You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-issues@hadoop.apache.org by GitBox <gi...@apache.org> on 2022/10/31 21:46:23 UTC
[GitHub] [hadoop] steveloughran commented on a diff in pull request #5035: HADOOP-18496: upgrade kotlin and okhttp3 due to kotlin CVEs
steveloughran commented on code in PR #5035:
URL: https://github.com/apache/hadoop/pull/5035#discussion_r1009899456
##########
hadoop-common-project/hadoop-common/pom.xml:
##########
@@ -382,6 +382,21 @@
<groupId>com.squareup.okhttp3</groupId>
<artifactId>mockwebserver</artifactId>
<scope>test</scope>
+ <exclusions>
Review Comment:
don't these exclusions get picked up from the hadoop project declaration
##########
LICENSE-binary:
##########
@@ -241,8 +241,9 @@ com.google.guava:guava:27.0-jre
com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
com.microsoft.azure:azure-storage:7.0.0
com.nimbusds:nimbus-jose-jwt:9.8.1
-com.squareup.okhttp3:okhttp:4.9.3
+com.squareup.okhttp3:okhttp:4.10.0
com.squareup.okio:okio:1.6.0
+com.squareup.okio:okio:3.2.0
Review Comment:
does the one above need cutting?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org