You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-issues@hadoop.apache.org by GitBox <gi...@apache.org> on 2022/10/31 21:46:23 UTC

[GitHub] [hadoop] steveloughran commented on a diff in pull request #5035: HADOOP-18496: upgrade kotlin and okhttp3 due to kotlin CVEs

steveloughran commented on code in PR #5035:
URL: https://github.com/apache/hadoop/pull/5035#discussion_r1009899456


##########
hadoop-common-project/hadoop-common/pom.xml:
##########
@@ -382,6 +382,21 @@
       <groupId>com.squareup.okhttp3</groupId>
       <artifactId>mockwebserver</artifactId>
       <scope>test</scope>
+      <exclusions>

Review Comment:
   don't these exclusions get picked up from the hadoop project declaration



##########
LICENSE-binary:
##########
@@ -241,8 +241,9 @@ com.google.guava:guava:27.0-jre
 com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava
 com.microsoft.azure:azure-storage:7.0.0
 com.nimbusds:nimbus-jose-jwt:9.8.1
-com.squareup.okhttp3:okhttp:4.9.3
+com.squareup.okhttp3:okhttp:4.10.0
 com.squareup.okio:okio:1.6.0
+com.squareup.okio:okio:3.2.0

Review Comment:
   does the one above need cutting?



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-issues-help@hadoop.apache.org