Re: icu4j / i18n-util upgrade

2022-10-20 Thread Istvan Toth
Thanks Andrew, I accepted the OWASP report at face value. The sad reality today is that it is easier to do a needless version bump than to get users to understand and accept that a static code analysis tool gives false positives. Anyway, keeping dependencies up-to-date even without CVEs is genera

[jira] [Created] (PHOENIX-6818) Remove dependency on the i18n-util library

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created PHOENIX-6818: Summary: Remove dependency on the i18n-util library Key: PHOENIX-6818 URL: https://issues.apache.org/jira/browse/PHOENIX-6818 Project: Phoenix Issue Type: Im

Re: icu4j / i18n-util upgrade

2022-10-20 Thread Andrew Purtell
The CVE is for the c++ icu library not icu4j but ? We did A where I work and it did what you’d expect and shut up the vuln scanner. +1 for B. The code is compatibly licensed and not that much. Other options carry functionality loss risks or dev work. Dropping it in place is low risk and low e

PhoenixDB PyPI project permissions

2022-10-20 Thread Istvan Toth
Hi! I have added Richard as an *Owner* to the *phoenixdb* project on PyPI. The current Owners are Josh, Lukas Lalinsky (the original author), Richard and me. If anyone else has or creates a PyPI account, please contact one of the owners to add you. regards Istvan

[jira] [Updated] (PHOENIX-6817) Switch to guava -JRE variant

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6817?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated PHOENIX-6817: - Description: We chose to include the -android variant of Guava, to ensure compatibiity with Ja

[jira] [Updated] (PHOENIX-6816) Update Jetty to 9.4.49.v20220914

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6816?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated PHOENIX-6816: - Affects Version/s: 5.2.0 5.1.3 > Update Jetty to 9.4.49.v20220914 >

[jira] [Updated] (PHOENIX-6815) Update Gson version to 2.9.1

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6815?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated PHOENIX-6815: - Affects Version/s: 5.2.0 5.1.3 > Update Gson version to 2.9.1 >

[jira] [Updated] (OMID-190) Update website for 1.0.2

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/OMID-190?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated OMID-190: - Fix Version/s: 1.1.1 (was: 1.1.0) > Update website for 1.0.2 > -

[jira] [Updated] (OMID-195) Add security system tests

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/OMID-195?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated OMID-195: - Fix Version/s: 1.1.1 (was: 1.1.0) > Add security system tests >

[jira] [Updated] (OMID-206) Half of the regions of commit table not getting used

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/OMID-206?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated OMID-206: - Fix Version/s: 1.1.1 (was: 1.1.0) > Half of the regions of commit table not getting

[jira] [Updated] (PHOENIX-6815) Update Gson version to 2.9.1

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6815?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated PHOENIX-6815: - Summary: Update Gson version to 2.9.1 (was: Bump gson version to 2.9.1) > Update Gson version

[jira] [Created] (OMID-234) Bump SnakeYaml version to 1.33

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created OMID-234: Summary: Bump SnakeYaml version to 1.33 Key: OMID-234 URL: https://issues.apache.org/jira/browse/OMID-234 Project: Phoenix Omid Issue Type: Task Affects Versions

[jira] [Created] (PHOENIX-6817) Switch to guava -JRE variant

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created PHOENIX-6817: Summary: Switch to guava -JRE variant Key: PHOENIX-6817 URL: https://issues.apache.org/jira/browse/PHOENIX-6817 Project: Phoenix Issue Type: Improvement

[jira] [Created] (PHOENIX-6816) Update Jetty to 9.4.49.v20220914

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created PHOENIX-6816: Summary: Update Jetty to 9.4.49.v20220914 Key: PHOENIX-6816 URL: https://issues.apache.org/jira/browse/PHOENIX-6816 Project: Phoenix Issue Type: Task

[jira] [Assigned] (PHOENIX-6816) Update Jetty to 9.4.49.v20220914

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6816?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth reassigned PHOENIX-6816: Assignee: Istvan Toth > Update Jetty to 9.4.49.v20220914 > -

icu4j / i18n-util upgrade

2022-10-20 Thread Istvan Toth
Hi! Our icu4j version has CVEs. It is pulled in via com.salesforce.i18n:i18n-util *[INFO] +- com.salesforce.i18n:i18n-util:jar:1.0.4:compile[INFO] | +- commons-lang:commons-lang:jar:2.6:compile[INFO] | +- com.ibm.icu:icu4j:jar:60.2:compile[INFO] | +- com.ibm.icu:icu4j-localespi:jar:60.2:co

Re: [VOTE] Release of phoenixdb 1.2.1 RC1

2022-10-20 Thread rajeshb...@apache.org
+1 - Signature: ok - Checksum: ok - Build: ok On Tue, Oct 18, 2022 at 5:59 AM Viraj Jasani wrote: > +1 > > * Signature: ok > * Checksum: ok > * Build: ok > * Tests using docker setup: ok > > > > On Thu, Oct 13, 2022 at 5:31 AM Richárd Antal > wrote: > > > Hello Everyone, > > > > This is a call

[jira] [Created] (PHOENIX-6815) Bump gson version to 2.9.1

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created PHOENIX-6815: Summary: Bump gson version to 2.9.1 Key: PHOENIX-6815 URL: https://issues.apache.org/jira/browse/PHOENIX-6815 Project: Phoenix Issue Type: Task R