-
Notifications
You must be signed in to change notification settings - Fork 8.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HADOOP-18301.Upgrade commons-io to 2.11.0 #4455
Conversation
💔 -1 overall
This message was automatically generated. |
Thanks @ashutoshcipher for the patch. Could you check why shadedclient fails with the patch. |
What is the reason for upgrade? some CVE or some feature that we want to use? We can't upgrade any thirdparty library just because we want to do that or there is a latest version for it... |
Thanks @ayushtkn for checking. There isn't any specific CVE related to this as far as I know. As the dependency is old and new version has general new features and bug fixes. Updating it seems to be a good idea to me. Also the the same is updated in Hive as well - apache/hive#3370 |
if you haven't done this, can you uncheck the box. if you have, which stores, which endpoints? |
Thanks for pointing it out. Corrected it. |
The error message in shadedclient: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4455/1/artifact/out/patch-shadedclient.txt
Since commons-io 2.11.0 Given there is an incompatibility between 2.11.0 and 2.8.0, I recommend to upgrade to 2.11.0 only for trunk if there is no security issue in the current version. |
@aajisaka If there is no security issue and if this is incompatible and if we don't have a present use case for this, then why should we even upgrade on trunk and have an incompatible change on our name? |
Thank you @ayushtkn for your comment.
Yes. My use case is to match the libraries versions with all the Hadoop-related applications to avoid conflicts as possible, and I think someone other than us has similar use cases. Given Apache Spark has already upgraded to 2.11.0 in Spark 3.3.0 https://issues.apache.org/jira/browse/SPARK-36737, so I want to follow. |
Thanks @aajisaka and @ayushtkn - Adding further to Akira's comment; The same has been done in Hive as well as I mentioned earlier https://issues.apache.org/jira/browse/HIVE-26321 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 for trunk
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cancelling my +1.
@ashutoshcipher could you fix the error in #4455 (comment) ?
@aajisaka - Sorry I missed addressing you comment earlier. In my latest commit, I have addressed you comment. Thanks. |
💔 -1 overall
This message was automatically generated. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 for trunk. Thanks @ashutoshcipher
Co-authored-by: Ashutosh Gupta <ashugpt@amazon.com> Signed-off-by: Akira Ajisaka <aajisaka@apache.org>
Description of PR
Upgrade commons-io to 2.11.0
Upgrading to new release to keep up for new features and bug fixes.
JIRA: HADOOP-18301
How was this patch tested?
CI/Build Check
For code changes:
LICENSE
,LICENSE-binary
,NOTICE-binary
files?