You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@spark.apache.org by steveloughran <gi...@git.apache.org> on 2016/02/24 15:13:45 UTC

[GitHub] spark pull request: [SPARK-13471] [SQL]: WiP update hive version t...

GitHub user steveloughran opened a pull request:

    https://github.com/apache/spark/pull/11346

    [SPARK-13471] [SQL]: WiP update hive version to 1.2.1.1.spark

    ## What changes were proposed in this pull request?
    
    This updates the hive dependency from 1.2.1.spark to 1.2.1.1.spark, an update which does nothing but
    
    1. Update the POM
    1. Update groovy to 2.4.4
    
    In doing so it ensures that CVE-2015-3253 is not passed on to applications pulling in spark-hive via POM dependencies.
    
    ## How was this patch tested?
    
    Full tests ongoing; basic build & hive tests seemed happy. This only works with a local build of `org.spark-project.hive` of 1.2.1.1.spark with the modified groovy dependency; Jenkins will fail to build until the artifact is actually published. ( see [https://github.com/pwendell/hive/pull/1] 
    
    audit of maven dependencies shows that later groovy version is picked up
    
    ```
    [INFO] +- org.spark-project.hive:hive-exec:jar:1.2.1.1.spark:compile
    [INFO] |  +- (com.twitter:parquet-hadoop-bundle:jar:1.6.0:compile - omitted for duplicate)
    [INFO] |  +- commons-io:commons-io:jar:2.4:compile
    [INFO] |  +- (org.apache.commons:commons-lang3:jar:3.3.2:compile - version managed from 3.1; omitted for duplicate)
    [INFO] |  +- (commons-lang:commons-lang:jar:2.6:compile - version managed from 2.4; omitted for duplicate)
    [INFO] |  +- javolution:javolution:jar:5.5.1:compile
    [INFO] |  +- log4j:apache-log4j-extras:jar:1.2.17:compile
    [INFO] |  +- org.antlr:antlr-runtime:jar:3.4:compile
    [INFO] |  |  +- org.antlr:stringtemplate:jar:3.2.1:compile
    [INFO] |  |  |  \- (antlr:antlr:jar:2.7.7:compile - omitted for duplicate)
    [INFO] |  |  \- antlr:antlr:jar:2.7.7:compile
    [INFO] |  +- org.antlr:ST4:jar:4.0.4:compile
    [INFO] |  |  \- (org.antlr:antlr-runtime:jar:3.3:compile - omitted for conflict with 3.4)
    [INFO] |  +- (org.apache.avro:avro:jar:1.7.7:compile - version managed from 1.7.5; omitted for duplicate)
    [INFO] |  +- org.apache.commons:commons-compress:jar:1.4.1:compile
    [INFO] |  |  \- org.tukaani:xz:jar:1.0:compile
    [INFO] |  +- (org.apache.ivy:ivy:jar:2.4.0:compile - omitted for duplicate)
    [INFO] |  +- org.codehaus.groovy:groovy-all:jar:2.4.4:compile
    [INFO] |  +- org.codehaus.jackson:jackson-core-asl:jar:1.9.13:compile
    [INFO] |  +- (org.jodd:jodd-core:jar:3.5.2:compile - omitted for duplicate)
    [INFO] |  +- (org.codehaus.jackson:jackson-mapper-asl:jar:1.9.13:compile - version managed from 1.9.2; omitted for duplicate)
    [INFO] |  +- (org.datanucleus:datanucleus-core:jar:3.2.10:compile - omitted for duplicate)
    [INFO] |  +- (org.apache.calcite:calcite-avatica:jar:1.2.0-incubating:compile - omitted for duplicate)
    [INFO] |  +- com.google.guava:guava:jar:14.0.1:provided
    [INFO] |  +- com.googlecode.javaewah:JavaEWAH:jar:0.3.2:compile
    [INFO] |  +- org.iq80.snappy:snappy:jar:0.2:compile
    [INFO] |  +- org.json:json:jar:20090211:compile
    [INFO] |  +- stax:stax-api:jar:1.0.1:compile
    [INFO] |  +- net.sf.opencsv:opencsv:jar:2.3:compile
    [INFO] |  \- (jline:jline:jar:2.12:compile - omitted for duplicate)
    ```
    


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/steveloughran/spark fixes/SPARK-13471-groovy-on-branch-1.6

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/spark/pull/11346.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #11346
    
----
commit efc74b12fab9f586139af913161ac09b802de389
Author: Steve Loughran <st...@hortonworks.com>
Date:   2016-02-24T14:03:32Z

    [SPARK-13471]: update hive version to 1.2.1.1.spark

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] spark pull request: [SPARK-13471] [SQL]: WiP update hive version t...

Posted by AmplabJenkins <gi...@git.apache.org>.

Github user AmplabJenkins commented on the pull request:

    https://github.com/apache/spark/pull/11346#issuecomment-188278935
  
    Merged build finished. Test FAILed.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] spark pull request: [SPARK-13471] [SQL]: WiP update hive version t...

Posted by AmplabJenkins <gi...@git.apache.org>.

Github user AmplabJenkins commented on the pull request:

    https://github.com/apache/spark/pull/11346#issuecomment-188278940
  
    Test FAILed.
    Refer to this link for build results (access rights to CI server needed): 
    https://amplab.cs.berkeley.edu/jenkins//job/SparkPullRequestBuilder/51877/
    Test FAILed.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] spark pull request: [SPARK-13471] [SQL]: WiP update hive version t...

Posted by jerryshao <gi...@git.apache.org>.

Github user jerryshao commented on the pull request:

    https://github.com/apache/spark/pull/11346#issuecomment-188622694
  
    @steveloughran do we also needs an update for master branch?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] spark pull request: [SPARK-13471] [SQL]: WiP update hive version t...

Posted by steveloughran <gi...@git.apache.org>.

Github user steveloughran closed the pull request at:

    https://github.com/apache/spark/pull/11346


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] spark pull request: [SPARK-13471] [SQL]: WiP update hive version t...

Posted by steveloughran <gi...@git.apache.org>.

Github user steveloughran commented on the pull request:

    https://github.com/apache/spark/pull/11346#issuecomment-190841889
  
    #11449 should render this obsolete


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] spark pull request: [SPARK-13471] [SQL]: WiP update hive version t...

Posted by steveloughran <gi...@git.apache.org>.

Github user steveloughran commented on the pull request:

    https://github.com/apache/spark/pull/11346#issuecomment-188792908
  
    
    master is going to need work if/when the kryo version in chill is bumped to 3.x; there's an opportunity to have hive and spark using the same kryo version, so the work needed to get hive in sync with spark isn't needed any more (leaving only the classpath shading/inclusion problem and the abuse needed to currently subclass hive thrift server).
    
    For now, I can do the same patch here against master without any problems; I'll do another PR. Just bear in mind that adoption of a new Chill version with a corresponding new Kryo version will need more work


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org