu.vmware.com/security/cve-2022-22965]critical > severity > Vulnerable versions: < 5.2.20 > Patched version: 5.2.20 > Spring Framework prior to versions 5.2.20 and 5.3.18 contains a remote code > execution vulnerability known as Spring4Shell. > Impact > A Spring MVC or Spring WebFlux application running on JDK 9+ may be > vulnerable to remote code execution (RCE) via data binding. The specific > exploit requires the application to run on Tomcat as a WAR deployment. If the > application is deployed as a Spring Boot executable jar, i.e. the default, it > is not vulnerable to the exploit. However, the nature of the vulnerability is > more general, and there may be other ways to exploit it. > These are the prerequisites for the exploit: > JDK 9 or higher > Apache Tomcat as the Servlet container > Packaged as WAR > spring-webmvc or spring-webflux dependency > Patches > Spring Framework 5.3.18 and 5.2.20 > Spring Boot 2.6.6 and 2.5.12 > Workarounds > For those who are unable to upgrade, leaked reports recommend setting > disallowedFields on WebDataBinder through an @ControllerAdvice. This works > generally, but as a centrally applied workaround fix, may leave some > loopholes, in particular if a controller sets disallowedFields locally > through its own @InitBinder method, which overrides the global setting. > To apply the workaround in a more fail-safe way, applications could extend > RequestMappingHandlerAdapter to update the WebDataBinder at the end after all > other initialization. In order to do that, a Spring Boot application can > declare a WebMvcRegistrations bean (Spring MVC) or a WebFluxRegistrations > bean (Spring WebFlux). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3892) Bump testng from 6.8.5 to 7.7.0
[ https://issues.apache.org/jira/browse/STORM-3892?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3892: Issue Type: Dependency upgrade (was: Documentation) > Bump testng from 6.8.5 to 7.7.0 > --- > > Key: STORM-3892 > URL: https://issues.apache.org/jira/browse/STORM-3892 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: storm-starter >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Dependabot automatic security recommendation: > https://github.com/apache/storm/pull/3515 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3893) Bump testng from 6.8.5 to 7.7.0 in integration test
[ https://issues.apache.org/jira/browse/STORM-3893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3893: Issue Type: Dependency upgrade (was: Documentation) > Bump testng from 6.8.5 to 7.7.0 in integration test > --- > > Key: STORM-3893 > URL: https://issues.apache.org/jira/browse/STORM-3893 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: integration-test >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Dependabot automatic security recommendation: > https://github.com/apache/storm/pull/3517 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3886) Adding IgnoreUnrecognizedVMOptions to make worker start with jdk-11
[ https://issues.apache.org/jira/browse/STORM-3886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3886: Issue Type: Improvement (was: Dependency upgrade) > Adding IgnoreUnrecognizedVMOptions to make worker start with jdk-11 > --- > > Key: STORM-3886 > URL: https://issues.apache.org/jira/browse/STORM-3886 > Project: Apache Storm > Issue Type: Improvement > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > > Fixed in PR [https://github.com/apache/storm/pull/3503] > by [~atulsm] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3837) upgrade activemq-client due to cve
[ https://issues.apache.org/jira/browse/STORM-3837?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3837: - > upgrade activemq-client due to cve > -- > > Key: STORM-3837 > URL: https://issues.apache.org/jira/browse/STORM-3837 > Project: Apache Storm > Issue Type: Sub-task >Reporter: PJ Fanning >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > https://mvnrepository.com/artifact/org.apache.activemq/activemq-client -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3837) upgrade activemq-client due to cve
[ https://issues.apache.org/jira/browse/STORM-3837?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3837. - Resolution: Fixed > upgrade activemq-client due to cve > -- > > Key: STORM-3837 > URL: https://issues.apache.org/jira/browse/STORM-3837 > Project: Apache Storm > Issue Type: Sub-task >Reporter: PJ Fanning >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > https://mvnrepository.com/artifact/org.apache.activemq/activemq-client -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3918) Bump snakeyaml from 1.32 to 2.0
[ https://issues.apache.org/jira/browse/STORM-3918?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3918: Issue Type: Improvement (was: Bug) > Bump snakeyaml from 1.32 to 2.0 > --- > > Key: STORM-3918 > URL: https://issues.apache.org/jira/browse/STORM-3918 > Project: Apache Storm > Issue Type: Improvement > Components: storm-core >Affects Versions: 2.4.0 >Reporter: Alexandre Vermeerbergen >Assignee: Alexandre Vermeerbergen >Priority: Critical > Fix For: 2.5.0 > > > Current snakeyaml version is vulnerable to > [CVE-2022-1471|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471] > which is rated [9.8 > CRITICAL|https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-1471=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H=3.1=NIST] > by NIST. > Trivial fix is to update to snakeyaml 2.0. > I tried to manually replace existing snakeyaml JAR with 2.0 version (but > keeping the same JAR file name to avoid issue with potentially hard coded > CLASSPATH), and then I restarted all Storm related processes (Nimbus, > logview, Supervisor, Nimbus UI...) and deployed some topologies => everything > worked fine > So it looks like a trivial task > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3902) Print summary of difference between expected and actual licenses
[ https://issues.apache.org/jira/browse/STORM-3902?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3902: Issue Type: Improvement (was: New Feature) > Print summary of difference between expected and actual licenses > > > Key: STORM-3902 > URL: https://issues.apache.org/jira/browse/STORM-3902 > Project: Apache Storm > Issue Type: Improvement > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > During the build process, a python script checks the DEPENDENCY-LICENSES file > to ensure that all the licenses have been specified. When this file is not > what is expected, then print a summary of the differences between the > expected and actual file. > Retain the current detail output of the actual and expected files. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3900) Upgrade Cassandra version to avoid depedency on snakeyaml 1.3
[ https://issues.apache.org/jira/browse/STORM-3900?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3900: Issue Type: Improvement (was: New Feature) > Upgrade Cassandra version to avoid depedency on snakeyaml 1.3 > - > > Key: STORM-3900 > URL: https://issues.apache.org/jira/browse/STORM-3900 > Project: Apache Storm > Issue Type: Improvement >Reporter: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Snakeyaml 1.3 has a security vulnerability. Cassandra version is storm has > pulls in this version. Upgrade Cassandra to a version that uses snakeyaml 2.0. > See Storm snakeyaml 2.0 upgrade in PR: > https://github.com/apache/storm/pull/3523 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3889) Bump snakeyaml from 1.26 to 1.32
[ https://issues.apache.org/jira/browse/STORM-3889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3889: Issue Type: Improvement (was: New Feature) > Bump snakeyaml from 1.26 to 1.32 > > > Key: STORM-3889 > URL: https://issues.apache.org/jira/browse/STORM-3889 > Project: Apache Storm > Issue Type: Improvement > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 50m > Remaining Estimate: 0h > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3833) Migrate to JUnit5 and remove JUnit4
[ https://issues.apache.org/jira/browse/STORM-3833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad closed STORM-3833. --- Resolution: Duplicate > Migrate to JUnit5 and remove JUnit4 > --- > > Key: STORM-3833 > URL: https://issues.apache.org/jira/browse/STORM-3833 > Project: Apache Storm > Issue Type: Improvement > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > > JUnit4 is old and works upto JDK 1.7. pom.xml contains org.junit.vintage to > provide compatibility with JUnit4 classes. The tests break with running with > more recent versions of JDK - for example with openjdk-17. The vintage > classes cannot detect the Test methods. > Remove the vintage junit, migrate fully to junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3833) Migrate to JUnit5 and remove JUnit4
[ https://issues.apache.org/jira/browse/STORM-3833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3833: Fix Version/s: (was: 2.5.0) > Migrate to JUnit5 and remove JUnit4 > --- > > Key: STORM-3833 > URL: https://issues.apache.org/jira/browse/STORM-3833 > Project: Apache Storm > Issue Type: Improvement > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > > JUnit4 is old and works upto JDK 1.7. pom.xml contains org.junit.vintage to > provide compatibility with JUnit4 classes. The tests break with running with > more recent versions of JDK - for example with openjdk-17. The vintage > classes cannot detect the Test methods. > Remove the vintage junit, migrate fully to junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3833) Migrate to JUnit5 and remove JUnit4
[ https://issues.apache.org/jira/browse/STORM-3833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3833: - > Migrate to JUnit5 and remove JUnit4 > --- > > Key: STORM-3833 > URL: https://issues.apache.org/jira/browse/STORM-3833 > Project: Apache Storm > Issue Type: Improvement > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > > JUnit4 is old and works upto JDK 1.7. pom.xml contains org.junit.vintage to > provide compatibility with JUnit4 classes. The tests break with running with > more recent versions of JDK - for example with openjdk-17. The vintage > classes cannot detect the Test methods. > Remove the vintage junit, migrate fully to junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3833) Migrate to JUnit5 and remove JUnit4
[ https://issues.apache.org/jira/browse/STORM-3833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad closed STORM-3833. --- > Migrate to JUnit5 and remove JUnit4 > --- > > Key: STORM-3833 > URL: https://issues.apache.org/jira/browse/STORM-3833 > Project: Apache Storm > Issue Type: Improvement > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > > JUnit4 is old and works upto JDK 1.7. pom.xml contains org.junit.vintage to > provide compatibility with JUnit4 classes. The tests break with running with > more recent versions of JDK - for example with openjdk-17. The vintage > classes cannot detect the Test methods. > Remove the vintage junit, migrate fully to junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3833) Migrate to JUnit5 and remove JUnit4
[ https://issues.apache.org/jira/browse/STORM-3833?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3833. - Fix Version/s: 2.5.0 Resolution: Duplicate > Migrate to JUnit5 and remove JUnit4 > --- > > Key: STORM-3833 > URL: https://issues.apache.org/jira/browse/STORM-3833 > Project: Apache Storm > Issue Type: Improvement > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > > JUnit4 is old and works upto JDK 1.7. pom.xml contains org.junit.vintage to > provide compatibility with JUnit4 classes. The tests break with running with > more recent versions of JDK - for example with openjdk-17. The vintage > classes cannot detect the Test methods. > Remove the vintage junit, migrate fully to junit5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3877) change test_storm_cli script to use python3
[ https://issues.apache.org/jira/browse/STORM-3877?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3877. - Fix Version/s: 2.5.0 Resolution: Fixed > change test_storm_cli script to use python3 > --- > > Key: STORM-3877 > URL: https://issues.apache.org/jira/browse/STORM-3877 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > Fix For: 2.5.0 > > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (STORM-3877) change test_storm_cli script to use python3
[ https://issues.apache.org/jira/browse/STORM-3877?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17732662#comment-17732662 ] Bipin Prasad commented on STORM-3877: - PR 3488 is Junit 4 to 5 migration for 3873), but also fixes this python script to use python3. > change test_storm_cli script to use python3 > --- > > Key: STORM-3877 > URL: https://issues.apache.org/jira/browse/STORM-3877 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3877) change test_storm_cli script to use python3
[ https://issues.apache.org/jira/browse/STORM-3877?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3877: - > change test_storm_cli script to use python3 > --- > > Key: STORM-3877 > URL: https://issues.apache.org/jira/browse/STORM-3877 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3877) change test_storm_cli script to use python3
[ https://issues.apache.org/jira/browse/STORM-3877?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad closed STORM-3877. --- > change test_storm_cli script to use python3 > --- > > Key: STORM-3877 > URL: https://issues.apache.org/jira/browse/STORM-3877 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3873) Remove Junit 4 dependencies
[ https://issues.apache.org/jira/browse/STORM-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3873. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Remove Junit 4 dependencies > --- > > Key: STORM-3873 > URL: https://issues.apache.org/jira/browse/STORM-3873 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 50m > Remaining Estimate: 0h > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3873) Remove Junit 4 dependencies
[ https://issues.apache.org/jira/browse/STORM-3873?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3873: - > Remove Junit 4 dependencies > --- > > Key: STORM-3873 > URL: https://issues.apache.org/jira/browse/STORM-3873 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > Time Spent: 50m > Remaining Estimate: 0h > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3841) Remove dependency on javax.jms which has been removed from maven central repo
[ https://issues.apache.org/jira/browse/STORM-3841?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3841. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Remove dependency on javax.jms which has been removed from maven central repo > - > > Key: STORM-3841 > URL: https://issues.apache.org/jira/browse/STORM-3841 > Project: Apache Storm > Issue Type: Improvement > Components: build, examples, Flux, storm-autocreds, storm-hdfs, > storm-hive, storm-sql >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 50m > Remaining Estimate: 0h > > The transitive dependency comes from > {noformat} > org.apache.hive.hcatalog:hive-webhcat-java-client:jar:2.3.4 >-> org.apache.hive.hcatalog:hive-hcatalog-server-extensions:jar:2.3.4 > -> javax.jms:jms:jar:1.1 > {noformat} > Changing the version to 2.3.9 updates minor version but does not pull in > javax.jms -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3854) A very large number of PMD Exceptions are thrown when building storm
[ https://issues.apache.org/jira/browse/STORM-3854?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3854. - Fix Version/s: 2.5.0 Resolution: Fixed PR merged > A very large number of PMD Exceptions are thrown when building storm > > > Key: STORM-3854 > URL: https://issues.apache.org/jira/browse/STORM-3854 > Project: Apache Storm > Issue Type: Task > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Attachments: pmderrors.txt > > Time Spent: 50m > Remaining Estimate: 0h > > When running a build of storm project, say with "mvn compile" or "mvn clean > install", > a very large number of PMDExceptions are thrown and a large number of files > are not parsed. > This can also be duplicated by running "mvn pmd:pmd". > Remove PMD Exceptions - because they are too numerous, annoying, and mask > other warnings and errors. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3853) Upgrade maven-pmd-plugin from 3.12.0 to 3.16.0
[ https://issues.apache.org/jira/browse/STORM-3853?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3853. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Upgrade maven-pmd-plugin from 3.12.0 to 3.16.0 > -- > > Key: STORM-3853 > URL: https://issues.apache.org/jira/browse/STORM-3853 > Project: Apache Storm > Issue Type: Task >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Also fix any PMPD exception when running: > {code:java} > mvn pmd:check > {code} > Do not fix PMD parsing errors when running "mvn pmd:pmd". That will be > addressed in a separate Jira. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3855) Remove Python2 Support in Travis and storm.py - Breaking Change
[ https://issues.apache.org/jira/browse/STORM-3855?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3855. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Remove Python2 Support in Travis and storm.py - Breaking Change > --- > > Key: STORM-3855 > URL: https://issues.apache.org/jira/browse/STORM-3855 > Project: Apache Storm > Issue Type: Task > Components: build, documentation, storm-submit-tools >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Python2 was sunset Jan 1, 2020. More details here > https://www.python.org/doc/sunset-python-2/ > Python2 dependence is holding back storm.py from using python3 language > features. > When new storm release is made, independent verifiers cannot install python2 > to verify the release. > https://docs.python.org/3/howto/pyporting.html -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3857) Bump spring-core from 5.3.18 to 5.3.19 in /examples/storm-jms-examples
[ https://issues.apache.org/jira/browse/STORM-3857?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3857. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Bump spring-core from 5.3.18 to 5.3.19 in /examples/storm-jms-examples > -- > > Key: STORM-3857 > URL: https://issues.apache.org/jira/browse/STORM-3857 > Project: Apache Storm > Issue Type: Task > Components: examples >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3858) Bump hadoop-common from 2.8.5 to 2.10.1
[ https://issues.apache.org/jira/browse/STORM-3858?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad closed STORM-3858. --- Resolution: Duplicate > Bump hadoop-common from 2.8.5 to 2.10.1 > --- > > Key: STORM-3858 > URL: https://issues.apache.org/jira/browse/STORM-3858 > Project: Apache Storm > Issue Type: Task >Reporter: Bipin Prasad >Priority: Major > > PR created by dependabot: https://github.com/apache/storm/pull/3468 > Fix license file(s) -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3865) Bump hadoop-common from 2.8.5 to 2.10.1
[ https://issues.apache.org/jira/browse/STORM-3865?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3865. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Bump hadoop-common from 2.8.5 to 2.10.1 > --- > > Key: STORM-3865 > URL: https://issues.apache.org/jira/browse/STORM-3865 > Project: Apache Storm > Issue Type: Task > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Original PR created by dependabot https://github.com/apache/storm/pull/3468 > Requires changed to DEPENDENCY-LICENCES and LICENSE-binary -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3864) Bump gson from 2.8.0 to 2.8.9 in /integration-test
[ https://issues.apache.org/jira/browse/STORM-3864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3864: Fix Version/s: 2.5.0 > Bump gson from 2.8.0 to 2.8.9 in /integration-test > --- > > Key: STORM-3864 > URL: https://issues.apache.org/jira/browse/STORM-3864 > Project: Apache Storm > Issue Type: Task > Components: integration-test >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Change integration-test/pom.xml and DEPENDENCY-LICENSES. > This PR was automatically generated by "dependabot", but license file has to > be manually updated. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3866) Update Rockdb version from 5.18.4 to 6.27.3
[ https://issues.apache.org/jira/browse/STORM-3866?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3866. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Update Rockdb version from 5.18.4 to 6.27.3 > --- > > Key: STORM-3866 > URL: https://issues.apache.org/jira/browse/STORM-3866 > Project: Apache Storm > Issue Type: Task >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > This version of rocksdb is compatible with s390. > https://github.com/apache/storm/pull/3476 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3867) Update Apache MQ to ActiveMQ 5.16.5 (jdk8)
[ https://issues.apache.org/jira/browse/STORM-3867?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3867. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Update Apache MQ to ActiveMQ 5.16.5 (jdk8) > -- > > Key: STORM-3867 > URL: https://issues.apache.org/jira/browse/STORM-3867 > Project: Apache Storm > Issue Type: Task > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Update ActiveMQ version to latest version of Active MQ for JDK8, namely > ActiveMQ 5.16.5. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3868) Bump spring-core from 5.3.19 to 5.3.20 in /examples/storm-jms-examples
[ https://issues.apache.org/jira/browse/STORM-3868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3868. - Fix Version/s: 2.5.0 Resolution: Fixed PR was merged > Bump spring-core from 5.3.19 to 5.3.20 in /examples/storm-jms-examples > -- > > Key: STORM-3868 > URL: https://issues.apache.org/jira/browse/STORM-3868 > Project: Apache Storm > Issue Type: Task > Components: examples >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Bump spring-core from 5.3.19 to 5.3.20 in /examples/storm-jms-examples > Created by dependabot. > PR is https://github.com/apache/storm/pull/3481 > Prior PR for update of version was: https://github.com/apache/storm/pull/3473 > This required additional changes in DEPENDENCY-LICENSES to > {code:java} > * Spring AOP (org.springframework:spring-aop:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Beans (org.springframework:spring-beans:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Commons Logging Bridge > (org.springframework:spring-jcl:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Context (org.springframework:spring-context:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Core (org.springframework:spring-core:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Expression Language (SpEL) > (org.springframework:spring-expression:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring JMS (org.springframework:spring-jms:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Messaging (org.springframework:spring-messaging:5.3.19 - > https://github.com/spring-projects/spring-framework) > * Spring Transaction (org.springframework:spring-tx:5.3.19 - > https://github.com/spring-projects/spring-framework) > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3872) Workaround for build failure with maven version >= 3.8.1
[ https://issues.apache.org/jira/browse/STORM-3872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad closed STORM-3872. --- Resolution: Incomplete > Workaround for build failure with maven version >= 3.8.1 > > > Key: STORM-3872 > URL: https://issues.apache.org/jira/browse/STORM-3872 > Project: Apache Storm > Issue Type: Task > Components: build >Reporter: Bipin Prasad >Assignee: Nikhil Singh >Priority: Major > > When maven version at or above 3.8.1 is used to build storm, the build fails > because repositories with "http" is blocked and only "https" is allowed. > > Fix this by adding .mvn directory workaround, like discussed here > [https://stackoverflow.com/questions/66980047/maven-build-failure-dependencyresolutionexception] > or remove dependency on http repositories. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3872) Workaround for build failure with maven version >= 3.8.1
[ https://issues.apache.org/jira/browse/STORM-3872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3872: Summary: Workaround for build failure with maven version >= 3.8.1 (was: Workaround for build failururr with maven version >= 3.8.1) > Workaround for build failure with maven version >= 3.8.1 > > > Key: STORM-3872 > URL: https://issues.apache.org/jira/browse/STORM-3872 > Project: Apache Storm > Issue Type: Task > Components: build >Reporter: Bipin Prasad >Assignee: Nikhil Singh >Priority: Major > > When maven version at or above 3.8.1 is used to build storm, the build fails > because repositories with "http" is blocked and only "https" is allowed. > > Fix this by adding .mvn directory workaround, like discussed here > [https://stackoverflow.com/questions/66980047/maven-build-failure-dependencyresolutionexception] > or remove dependency on http repositories. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3872) Workaround for build failururr with maven version >= 3.8.1
[ https://issues.apache.org/jira/browse/STORM-3872?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3872: - > Workaround for build failururr with maven version >= 3.8.1 > -- > > Key: STORM-3872 > URL: https://issues.apache.org/jira/browse/STORM-3872 > Project: Apache Storm > Issue Type: Task > Components: build >Reporter: Bipin Prasad >Assignee: Nikhil Singh >Priority: Major > > When maven version at or above 3.8.1 is used to build storm, the build fails > because repositories with "http" is blocked and only "https" is allowed. > > Fix this by adding .mvn directory workaround, like discussed here > [https://stackoverflow.com/questions/66980047/maven-build-failure-dependencyresolutionexception] > or remove dependency on http repositories. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3876) Cannot Compile from Master
[ https://issues.apache.org/jira/browse/STORM-3876?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad closed STORM-3876. --- > Cannot Compile from Master > -- > > Key: STORM-3876 > URL: https://issues.apache.org/jira/browse/STORM-3876 > Project: Apache Storm > Issue Type: Bug > Components: build >Reporter: Joao Bezerra >Assignee: Bipin Prasad >Priority: Blocker > Attachments: image-2022-07-18-18-52-14-827.png > > > After a long search I landed here and wonder if there are any requirements > for compiling and building the master branch (except JDK > 7 ; I use 11). > I have loaded the master branch from Storm into IntelliJ and only get error > messages during the build process running `clean`and `compile` > {code:java} > ... > ... > [INFO] < org.apache.storm:storm-maven-plugins > > > [INFO] Building storm-maven-plugins 2.5.0-SNAPSHOT > [8/68] > [INFO] [ maven-plugin > ] > [INFO] > [INFO] --- maven-enforcer-plugin:1.4.1:enforce (enforce-maven-version) @ > storm-maven-plugins --- > [INFO] > [INFO] --- maven-checkstyle-plugin:3.0.0:check (validate) @ > storm-maven-plugins --- > [INFO] Beginne Prüfung... > Prüfung beendet. > [INFO] > [INFO] --- maven-remote-resources-plugin:1.5:process > (process-resource-bundles) @ storm-maven-plugins --- > [INFO] > [INFO] --- maven-resources-plugin:3.1.0:resources (default-resources) @ > storm-maven-plugins --- > [INFO] Using 'UTF-8' encoding to copy filtered resources. > [INFO] skip non existing resourceDirectory > /home/joao/IdeaProjects/storm/storm-buildtools/storm-maven-plugins/src/main/resources > [INFO] Copying 3 resources > [INFO] > [INFO] --- maven-compiler-plugin:3.7.0:compile (default-compile) @ > storm-maven-plugins --- > [INFO] Changes detected - recompiling the module! > [INFO] Compiling 2 source files to > /home/joao/IdeaProjects/storm/storm-buildtools/storm-maven-plugins/target/classes > [INFO] > [INFO] ---< org.apache.storm:storm-client > > > [INFO] Building Storm Client 2.5.0-SNAPSHOT > [9/68] > [INFO] [ jar > ]- > [INFO] > > [INFO] Reactor Summary for Storm 2.5.0-SNAPSHOT: > [INFO] > [INFO] Storm .. SUCCESS [ 4.470 > s] > [INFO] Apache Storm - Checkstyle .. SUCCESS [ 0.096 > s] > [INFO] Shaded Deps for Storm Client ... SUCCESS [ 0.737 > s] > [INFO] multilang-javascript ... SUCCESS [ 0.101 > s] > [INFO] multilang-python ... SUCCESS [ 0.070 > s] > [INFO] multilang-ruby . SUCCESS [ 0.063 > s] > [INFO] maven-shade-clojure-transformer SUCCESS [ 0.672 > s] > [INFO] storm-maven-plugins SUCCESS [ 0.736 > s] > [INFO] Storm Client ... FAILURE [ 0.015 > s] > [INFO] storm-server ... SKIPPED > [INFO] storm-clojure .. SKIPPED > [INFO] Storm Core . SKIPPED > [INFO] Storm Webapp ... SKIPPED > [INFO] storm-clojure-test . SKIPPED > [INFO] storm-submit-tools . SKIPPED > [INFO] storm-autocreds SKIPPED > [INFO] storm-hdfs . SKIPPED > [INFO] storm-hdfs-blobstore ... SKIPPED > [INFO] storm-hdfs-oci . SKIPPED > [INFO] storm-hbase SKIPPED > [INFO] storm-hive . SKIPPED > [INFO] storm-jdbc . SKIPPED > [INFO] storm-redis SKIPPED > [INFO] storm-eventhubs SKIPPED > [INFO] storm-elasticsearch SKIPPED > [INFO] storm-solr . SKIPPED > [INFO] storm-metrics .. SKIPPED > [INFO] storm-cassandra
[jira] [Updated] (STORM-3890) Update readme document to state usage parameters for KafkaLagUtil
[ https://issues.apache.org/jira/browse/STORM-3890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3890: Fix Version/s: 2.5.0 > Update readme document to state usage parameters for KafkaLagUtil > - > > Key: STORM-3890 > URL: https://issues.apache.org/jira/browse/STORM-3890 > Project: Apache Storm > Issue Type: Documentation > Components: storm-kafka-monitor >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Add usage information in the README -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3891) Change commons.cli version and python
[ https://issues.apache.org/jira/browse/STORM-3891?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3891: Fix Version/s: 2.5.0 > Change commons.cli version and python > - > > Key: STORM-3891 > URL: https://issues.apache.org/jira/browse/STORM-3891 > Project: Apache Storm > Issue Type: Documentation > Components: Flux >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Critical > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > * Flux pulls in common-cli version 1.2 instead of the parent defined default > of 1.4. Change to use default version defined in topo level pom.xml > * python (defaulting to version 2) is no longer in use, change to python3 in > testing. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3886) Adding IgnoreUnrecognizedVMOptions to make worker start with jdk-11
[ https://issues.apache.org/jira/browse/STORM-3886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3886: Fix Version/s: 2.5.0 > Adding IgnoreUnrecognizedVMOptions to make worker start with jdk-11 > --- > > Key: STORM-3886 > URL: https://issues.apache.org/jira/browse/STORM-3886 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > > Fixed in PR [https://github.com/apache/storm/pull/3503] > by [~atulsm] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3889) Bump snakeyaml from 1.26 to 1.32
[ https://issues.apache.org/jira/browse/STORM-3889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3889: Fix Version/s: 2.5.0 > Bump snakeyaml from 1.26 to 1.32 > > > Key: STORM-3889 > URL: https://issues.apache.org/jira/browse/STORM-3889 > Project: Apache Storm > Issue Type: New Feature > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 50m > Remaining Estimate: 0h > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3893) Bump testng from 6.8.5 to 7.7.0 in integration test
[ https://issues.apache.org/jira/browse/STORM-3893?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3893: Fix Version/s: 2.5.0 > Bump testng from 6.8.5 to 7.7.0 in integration test > --- > > Key: STORM-3893 > URL: https://issues.apache.org/jira/browse/STORM-3893 > Project: Apache Storm > Issue Type: Documentation > Components: integration-test >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Dependabot automatic security recommendation: > https://github.com/apache/storm/pull/3517 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3892) Bump testng from 6.8.5 to 7.7.0
[ https://issues.apache.org/jira/browse/STORM-3892?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3892: Fix Version/s: 2.5.0 > Bump testng from 6.8.5 to 7.7.0 > --- > > Key: STORM-3892 > URL: https://issues.apache.org/jira/browse/STORM-3892 > Project: Apache Storm > Issue Type: Documentation > Components: storm-starter >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Dependabot automatic security recommendation: > https://github.com/apache/storm/pull/3515 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3896) Create github actions since Travis is no longer supported
[ https://issues.apache.org/jira/browse/STORM-3896?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad closed STORM-3896. --- Resolution: Duplicate > Create github actions since Travis is no longer supported > - > > Key: STORM-3896 > URL: https://issues.apache.org/jira/browse/STORM-3896 > Project: Apache Storm > Issue Type: New Feature >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3894) Bump snakeyaml from 1.32 to 2.0
[ https://issues.apache.org/jira/browse/STORM-3894?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad closed STORM-3894. --- Resolution: Duplicate > Bump snakeyaml from 1.32 to 2.0 > --- > > Key: STORM-3894 > URL: https://issues.apache.org/jira/browse/STORM-3894 > Project: Apache Storm > Issue Type: Documentation > Components: Flux, storm-client, storm-hdfs, storm-loadgen, > storm-server >Reporter: Bipin Prasad >Priority: Major > Time Spent: 3h > Remaining Estimate: 0h > > Suggestion by dependabot in PR: [https://github.com/apache/storm/pull/3516] > But the compile fails - so further code change is required. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3897) Replace Travis with GitHub Actions
[ https://issues.apache.org/jira/browse/STORM-3897?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3897: - > Replace Travis with GitHub Actions > -- > > Key: STORM-3897 > URL: https://issues.apache.org/jira/browse/STORM-3897 > Project: Apache Storm > Issue Type: Improvement >Reporter: Richard Zowalla >Priority: Major > Time Spent: 1h > Remaining Estimate: 0h > > Travis isn't ASF anymore. We need to migrate -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3897) Replace Travis with GitHub Actions
[ https://issues.apache.org/jira/browse/STORM-3897?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3897. - Fix Version/s: 2.5.0 Resolution: Fixed > Replace Travis with GitHub Actions > -- > > Key: STORM-3897 > URL: https://issues.apache.org/jira/browse/STORM-3897 > Project: Apache Storm > Issue Type: Improvement >Reporter: Richard Zowalla >Priority: Major > Fix For: 2.5.0 > > Time Spent: 1h > Remaining Estimate: 0h > > Travis isn't ASF anymore. We need to migrate -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3913) Upgrade version of ROCKSDB for junit tests on MAC OSX
[ https://issues.apache.org/jira/browse/STORM-3913?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3913: - > Upgrade version of ROCKSDB for junit tests on MAC OSX > - > > Key: STORM-3913 > URL: https://issues.apache.org/jira/browse/STORM-3913 > Project: Apache Storm > Issue Type: Improvement > Components: storm-server >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Time Spent: 1h 20m > Remaining Estimate: 0h > > The current version of ROCKSDB used in storm-server is 6.27.3. > This version of ROCKSDB jar file does not contain the Mac OSX JNI library. As > part of the test, this platform specific JNI in ROCKSDB jar is extracted to a > temporary directory and used. Upgrading to version 8.1.1 fixes several > storm-server tests. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3913) Upgrade version of ROCKSDB for junit tests on MAC OSX
[ https://issues.apache.org/jira/browse/STORM-3913?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3913. - Fix Version/s: 2.5.0 Resolution: Fixed > Upgrade version of ROCKSDB for junit tests on MAC OSX > - > > Key: STORM-3913 > URL: https://issues.apache.org/jira/browse/STORM-3913 > Project: Apache Storm > Issue Type: Improvement > Components: storm-server >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 1h 20m > Remaining Estimate: 0h > > The current version of ROCKSDB used in storm-server is 6.27.3. > This version of ROCKSDB jar file does not contain the Mac OSX JNI library. As > part of the test, this platform specific JNI in ROCKSDB jar is extracted to a > temporary directory and used. Upgrading to version 8.1.1 fixes several > storm-server tests. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3918) Bump snakeyaml from 1.32 to 2.0
[ https://issues.apache.org/jira/browse/STORM-3918?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3918. - Fix Version/s: 2.5.0 Resolution: Fixed > Bump snakeyaml from 1.32 to 2.0 > --- > > Key: STORM-3918 > URL: https://issues.apache.org/jira/browse/STORM-3918 > Project: Apache Storm > Issue Type: Bug > Components: storm-core >Affects Versions: 2.4.0 >Reporter: Alexandre Vermeerbergen >Assignee: Alexandre Vermeerbergen >Priority: Critical > Fix For: 2.5.0 > > > Current snakeyaml version is vulnerable to > [CVE-2022-1471|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471] > which is rated [9.8 > CRITICAL|https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-1471=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H=3.1=NIST] > by NIST. > Trivial fix is to update to snakeyaml 2.0. > I tried to manually replace existing snakeyaml JAR with 2.0 version (but > keeping the same JAR file name to avoid issue with potentially hard coded > CLASSPATH), and then I restarted all Storm related processes (Nimbus, > logview, Supervisor, Nimbus UI...) and deployed some topologies => everything > worked fine > So it looks like a trivial task > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3918) Bump snakeyaml from 1.32 to 2.0
[ https://issues.apache.org/jira/browse/STORM-3918?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3918: - > Bump snakeyaml from 1.32 to 2.0 > --- > > Key: STORM-3918 > URL: https://issues.apache.org/jira/browse/STORM-3918 > Project: Apache Storm > Issue Type: Bug > Components: storm-core >Affects Versions: 2.4.0 >Reporter: Alexandre Vermeerbergen >Assignee: Alexandre Vermeerbergen >Priority: Critical > > Current snakeyaml version is vulnerable to > [CVE-2022-1471|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471] > which is rated [9.8 > CRITICAL|https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-1471=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H=3.1=NIST] > by NIST. > Trivial fix is to update to snakeyaml 2.0. > I tried to manually replace existing snakeyaml JAR with 2.0 version (but > keeping the same JAR file name to avoid issue with potentially hard coded > CLASSPATH), and then I restarted all Storm related processes (Nimbus, > logview, Supervisor, Nimbus UI...) and deployed some topologies => everything > worked fine > So it looks like a trivial task > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3900) Upgrade Cassandra version to avoid depedency on snakeyaml 1.3
[ https://issues.apache.org/jira/browse/STORM-3900?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3900: - > Upgrade Cassandra version to avoid depedency on snakeyaml 1.3 > - > > Key: STORM-3900 > URL: https://issues.apache.org/jira/browse/STORM-3900 > Project: Apache Storm > Issue Type: New Feature >Reporter: Bipin Prasad >Priority: Major > Time Spent: 20m > Remaining Estimate: 0h > > Snakeyaml 1.3 has a security vulnerability. Cassandra version is storm has > pulls in this version. Upgrade Cassandra to a version that uses snakeyaml 2.0. > See Storm snakeyaml 2.0 upgrade in PR: > https://github.com/apache/storm/pull/3523 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3900) Upgrade Cassandra version to avoid depedency on snakeyaml 1.3
[ https://issues.apache.org/jira/browse/STORM-3900?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3900. - Fix Version/s: 2.5.0 Resolution: Fixed > Upgrade Cassandra version to avoid depedency on snakeyaml 1.3 > - > > Key: STORM-3900 > URL: https://issues.apache.org/jira/browse/STORM-3900 > Project: Apache Storm > Issue Type: New Feature >Reporter: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Snakeyaml 1.3 has a security vulnerability. Cassandra version is storm has > pulls in this version. Upgrade Cassandra to a version that uses snakeyaml 2.0. > See Storm snakeyaml 2.0 upgrade in PR: > https://github.com/apache/storm/pull/3523 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3903) Bump commons-fileupload from 1.3.3 to 1.5
[ https://issues.apache.org/jira/browse/STORM-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3903: - > Bump commons-fileupload from 1.3.3 to 1.5 > - > > Key: STORM-3903 > URL: https://issues.apache.org/jira/browse/STORM-3903 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Time Spent: 1h > Remaining Estimate: 0h > > Update suggested by dependabot. > Pull request (dependabot): [https://github.com/apache/storm/pull/3511] > (closed) > Update license files and create a new pull request, since dependabot PR is > not triggering builds. > PR [https://github.com/apache/storm/pull/3529] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Reopened] (STORM-3904) Bump spring-core from 5.3.20 to 5.3.26 in /examples/storm-jms-examples
[ https://issues.apache.org/jira/browse/STORM-3904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reopened STORM-3904: - > Bump spring-core from 5.3.20 to 5.3.26 in /examples/storm-jms-examples > -- > > Key: STORM-3904 > URL: https://issues.apache.org/jira/browse/STORM-3904 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: examples >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > Depedabot PR https://github.com/apache/storm/pull/3529 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3905) Replace Anonymous Inner classs with Lambda in storm-core commands
[ https://issues.apache.org/jira/browse/STORM-3905?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3905: Fix Version/s: 2.5.0 > Replace Anonymous Inner classs with Lambda in storm-core commands > - > > Key: STORM-3905 > URL: https://issues.apache.org/jira/browse/STORM-3905 > Project: Apache Storm > Issue Type: Improvement > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Minor cleanup for anonymous lambda interface with single method. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3903) Bump commons-fileupload from 1.3.3 to 1.5
[ https://issues.apache.org/jira/browse/STORM-3903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3903. - Fix Version/s: 2.5.0 Resolution: Fixed > Bump commons-fileupload from 1.3.3 to 1.5 > - > > Key: STORM-3903 > URL: https://issues.apache.org/jira/browse/STORM-3903 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 1h > Remaining Estimate: 0h > > Update suggested by dependabot. > Pull request (dependabot): [https://github.com/apache/storm/pull/3511] > (closed) > Update license files and create a new pull request, since dependabot PR is > not triggering builds. > PR [https://github.com/apache/storm/pull/3529] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3902) Print summary of difference between expected and actual licenses
[ https://issues.apache.org/jira/browse/STORM-3902?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3902: Fix Version/s: 2.5.0 > Print summary of difference between expected and actual licenses > > > Key: STORM-3902 > URL: https://issues.apache.org/jira/browse/STORM-3902 > Project: Apache Storm > Issue Type: New Feature > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > During the build process, a python script checks the DEPENDENCY-LICENSES file > to ensure that all the licenses have been specified. When this file is not > what is expected, then print a summary of the differences between the > expected and actual file. > Retain the current detail output of the actual and expected files. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3904) Bump spring-core from 5.3.20 to 5.3.26 in /examples/storm-jms-examples
[ https://issues.apache.org/jira/browse/STORM-3904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3904. - Fix Version/s: 2.5.0 Resolution: Fixed > Bump spring-core from 5.3.20 to 5.3.26 in /examples/storm-jms-examples > -- > > Key: STORM-3904 > URL: https://issues.apache.org/jira/browse/STORM-3904 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: examples >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 10m > Remaining Estimate: 0h > > Depedabot PR https://github.com/apache/storm/pull/3529 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3907) Update mockito to version 4.11.0
[ https://issues.apache.org/jira/browse/STORM-3907?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3907: Fix Version/s: 2.5.0 > Update mockito to version 4.11.0 > > > Key: STORM-3907 > URL: https://issues.apache.org/jira/browse/STORM-3907 > Project: Apache Storm > Issue Type: Improvement > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Update mockito to version 4. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3906) Remove use of mockito interal class org.mockito.internal.util.reflection.FieldSetter
[ https://issues.apache.org/jira/browse/STORM-3906?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3906. - Fix Version/s: 2.5.0 Resolution: Fixed PR Merged > Remove use of mockito interal class > org.mockito.internal.util.reflection.FieldSetter > > > Key: STORM-3906 > URL: https://issues.apache.org/jira/browse/STORM-3906 > Project: Apache Storm > Issue Type: Improvement > Components: storm-client >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Class org.mockito.internal.util.reflection.FieldSetter is internal to > Mockito. In mockito version 3, minor update (3.11.2 for example), this > internal class has been removed. > Replace FieldSetter with public classes and methods in mockito. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3908) Increase heap memory for MAVEN_OPTS used in github actions
[ https://issues.apache.org/jira/browse/STORM-3908?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3908. - Fix Version/s: 2.5.0 Resolution: Fixed PR Merged > Increase heap memory for MAVEN_OPTS used in github actions > -- > > Key: STORM-3908 > URL: https://issues.apache.org/jira/browse/STORM-3908 > Project: Apache Storm > Issue Type: Improvement > Components: build >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Github action runner VM have 2 cpu and 7gb memory. Substantially higher than > the Travis machines that were in use earlier. > The MAVEN_OPTS was then set to 1Gb. > > Increase MAVEN_OPTS to avoid out of memory errors that sometimes occurs now > in Github actions. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3909) Use python3 in metrics test
[ https://issues.apache.org/jira/browse/STORM-3909?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3909: Fix Version/s: 2.5.0 > Use python3 in metrics test > --- > > Key: STORM-3909 > URL: https://issues.apache.org/jira/browse/STORM-3909 > Project: Apache Storm > Issue Type: Improvement > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > *storm-core/test/clj/org/apache/storm/metrics_test.clj uses python to run > some test scripts. Change this to use python3.* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3909) Use python3 in metrics test
[ https://issues.apache.org/jira/browse/STORM-3909?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3909. - Resolution: Fixed PR Merged > Use python3 in metrics test > --- > > Key: STORM-3909 > URL: https://issues.apache.org/jira/browse/STORM-3909 > Project: Apache Storm > Issue Type: Improvement > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Time Spent: 20m > Remaining Estimate: 0h > > *storm-core/test/clj/org/apache/storm/metrics_test.clj uses python to run > some test scripts. Change this to use python3.* -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3910) Enhance LOG when rocksdb is used for metric store
[ https://issues.apache.org/jira/browse/STORM-3910?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3910: Fix Version/s: 2.5.0 > Enhance LOG when rocksdb is used for metric store > - > > Key: STORM-3910 > URL: https://issues.apache.org/jira/browse/STORM-3910 > Project: Apache Storm > Issue Type: Improvement > Components: storm-server >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > When rocksdb is used for metric store, environment variable may not be setup > properly for the platform specific JNI library to be loaded. > Change LOG output to provide more useful information when Rocksdb fails to > initialize. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3910) Enhance LOG when rocksdb is used for metric store
[ https://issues.apache.org/jira/browse/STORM-3910?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3910. - Resolution: Fixed PR Merged > Enhance LOG when rocksdb is used for metric store > - > > Key: STORM-3910 > URL: https://issues.apache.org/jira/browse/STORM-3910 > Project: Apache Storm > Issue Type: Improvement > Components: storm-server >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Time Spent: 20m > Remaining Estimate: 0h > > When rocksdb is used for metric store, environment variable may not be setup > properly for the platform specific JNI library to be loaded. > Change LOG output to provide more useful information when Rocksdb fails to > initialize. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3911) Add json-smart dependency to retrieve from maven repo
[ https://issues.apache.org/jira/browse/STORM-3911?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3911: Fix Version/s: 2.5.0 > Add json-smart dependency to retrieve from maven repo > - > > Key: STORM-3911 > URL: https://issues.apache.org/jira/browse/STORM-3911 > Project: Apache Storm > Issue Type: Improvement > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 40m > Remaining Estimate: 0h > > Artifact net.minidev:json-smart:2.3 is pulled in as a transitive dependency > from > org.apache.hadoop:hadoop-auth > --> com.nimbusds:nimbus-jose-jwt > --> com.github.stephenc.jcip:jcip-annotations > But is being downloaded from http://conjars.org/repo which is no longer > active. > Download this directly from maven repository and avoid long build timeouts > due to multiple failed attempts to download from conjars.org. > In order to do download from maven repo, net.minidev:json-smart:2.3 should be > added as a dependency on the pom file. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3912) Pull new carbonite code into storm
[ https://issues.apache.org/jira/browse/STORM-3912?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3912: Fix Version/s: 2.5.0 > Pull new carbonite code into storm > -- > > Key: STORM-3912 > URL: https://issues.apache.org/jira/browse/STORM-3912 > Project: Apache Storm > Issue Type: Improvement > Components: storm-clojure >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 50m > Remaining Estimate: 0h > > The artifact com.twitter.carbonite:1.5 was last changed 10 years ago. The jar > is available from clojars.org and as per pom file, the source code resides in > a personal github repo not affiliated with twitter. > This jar depends on Kryo 3 and has java class format 1.6, and clojure 1.5. > These need to be changed. storm-clohure module depends on carbonite jar to > register classes into Kryo. > Pull the source code into storm-clojure-carbonite so that it can be modified > as long as clojure is supported in Storm. > > Carbonite Code Details: > * Carbonite version 1.5 pom file shows code url as > [https://github.com/sritchie/carbonite.] This code was forked from > [https://github.com/revelytix/carbonite.] Both these are inactive. > * Carbonite version 1.6 resides at > [https://github.com/bipinprasad/carbonite.] This code was forked from > [https://github.com/sritchie/carbonite|https://github.com/sritchie/carbonite.] > (the source for Carbonite 1.5). Version 1.6 was created after changing the > JVM and Kryo and Chill dependencies. The jar was published to > [https://clojars.org.|https://clojars.org./] > * Steps to move code away from personal github account: > ** Fork Code from > [https://github.com/sritchie/carbonite|https://github.com/sritchie/carbonite.] > ** Determine new maven/clojar location for the jar > ** Obtain proper permission for the maven or clojar group (reverse domain) > ** Get userid/publishing and signing key > ** Update project.clj ":repositories" tag. > ** Follow "similar" steps in signing and publishing code as in Storm release > *** create GPG signing key > *** sign the jar and pom files (creating .asc files) > *** use "lein deploy clojars" or "lein deploy maven" to publish > * Carbonite depends on "chill". One open pull request discussion in that > project from Jan 7, 2021 is here [https://github.com/twitter/chill/pull/514] > (Kryo 5). There is some reference to carbonite and Storm. > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3917) Hardcoded worker heapsize in ThroughputVsLatency
[ https://issues.apache.org/jira/browse/STORM-3917?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3917: Fix Version/s: 2.5.0 > Hardcoded worker heapsize in ThroughputVsLatency > - > > Key: STORM-3917 > URL: https://issues.apache.org/jira/browse/STORM-3917 > Project: Apache Storm > Issue Type: Bug > Components: examples >Affects Versions: 2.4.0 >Reporter: Joshua Martell >Assignee: Joshua Martell >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > ThroughputVsLatency adds an explicit 2GB worker heapsize overriding the RAS / > user settings since it's last on the command line. > [https://github.com/apache/storm/blob/master/examples/storm-loadgen/src/main/java/org/apache/storm/loadgen/ThroughputVsLatency.java#L264] > > Allow users to change worker heap size in ThroughputVsLatency example topo. > https://github.com/apache/storm/pull/3542 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3922) Update Acker Related Scheduling Changes
[ https://issues.apache.org/jira/browse/STORM-3922?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3922: Fix Version/s: 2.5.0 > Update Acker Related Scheduling Changes > --- > > Key: STORM-3922 > URL: https://issues.apache.org/jira/browse/STORM-3922 > Project: Apache Storm > Issue Type: Improvement > Components: storm-server >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Separate out Acker related changes to storm-server from Round Robin Strategy -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3920) Update the Secure Storm documentation
[ https://issues.apache.org/jira/browse/STORM-3920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3920: Fix Version/s: 2.5.0 > Update the Secure Storm documentation > - > > Key: STORM-3920 > URL: https://issues.apache.org/jira/browse/STORM-3920 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > Fix For: 2.5.0 > > Time Spent: 20m > Remaining Estimate: 0h > > Update [https://storm.apache.org/releases/2.4.0/SECURITY.html] > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (STORM-3884) Bump calcite-core from 1.14.0 to 1.32.0
[ https://issues.apache.org/jira/browse/STORM-3884?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad updated STORM-3884: Fix Version/s: (was: 2.5.0) > Bump calcite-core from 1.14.0 to 1.32.0 > --- > > Key: STORM-3884 > URL: https://issues.apache.org/jira/browse/STORM-3884 > Project: Apache Storm > Issue Type: Dependency upgrade > Components: storm-sql >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Time Spent: 1h > Remaining Estimate: 0h > > h1. Bump calcite-core from 1.14.0 to 1.32.0 > Also fix this error with 1.32.0 > {code:java} > [INFO] --- fmpp-maven-plugin:1.0:generate (generate-fmpp-sources) @ > storm-sql-core --- > - Executing: Parser.jj > log4j:WARN No appenders could be found for logger (freemarker.cache). > log4j:WARN Please initialize the log4j system properly. > !!! FAILED > [ERROR] FMPP processing session failed. > Caused by: freemarker.core.InvalidReferenceException: The following has > evaluated to null or missing: > ==> default [in template "Parser.jj" at line 1965, column 26] > > Tip: If the failing expression is known to be legally refer to something > that's sometimes null or missing, either specify a default value like > myOptionalVar!myDefault, or use <#if > myOptionalVar??>when-present<#else>when-missing. (These only cover the > last step of the expression; to cover the whole expression, use parenthesis: > (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)?? > > > FTL stack trace ("~" means nesting-related): > - Failed at: #list (parser.joinTypes!default.parse... [in template > "Parser.jj" at line 1965, column 1] > > [INFO] > > [INFO] BUILD FAILURE > [INFO] > > [INFO] Total time: 8.338 s > [INFO] Finished at: 2022-10-21T10:25:31-07:00 {code} > Offending lines in generated Parser.jj (in > target/codegen/templates/Parser.jj) is > {code}{ > ( > LOOKAHEAD(3) // required for "LEFT SEMI JOIN" in Babel > <#list (parser.joinTypes!default.parser.joinTypes) as method> > joinType = ${method}() > | > > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (STORM-3922) Update Acker Related Scheduling Changes
Bipin Prasad created STORM-3922: --- Summary: Update Acker Related Scheduling Changes Key: STORM-3922 URL: https://issues.apache.org/jira/browse/STORM-3922 Project: Apache Storm Issue Type: Improvement Components: storm-server Reporter: Bipin Prasad Separate out Acker related changes to storm-server from Round Robin Strategy -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (STORM-3922) Update Acker Related Scheduling Changes
[ https://issues.apache.org/jira/browse/STORM-3922?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reassigned STORM-3922: --- Assignee: Bipin Prasad > Update Acker Related Scheduling Changes > --- > > Key: STORM-3922 > URL: https://issues.apache.org/jira/browse/STORM-3922 > Project: Apache Storm > Issue Type: Improvement > Components: storm-server >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > > Separate out Acker related changes to storm-server from Round Robin Strategy -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3911) Add json-smart dependency to retrieve from maven repo
[ https://issues.apache.org/jira/browse/STORM-3911?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3911. - Resolution: Fixed PR Merged > Add json-smart dependency to retrieve from maven repo > - > > Key: STORM-3911 > URL: https://issues.apache.org/jira/browse/STORM-3911 > Project: Apache Storm > Issue Type: Improvement > Components: storm-core >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Minor > Time Spent: 40m > Remaining Estimate: 0h > > Artifact net.minidev:json-smart:2.3 is pulled in as a transitive dependency > from > org.apache.hadoop:hadoop-auth > --> com.nimbusds:nimbus-jose-jwt > --> com.github.stephenc.jcip:jcip-annotations > But is being downloaded from http://conjars.org/repo which is no longer > active. > Download this directly from maven repository and avoid long build timeouts > due to multiple failed attempts to download from conjars.org. > In order to do download from maven repo, net.minidev:json-smart:2.3 should be > added as a dependency on the pom file. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3921) Bump spring-core from 5.3.26 to 5.3.27 in /examples/storm-jms-examples
[ https://issues.apache.org/jira/browse/STORM-3921?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3921. - Resolution: Fixed > Bump spring-core from 5.3.26 to 5.3.27 in /examples/storm-jms-examples > -- > > Key: STORM-3921 > URL: https://issues.apache.org/jira/browse/STORM-3921 > Project: Apache Storm > Issue Type: Improvement > Components: storm-jms >Reporter: Bipin Prasad >Assignee: Bipin Prasad >Priority: Major > > Pull Request [https://github.com/apache/storm/pull/3538] created by > Dependabot. > Fix license for successful build. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (STORM-3876) Cannot Compile from Master
[ https://issues.apache.org/jira/browse/STORM-3876?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad resolved STORM-3876. - Resolution: Fixed > Cannot Compile from Master > -- > > Key: STORM-3876 > URL: https://issues.apache.org/jira/browse/STORM-3876 > Project: Apache Storm > Issue Type: Bug > Components: build >Reporter: Joao Bezerra >Assignee: Bipin Prasad >Priority: Blocker > Attachments: image-2022-07-18-18-52-14-827.png > > > After a long search I landed here and wonder if there are any requirements > for compiling and building the master branch (except JDK > 7 ; I use 11). > I have loaded the master branch from Storm into IntelliJ and only get error > messages during the build process running `clean`and `compile` > {code:java} > ... > ... > [INFO] < org.apache.storm:storm-maven-plugins > > > [INFO] Building storm-maven-plugins 2.5.0-SNAPSHOT > [8/68] > [INFO] [ maven-plugin > ] > [INFO] > [INFO] --- maven-enforcer-plugin:1.4.1:enforce (enforce-maven-version) @ > storm-maven-plugins --- > [INFO] > [INFO] --- maven-checkstyle-plugin:3.0.0:check (validate) @ > storm-maven-plugins --- > [INFO] Beginne Prüfung... > Prüfung beendet. > [INFO] > [INFO] --- maven-remote-resources-plugin:1.5:process > (process-resource-bundles) @ storm-maven-plugins --- > [INFO] > [INFO] --- maven-resources-plugin:3.1.0:resources (default-resources) @ > storm-maven-plugins --- > [INFO] Using 'UTF-8' encoding to copy filtered resources. > [INFO] skip non existing resourceDirectory > /home/joao/IdeaProjects/storm/storm-buildtools/storm-maven-plugins/src/main/resources > [INFO] Copying 3 resources > [INFO] > [INFO] --- maven-compiler-plugin:3.7.0:compile (default-compile) @ > storm-maven-plugins --- > [INFO] Changes detected - recompiling the module! > [INFO] Compiling 2 source files to > /home/joao/IdeaProjects/storm/storm-buildtools/storm-maven-plugins/target/classes > [INFO] > [INFO] ---< org.apache.storm:storm-client > > > [INFO] Building Storm Client 2.5.0-SNAPSHOT > [9/68] > [INFO] [ jar > ]- > [INFO] > > [INFO] Reactor Summary for Storm 2.5.0-SNAPSHOT: > [INFO] > [INFO] Storm .. SUCCESS [ 4.470 > s] > [INFO] Apache Storm - Checkstyle .. SUCCESS [ 0.096 > s] > [INFO] Shaded Deps for Storm Client ... SUCCESS [ 0.737 > s] > [INFO] multilang-javascript ... SUCCESS [ 0.101 > s] > [INFO] multilang-python ... SUCCESS [ 0.070 > s] > [INFO] multilang-ruby . SUCCESS [ 0.063 > s] > [INFO] maven-shade-clojure-transformer SUCCESS [ 0.672 > s] > [INFO] storm-maven-plugins SUCCESS [ 0.736 > s] > [INFO] Storm Client ... FAILURE [ 0.015 > s] > [INFO] storm-server ... SKIPPED > [INFO] storm-clojure .. SKIPPED > [INFO] Storm Core . SKIPPED > [INFO] Storm Webapp ... SKIPPED > [INFO] storm-clojure-test . SKIPPED > [INFO] storm-submit-tools . SKIPPED > [INFO] storm-autocreds SKIPPED > [INFO] storm-hdfs . SKIPPED > [INFO] storm-hdfs-blobstore ... SKIPPED > [INFO] storm-hdfs-oci . SKIPPED > [INFO] storm-hbase SKIPPED > [INFO] storm-hive . SKIPPED > [INFO] storm-jdbc . SKIPPED > [INFO] storm-redis SKIPPED > [INFO] storm-eventhubs SKIPPED > [INFO] storm-elasticsearch SKIPPED > [INFO] storm-solr . SKIPPED > [INFO] storm-metrics .. SKIPPED &
[jira] [Created] (STORM-3921) Bump spring-core from 5.3.26 to 5.3.27 in /examples/storm-jms-examples
Bipin Prasad created STORM-3921: --- Summary: Bump spring-core from 5.3.26 to 5.3.27 in /examples/storm-jms-examples Key: STORM-3921 URL: https://issues.apache.org/jira/browse/STORM-3921 Project: Apache Storm Issue Type: Improvement Components: storm-jms Reporter: Bipin Prasad Assignee: Bipin Prasad Pull Request [https://github.com/apache/storm/pull/3538] created by Dependabot. Fix license for successful build. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (STORM-3876) Cannot Compile from Master
[ https://issues.apache.org/jira/browse/STORM-3876?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Bipin Prasad reassigned STORM-3876: --- Assignee: Bipin Prasad > Cannot Compile from Master > -- > > Key: STORM-3876 > URL: https://issues.apache.org/jira/browse/STORM-3876 > Project: Apache Storm > Issue Type: Bug > Components: build >Reporter: Joao Bezerra >Assignee: Bipin Prasad >Priority: Blocker > Attachments: image-2022-07-18-18-52-14-827.png > > > After a long search I landed here and wonder if there are any requirements > for compiling and building the master branch (except JDK > 7 ; I use 11). > I have loaded the master branch from Storm into IntelliJ and only get error > messages during the build process running `clean`and `compile` > {code:java} > ... > ... > [INFO] < org.apache.storm:storm-maven-plugins > > > [INFO] Building storm-maven-plugins 2.5.0-SNAPSHOT > [8/68] > [INFO] [ maven-plugin > ] > [INFO] > [INFO] --- maven-enforcer-plugin:1.4.1:enforce (enforce-maven-version) @ > storm-maven-plugins --- > [INFO] > [INFO] --- maven-checkstyle-plugin:3.0.0:check (validate) @ > storm-maven-plugins --- > [INFO] Beginne Prüfung... > Prüfung beendet. > [INFO] > [INFO] --- maven-remote-resources-plugin:1.5:process > (process-resource-bundles) @ storm-maven-plugins --- > [INFO] > [INFO] --- maven-resources-plugin:3.1.0:resources (default-resources) @ > storm-maven-plugins --- > [INFO] Using 'UTF-8' encoding to copy filtered resources. > [INFO] skip non existing resourceDirectory > /home/joao/IdeaProjects/storm/storm-buildtools/storm-maven-plugins/src/main/resources > [INFO] Copying 3 resources > [INFO] > [INFO] --- maven-compiler-plugin:3.7.0:compile (default-compile) @ > storm-maven-plugins --- > [INFO] Changes detected - recompiling the module! > [INFO] Compiling 2 source files to > /home/joao/IdeaProjects/storm/storm-buildtools/storm-maven-plugins/target/classes > [INFO] > [INFO] ---< org.apache.storm:storm-client > > > [INFO] Building Storm Client 2.5.0-SNAPSHOT > [9/68] > [INFO] [ jar > ]- > [INFO] > > [INFO] Reactor Summary for Storm 2.5.0-SNAPSHOT: > [INFO] > [INFO] Storm .. SUCCESS [ 4.470 > s] > [INFO] Apache Storm - Checkstyle .. SUCCESS [ 0.096 > s] > [INFO] Shaded Deps for Storm Client ... SUCCESS [ 0.737 > s] > [INFO] multilang-javascript ... SUCCESS [ 0.101 > s] > [INFO] multilang-python ... SUCCESS [ 0.070 > s] > [INFO] multilang-ruby . SUCCESS [ 0.063 > s] > [INFO] maven-shade-clojure-transformer SUCCESS [ 0.672 > s] > [INFO] storm-maven-plugins SUCCESS [ 0.736 > s] > [INFO] Storm Client ... FAILURE [ 0.015 > s] > [INFO] storm-server ... SKIPPED > [INFO] storm-clojure .. SKIPPED > [INFO] Storm Core . SKIPPED > [INFO] Storm Webapp ... SKIPPED > [INFO] storm-clojure-test . SKIPPED > [INFO] storm-submit-tools . SKIPPED > [INFO] storm-autocreds SKIPPED > [INFO] storm-hdfs . SKIPPED > [INFO] storm-hdfs-blobstore ... SKIPPED > [INFO] storm-hdfs-oci . SKIPPED > [INFO] storm-hbase SKIPPED > [INFO] storm-hive . SKIPPED > [INFO] storm-jdbc . SKIPPED > [INFO] storm-redis SKIPPED > [INFO] storm-eventhubs SKIPPED > [INFO] storm-elasticsearch SKIPPED > [INFO] storm-solr . SKIPPED > [INFO] storm-metrics .. SKIPPED &
[jira] [Resolved] (STORM-3920) Update the Secure Storm documentation
[ https://issues.apache.org/jira/browse/STORM-3920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Xin Wang resolved STORM-3920. - Resolution: Fixed Thanks [~snikhil5] Merged into master. > Update the Secure Storm documentation > - > > Key: STORM-3920 > URL: https://issues.apache.org/jira/browse/STORM-3920 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > Time Spent: 20m > Remaining Estimate: 0h > > Update [https://storm.apache.org/releases/2.4.0/SECURITY.html] > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Assigned] (STORM-3920) Update the Secure Storm documentation
[ https://issues.apache.org/jira/browse/STORM-3920?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Nikhil Singh reassigned STORM-3920: --- Assignee: Nikhil Singh > Update the Secure Storm documentation > - > > Key: STORM-3920 > URL: https://issues.apache.org/jira/browse/STORM-3920 > Project: Apache Storm > Issue Type: Improvement >Reporter: Nikhil Singh >Assignee: Nikhil Singh >Priority: Minor > > Update [https://storm.apache.org/releases/2.4.0/SECURITY.html] > -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (STORM-3920) Update the Secure Storm documentation
Nikhil Singh created STORM-3920: --- Summary: Update the Secure Storm documentation Key: STORM-3920 URL: https://issues.apache.org/jira/browse/STORM-3920 Project: Apache Storm Issue Type: Improvement Reporter: Nikhil Singh Update [https://storm.apache.org/releases/2.4.0/SECURITY.html] -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (STORM-3919) Upgrade Hadoop to version 3
Bipin Prasad created STORM-3919: --- Summary: Upgrade Hadoop to version 3 Key: STORM-3919 URL: https://issues.apache.org/jira/browse/STORM-3919 Project: Apache Storm Issue Type: Improvement Components: storm-core Reporter: Bipin Prasad There are several fixes and enhancements in Hadoop version 3.0.0 that Storm can benefit from. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Closed] (STORM-3918) Bump snakeyaml from 1.32 to 2.0
[ https://issues.apache.org/jira/browse/STORM-3918?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Alexandre Vermeerbergen closed STORM-3918. -- Resolution: Fixed Sorry for duplicate JIRA > Bump snakeyaml from 1.32 to 2.0 > --- > > Key: STORM-3918 > URL: https://issues.apache.org/jira/browse/STORM-3918 > Project: Apache Storm > Issue Type: Bug > Components: storm-core >Affects Versions: 2.4.0 >Reporter: Alexandre Vermeerbergen >Assignee: Alexandre Vermeerbergen >Priority: Critical > > Current snakeyaml version is vulnerable to > [CVE-2022-1471|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471] > which is rated [9.8 > CRITICAL|https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-1471=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H=3.1=NIST] > by NIST. > Trivial fix is to update to snakeyaml 2.0. > I tried to manually replace existing snakeyaml JAR with 2.0 version (but > keeping the same JAR file name to avoid issue with potentially hard coded > CLASSPATH), and then I restarted all Storm related processes (Nimbus, > logview, Supervisor, Nimbus UI...) and deployed some topologies => everything > worked fine > So it looks like a trivial task > -- This message was sent by Atlassian Jira (v8.20.10#820010)