This is an automated email from the ASF dual-hosted git repository. technoboy pushed a commit to branch branch-2.9 in repository https://gitbox.apache.org/repos/asf/pulsar.git
The following commit(s) were added to refs/heads/branch-2.9 by this push: new 57b18e4f182 [improve][build] Upgrade dependencies to reduce CVE (#20228) 57b18e4f182 is described below commit 57b18e4f1825470a4816a56c69d2da7895980e49 Author: Jiwei Guo <techno...@apache.org> AuthorDate: Mon May 8 10:00:16 2023 +0800 [improve][build] Upgrade dependencies to reduce CVE (#20228) --- distribution/server/src/assemble/LICENSE.bin.txt | 70 +++++++++++----------- pom.xml | 21 ++++--- pulsar-io/canal/pom.xml | 43 ++++++++++++- pulsar-io/flume/pom.xml | 8 ++- pulsar-io/hdfs2/pom.xml | 2 +- .../apache/pulsar/io/hdfs2/AbstractHdfsConfig.java | 2 +- .../pulsar/io/hdfs2/AbstractHdfsConnector.java | 2 +- .../pulsar/io/hdfs2/sink/HdfsAbstractSink.java | 2 +- .../pulsar/io/hdfs2/sink/HdfsSinkConfig.java | 2 +- pulsar-io/hdfs3/pom.xml | 2 +- .../apache/pulsar/io/hdfs3/AbstractHdfsConfig.java | 2 +- .../pulsar/io/hdfs3/AbstractHdfsConnector.java | 2 +- .../pulsar/io/hdfs3/sink/HdfsAbstractSink.java | 2 +- .../pulsar/io/hdfs3/sink/HdfsSinkConfig.java | 2 +- pulsar-sql/presto-distribution/LICENSE | 64 ++++++++++---------- pulsar-sql/presto-pulsar/pom.xml | 22 +++++++ tiered-storage/file-system/pom.xml | 9 +++ 17 files changed, 171 insertions(+), 86 deletions(-) diff --git a/distribution/server/src/assemble/LICENSE.bin.txt b/distribution/server/src/assemble/LICENSE.bin.txt index 7803532c882..9395cb42829 100644 --- a/distribution/server/src/assemble/LICENSE.bin.txt +++ b/distribution/server/src/assemble/LICENSE.bin.txt @@ -312,14 +312,14 @@ The Apache Software License, Version 2.0 * JCommander -- com.beust-jcommander-1.78.jar * High Performance Primitive Collections for Java -- com.carrotsearch-hppc-0.7.3.jar * Jackson - - com.fasterxml.jackson.core-jackson-annotations-2.13.4.jar - - com.fasterxml.jackson.core-jackson-core-2.13.4.jar - - com.fasterxml.jackson.core-jackson-databind-2.13.4.2.jar - - com.fasterxml.jackson.dataformat-jackson-dataformat-yaml-2.13.4.jar - - com.fasterxml.jackson.jaxrs-jackson-jaxrs-base-2.13.4.jar - - com.fasterxml.jackson.jaxrs-jackson-jaxrs-json-provider-2.13.4.jar - - com.fasterxml.jackson.module-jackson-module-jaxb-annotations-2.13.4.jar - - com.fasterxml.jackson.module-jackson-module-jsonSchema-2.13.4.jar + - com.fasterxml.jackson.core-jackson-annotations-2.14.2.jar + - com.fasterxml.jackson.core-jackson-core-2.14.2.jar + - com.fasterxml.jackson.core-jackson-databind-2.14.2.jar + - com.fasterxml.jackson.dataformat-jackson-dataformat-yaml-2.14.2.jar + - com.fasterxml.jackson.jaxrs-jackson-jaxrs-base-2.14.2.jar + - com.fasterxml.jackson.jaxrs-jackson-jaxrs-json-provider-2.14.2.jar + - com.fasterxml.jackson.module-jackson-module-jaxb-annotations-2.14.2.jar + - com.fasterxml.jackson.module-jackson-module-jsonSchema-2.14.2.jar * Caffeine -- com.github.ben-manes.caffeine-caffeine-2.9.1.jar * Conscrypt -- org.conscrypt-conscrypt-openjdk-uber-2.5.2.jar * Proto Google Common Protos -- com.google.api.grpc-proto-google-common-protos-2.0.1.jar @@ -334,9 +334,9 @@ The Apache Software License, Version 2.0 * J2ObjC Annotations -- com.google.j2objc-j2objc-annotations-1.3.jar * Netty Reactive Streams -- com.typesafe.netty-netty-reactive-streams-2.0.6.jar * Swagger - - io.swagger-swagger-annotations-1.6.2.jar - - io.swagger-swagger-core-1.6.2.jar - - io.swagger-swagger-models-1.6.2.jar + - io.swagger-swagger-annotations-1.6.10.jar + - io.swagger-swagger-core-1.6.10.jar + - io.swagger-swagger-models-1.6.10.jar * DataSketches - com.yahoo.datasketches-memory-0.8.3.jar - com.yahoo.datasketches-sketches-core-0.8.3.jar @@ -430,26 +430,26 @@ The Apache Software License, Version 2.0 - org.asynchttpclient-async-http-client-2.12.1.jar - org.asynchttpclient-async-http-client-netty-utils-2.12.1.jar * Jetty - - org.eclipse.jetty-jetty-client-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-continuation-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-http-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-io-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-proxy-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-security-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-server-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-servlet-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-servlets-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-util-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-util-ajax-9.4.48.v20220622.jar - - org.eclipse.jetty.websocket-javax-websocket-client-impl-9.4.48.v20220622.jar - - org.eclipse.jetty.websocket-websocket-api-9.4.48.v20220622.jar - - org.eclipse.jetty.websocket-websocket-client-9.4.48.v20220622.jar - - org.eclipse.jetty.websocket-websocket-common-9.4.48.v20220622.jar - - org.eclipse.jetty.websocket-websocket-server-9.4.48.v20220622.jar - - org.eclipse.jetty.websocket-websocket-servlet-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-alpn-conscrypt-server-9.4.48.v20220622.jar - - org.eclipse.jetty-jetty-alpn-server-9.4.48.v20220622.jar - * SnakeYaml -- org.yaml-snakeyaml-1.32.jar + - org.eclipse.jetty-jetty-client-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-continuation-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-http-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-io-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-proxy-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-security-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-server-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-servlet-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-servlets-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-util-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-util-ajax-9.4.51.v20230217.jar + - org.eclipse.jetty.websocket-javax-websocket-client-impl-9.4.51.v20230217.jar + - org.eclipse.jetty.websocket-websocket-api-9.4.51.v20230217.jar + - org.eclipse.jetty.websocket-websocket-client-9.4.51.v20230217.jar + - org.eclipse.jetty.websocket-websocket-common-9.4.51.v20230217.jar + - org.eclipse.jetty.websocket-websocket-server-9.4.51.v20230217.jar + - org.eclipse.jetty.websocket-websocket-servlet-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-alpn-conscrypt-server-9.4.51.v20230217.jar + - org.eclipse.jetty-jetty-alpn-server-9.4.51.v20230217.jar + * SnakeYaml -- org.yaml-snakeyaml-2.0.jar * RocksDB - org.rocksdb-rocksdbjni-6.29.4.1.jar * Google Error Prone Annotations - com.google.errorprone-error_prone_annotations-2.5.1.jar * Apache Thrift - org.apache.thrift-libthrift-0.14.2.jar @@ -459,10 +459,10 @@ The Apache Software License, Version 2.0 * Okio - com.squareup.okio-okio-2.8.0.jar * Javassist -- org.javassist-javassist-3.25.0-GA.jar * Kotlin Standard Lib - - org.jetbrains.kotlin-kotlin-stdlib-1.4.32.jar - - org.jetbrains.kotlin-kotlin-stdlib-common-1.4.32.jar - - org.jetbrains.kotlin-kotlin-stdlib-jdk7-1.4.32.jar - - org.jetbrains.kotlin-kotlin-stdlib-jdk8-1.4.32.jar + - org.jetbrains.kotlin-kotlin-stdlib-1.6.0.jar + - org.jetbrains.kotlin-kotlin-stdlib-common-1.6.0.jar + - org.jetbrains.kotlin-kotlin-stdlib-jdk7-1.6.0.jar + - org.jetbrains.kotlin-kotlin-stdlib-jdk8-1.6.0.jar - org.jetbrains-annotations-13.0.jar * gRPC - io.grpc-grpc-all-1.45.1.jar diff --git a/pom.xml b/pom.xml index ab254acc3dd..75d4734956c 100644 --- a/pom.xml +++ b/pom.xml @@ -102,7 +102,7 @@ flexible messaging model and an intuitive client API.</description> <!-- apache commons --> <commons-compress.version>1.21</commons-compress.version> - <snakeyaml.version>1.32</snakeyaml.version> + <snakeyaml.version>2.0</snakeyaml.version> <bookkeeper.version>4.14.7</bookkeeper.version> <zookeeper.version>3.6.3</zookeeper.version> <commons-cli.version>1.5.0</commons-cli.version> @@ -111,7 +111,7 @@ flexible messaging model and an intuitive client API.</description> <curator.version>5.1.0</curator.version> <netty.version>4.1.87.Final</netty.version> <netty-tc-native.version>2.0.56.Final</netty-tc-native.version> - <jetty.version>9.4.48.v20220622</jetty.version> + <jetty.version>9.4.51.v20230217</jetty.version> <conscrypt.version>2.5.2</conscrypt.version> <jersey.version>2.34</jersey.version> <athenz.version>1.10.9</athenz.version> @@ -123,9 +123,9 @@ flexible messaging model and an intuitive client API.</description> <log4j2.version>2.18.0</log4j2.version> <bouncycastle.version>1.69</bouncycastle.version> <bouncycastlefips.version>1.0.2</bouncycastlefips.version> - <jackson.version>2.13.4.20221013</jackson.version> + <jackson.version>2.14.2</jackson.version> <reflections.version>0.9.11</reflections.version> - <swagger.version>1.6.2</swagger.version> + <swagger.version>1.6.10</swagger.version> <puppycrawl.checkstyle.version>8.37</puppycrawl.checkstyle.version> <dockerfile-maven.version>1.4.13</dockerfile-maven.version> <typetools.version>0.5.0</typetools.version> @@ -179,6 +179,7 @@ flexible messaging model and an intuitive client API.</description> <commons-configuration.version>1.10</commons-configuration.version> <commons-io.version>2.8.0</commons-io.version> <commons-codec.version>1.15</commons-codec.version> + <commons-net.version>3.9.0</commons-net.version> <javax.ws.rs-api.version>2.1</javax.ws.rs-api.version> <hdrHistogram.version>2.1.9</hdrHistogram.version> <javax.servlet-api>3.1.0</javax.servlet-api> @@ -201,10 +202,10 @@ flexible messaging model and an intuitive client API.</description> <!-- use okio version that matches the okhttp3 version --> <okio.version>2.8.0</okio.version> <!-- override kotlin-stdlib used by okio in order to address CVE-2020-29582 --> - <kotlin-stdlib.version>1.4.32</kotlin-stdlib.version> + <kotlin-stdlib.version>1.6.0</kotlin-stdlib.version> <nsq-client.version>1.0</nsq-client.version> <cron-utils.version>9.1.6</cron-utils.version> - <spring-context.version>5.3.19</spring-context.version> + <spring-context.version>5.3.27</spring-context.version> <apache-http-client.version>4.5.13</apache-http-client.version> <seancfoley.ipaddress.version>5.3.3</seancfoley.ipaddress.version> <netty-reactive-streams.version>2.0.6</netty-reactive-streams.version> @@ -226,7 +227,7 @@ flexible messaging model and an intuitive client API.</description> <skyscreamer.version>1.5.0</skyscreamer.version> <objenesis.version>3.1</objenesis.version> <awaitility.version>4.0.3</awaitility.version> - <jettison.version>1.5.3</jettison.version> + <jettison.version>1.5.4</jettison.version> <woodstox.version>5.4.0</woodstox.version> <!-- Plugin dependencies --> @@ -662,6 +663,12 @@ flexible messaging model and an intuitive client API.</description> <version>${commons-lang3.version}</version> </dependency> + <dependency> + <groupId>commons-net</groupId> + <artifactId>commons-net</artifactId> + <version>${commons-net.version}</version> + </dependency> + <dependency> <groupId>org.apache.commons</groupId> <artifactId>commons-compress</artifactId> diff --git a/pulsar-io/canal/pom.xml b/pulsar-io/canal/pom.xml index f1e601dc0da..ceee66a9e98 100644 --- a/pulsar-io/canal/pom.xml +++ b/pulsar-io/canal/pom.xml @@ -55,12 +55,53 @@ <dependency> <groupId>com.alibaba</groupId> <artifactId>fastjson</artifactId> - <version>1.2.73</version> + <version>1.2.83</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-core</artifactId> + <version>${spring-context.version}</version> + </dependency> + <dependency> + <groupId>org.springframework</groupId> + <artifactId>spring-beans</artifactId> + <version>${spring-context.version}</version> + </dependency> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + <version>1.2.9</version> </dependency> <dependency> <groupId>com.alibaba.otter</groupId> <artifactId>canal.client</artifactId> <version>1.1.4</version> + <exclusions> + <exclusion> + <artifactId>spring-aop</artifactId> + <groupId>org.springframework</groupId> + </exclusion> + <exclusion> + <artifactId>spring-beans</artifactId> + <groupId>org.springframework</groupId> + </exclusion> + <exclusion> + <artifactId>spring-jdbc</artifactId> + <groupId>org.springframework</groupId> + </exclusion> + <exclusion> + <artifactId>spring-orm</artifactId> + <groupId>org.springframework</groupId> + </exclusion> + <exclusion> + <artifactId>spring-tx</artifactId> + <groupId>org.springframework</groupId> + </exclusion> + <exclusion> + <artifactId>spring-expression</artifactId> + <groupId>org.springframework</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.apache.logging.log4j</groupId> diff --git a/pulsar-io/flume/pom.xml b/pulsar-io/flume/pom.xml index e95c79e2ac3..217993f861f 100644 --- a/pulsar-io/flume/pom.xml +++ b/pulsar-io/flume/pom.xml @@ -72,6 +72,12 @@ <groupId>org.apache.avro</groupId> <artifactId>avro-ipc</artifactId> <version>1.8.1</version> + <exclusions> + <exclusion> + <artifactId>netty</artifactId> + <groupId>io.netty</groupId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.apache.curator</groupId> @@ -106,7 +112,7 @@ <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>18.0</version> + <version>30.0-jre</version> </dependency> </dependencies> diff --git a/pulsar-io/hdfs2/pom.xml b/pulsar-io/hdfs2/pom.xml index 7ea2c41adec..b1ae9c1140a 100644 --- a/pulsar-io/hdfs2/pom.xml +++ b/pulsar-io/hdfs2/pom.xml @@ -48,7 +48,7 @@ <dependency> <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-client</artifactId> - <version>2.8.5</version> + <version>3.2.3</version> <exclusions> <exclusion> <groupId>log4j</groupId> diff --git a/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/AbstractHdfsConfig.java b/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/AbstractHdfsConfig.java index 316d7a86098..792ef95d72c 100644 --- a/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/AbstractHdfsConfig.java +++ b/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/AbstractHdfsConfig.java @@ -23,7 +23,7 @@ import java.io.Serializable; import lombok.Data; import lombok.experimental.Accessors; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; /** * Configuration object for all HDFS components. diff --git a/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/AbstractHdfsConnector.java b/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/AbstractHdfsConnector.java index 456d0e5bc87..2fd15fcf082 100644 --- a/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/AbstractHdfsConnector.java +++ b/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/AbstractHdfsConnector.java @@ -32,7 +32,7 @@ import java.util.concurrent.atomic.AtomicReference; import javax.net.SocketFactory; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.FileSystem; import org.apache.hadoop.fs.Path; diff --git a/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/sink/HdfsAbstractSink.java b/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/sink/HdfsAbstractSink.java index 1d2096d620d..03a52ec1077 100644 --- a/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/sink/HdfsAbstractSink.java +++ b/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/sink/HdfsAbstractSink.java @@ -27,7 +27,7 @@ import java.util.concurrent.LinkedBlockingQueue; import lombok.extern.slf4j.Slf4j; import org.apache.commons.io.FilenameUtils; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.hadoop.fs.FSDataOutputStream; import org.apache.hadoop.fs.FileSystem; import org.apache.hadoop.fs.Path; diff --git a/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/sink/HdfsSinkConfig.java b/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/sink/HdfsSinkConfig.java index 2af24fcd83e..195f29acdde 100644 --- a/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/sink/HdfsSinkConfig.java +++ b/pulsar-io/hdfs2/src/main/java/org/apache/pulsar/io/hdfs2/sink/HdfsSinkConfig.java @@ -32,7 +32,7 @@ import lombok.Data; import lombok.EqualsAndHashCode; import lombok.experimental.Accessors; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.pulsar.io.hdfs2.AbstractHdfsConfig; /** diff --git a/pulsar-io/hdfs3/pom.xml b/pulsar-io/hdfs3/pom.xml index 7897a828c0e..1c109c5326e 100644 --- a/pulsar-io/hdfs3/pom.xml +++ b/pulsar-io/hdfs3/pom.xml @@ -48,7 +48,7 @@ <dependency> <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-client</artifactId> - <version>3.1.1</version> + <version>3.2.3</version> <exclusions> <exclusion> <groupId>jakarta.activation</groupId> diff --git a/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/AbstractHdfsConfig.java b/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/AbstractHdfsConfig.java index ac6506fcfb2..510404f423c 100644 --- a/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/AbstractHdfsConfig.java +++ b/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/AbstractHdfsConfig.java @@ -23,7 +23,7 @@ import java.io.Serializable; import lombok.Data; import lombok.experimental.Accessors; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; /** * Configuration object for all HDFS components. diff --git a/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/AbstractHdfsConnector.java b/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/AbstractHdfsConnector.java index dfe883374d9..270f7c44f70 100644 --- a/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/AbstractHdfsConnector.java +++ b/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/AbstractHdfsConnector.java @@ -32,7 +32,7 @@ import java.util.concurrent.atomic.AtomicReference; import javax.net.SocketFactory; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.hadoop.conf.Configuration; import org.apache.hadoop.fs.FileSystem; import org.apache.hadoop.fs.Path; diff --git a/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/sink/HdfsAbstractSink.java b/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/sink/HdfsAbstractSink.java index 642c07d77c7..c83c4c4d7b4 100644 --- a/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/sink/HdfsAbstractSink.java +++ b/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/sink/HdfsAbstractSink.java @@ -24,7 +24,7 @@ import java.util.concurrent.BlockingQueue; import java.util.concurrent.LinkedBlockingQueue; import org.apache.commons.io.FilenameUtils; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.hadoop.fs.FSDataOutputStream; import org.apache.hadoop.fs.FSDataOutputStreamBuilder; import org.apache.hadoop.fs.FileSystem; diff --git a/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/sink/HdfsSinkConfig.java b/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/sink/HdfsSinkConfig.java index a35c6e3c33b..6ca59c0525b 100644 --- a/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/sink/HdfsSinkConfig.java +++ b/pulsar-io/hdfs3/src/main/java/org/apache/pulsar/io/hdfs3/sink/HdfsSinkConfig.java @@ -30,7 +30,7 @@ import lombok.Data; import lombok.EqualsAndHashCode; import lombok.experimental.Accessors; -import org.apache.commons.lang.StringUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.pulsar.io.hdfs3.AbstractHdfsConfig; /** diff --git a/pulsar-sql/presto-distribution/LICENSE b/pulsar-sql/presto-distribution/LICENSE index 9d71d24e68e..ed80b2eed6f 100644 --- a/pulsar-sql/presto-distribution/LICENSE +++ b/pulsar-sql/presto-distribution/LICENSE @@ -207,19 +207,19 @@ This projects includes binary packages with the following licenses: The Apache Software License, Version 2.0 * Jackson - - jackson-annotations-2.13.4.jar - - jackson-core-2.13.4.jar - - jackson-databind-2.13.4.2.jar - - jackson-dataformat-smile-2.13.4.jar - - jackson-datatype-guava-2.13.4.jar - - jackson-datatype-jdk8-2.13.4.jar - - jackson-datatype-joda-2.13.4.jar - - jackson-datatype-jsr310-2.13.4.jar - - jackson-dataformat-yaml-2.13.4.jar - - jackson-jaxrs-base-2.13.4.jar - - jackson-jaxrs-json-provider-2.13.4.jar - - jackson-module-jaxb-annotations-2.13.4.jar - - jackson-module-jsonSchema-2.13.4.jar + - jackson-annotations-2.14.2.jar + - jackson-core-2.14.2.jar + - jackson-databind-2.14.2.jar + - jackson-dataformat-smile-2.14.2.jar + - jackson-datatype-guava-2.14.2.jar + - jackson-datatype-jdk8-2.14.2.jar + - jackson-datatype-joda-2.14.2.jar + - jackson-datatype-jsr310-2.14.2.jar + - jackson-dataformat-yaml-2.14.2.jar + - jackson-jaxrs-base-2.14.2.jar + - jackson-jaxrs-json-provider-2.14.2.jar + - jackson-module-jaxb-annotations-2.14.2.jar + - jackson-module-jsonSchema-2.14.2.jar * Guava - guava-30.1-jre.jar - listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar @@ -259,22 +259,22 @@ The Apache Software License, Version 2.0 * Joda Time - joda-time-2.10.5.jar * Jetty - - http2-client-9.4.48.v20220622.jar - - http2-common-9.4.48.v20220622.jar - - http2-hpack-9.4.48.v20220622.jar - - http2-http-client-transport-9.4.48.v20220622.jar - - jetty-alpn-client-9.4.48.v20220622.jar - - http2-server-9.4.48.v20220622.jar - - jetty-alpn-java-client-9.4.48.v20220622.jar - - jetty-client-9.4.48.v20220622.jar - - jetty-http-9.4.48.v20220622.jar - - jetty-io-9.4.48.v20220622.jar - - jetty-jmx-9.4.48.v20220622.jar - - jetty-security-9.4.48.v20220622.jar - - jetty-server-9.4.48.v20220622.jar - - jetty-servlet-9.4.48.v20220622.jar - - jetty-util-9.4.48.v20220622.jar - - jetty-util-ajax-9.4.48.v20220622.jar + - http2-client-9.4.51.v20230217.jar + - http2-common-9.4.51.v20230217.jar + - http2-hpack-9.4.51.v20230217.jar + - http2-http-client-transport-9.4.51.v20230217.jar + - jetty-alpn-client-9.4.51.v20230217.jar + - http2-server-9.4.51.v20230217.jar + - jetty-alpn-java-client-9.4.51.v20230217.jar + - jetty-client-9.4.51.v20230217.jar + - jetty-http-9.4.51.v20230217.jar + - jetty-io-9.4.51.v20230217.jar + - jetty-jmx-9.4.51.v20230217.jar + - jetty-security-9.4.51.v20230217.jar + - jetty-server-9.4.51.v20230217.jar + - jetty-servlet-9.4.51.v20230217.jar + - jetty-util-9.4.51.v20230217.jar + - jetty-util-ajax-9.4.51.v20230217.jar * Apache BVal - bval-jsr-2.0.0.jar * Bytecode @@ -398,7 +398,7 @@ The Apache Software License, Version 2.0 * RocksDB JNI - rocksdbjni-6.29.4.1.jar * SnakeYAML - - snakeyaml-1.32.jar + - snakeyaml-2.0.jar * Bean Validation API - validation-api-2.0.1.Final.jar * Objectsize @@ -444,7 +444,7 @@ The Apache Software License, Version 2.0 * Snappy - snappy-java-1.1.7.jar * Jackson - - jackson-module-parameter-names-2.13.4.jar + - jackson-module-parameter-names-2.14.2.jar * Java Assist - javassist-3.25.0-GA.jar * Java Native Access @@ -460,7 +460,7 @@ The Apache Software License, Version 2.0 * Apache Yetus Audience Annotations - audience-annotations-0.5.0.jar * Swagger - - swagger-annotations-1.6.2.jar + - swagger-annotations-1.6.10.jar Protocol Buffers License * Protocol Buffers diff --git a/pulsar-sql/presto-pulsar/pom.xml b/pulsar-sql/presto-pulsar/pom.xml index 894445dac35..09920d78f1b 100644 --- a/pulsar-sql/presto-pulsar/pom.xml +++ b/pulsar-sql/presto-pulsar/pom.xml @@ -117,6 +117,28 @@ <artifactId>presto-main</artifactId> <version>${presto.version}</version> <scope>test</scope> + <exclusions> + <exclusion> + <artifactId>jetty-client</artifactId> + <groupId>org.eclipse.jetty</groupId> + </exclusion> + <exclusion> + <artifactId>jetty-security</artifactId> + <groupId>org.eclipse.jetty</groupId> + </exclusion> + <exclusion> + <artifactId>async-http-client</artifactId> + <groupId>com.ning</groupId> + </exclusion> + <exclusion> + <artifactId>http2-server</artifactId> + <groupId>org.eclipse.jetty.http2</groupId> + </exclusion> + <exclusion> + <artifactId>http-server</artifactId> + <groupId>io.airlift</groupId> + </exclusion> + </exclusions> </dependency> <dependency> diff --git a/tiered-storage/file-system/pom.xml b/tiered-storage/file-system/pom.xml index d07988c07db..c649e12fd80 100644 --- a/tiered-storage/file-system/pom.xml +++ b/tiered-storage/file-system/pom.xml @@ -37,6 +37,11 @@ <artifactId>managed-ledger</artifactId> <version>${project.version}</version> </dependency> + + <dependency> + <groupId>commons-net</groupId> + <artifactId>commons-net</artifactId> + </dependency> <dependency> <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-hdfs-client</artifactId> @@ -55,6 +60,10 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> + <exclusion> + <groupId>commons-net</groupId> + <artifactId>commons-net</artifactId> + </exclusion> </exclusions> </dependency> <dependency>