You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@zookeeper.apache.org by GitBox <gi...@apache.org> on 2022/01/22 07:02:03 UTC

[GitHub] [zookeeper] frederiko opened a new pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

frederiko opened a new pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787


   This PR updates jackson-databind to 2.13.1 to address a raised vulnerability that could possible DoS attack certain versions of Jackson. Please refer to GH issue #3328 for further info. On top of that, it also fixes now deprecated PropertyNamingStrategy class initialization issue #2715.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] eolivelli commented on a change in pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

eolivelli commented on a change in pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787#discussion_r785704190



##########
File path: zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java
##########
@@ -19,10 +19,8 @@
 package org.apache.zookeeper.server.admin;
 
 import com.fasterxml.jackson.core.JsonGenerationException;
-import com.fasterxml.jackson.databind.JsonMappingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.PropertyNamingStrategy;
-import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.databind.*;

Review comment:
       please do not use star imports




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] frederiko commented on a change in pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

frederiko commented on a change in pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787#discussion_r789234286



##########
File path: zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java
##########
@@ -19,10 +19,8 @@
 package org.apache.zookeeper.server.admin;
 
 import com.fasterxml.jackson.core.JsonGenerationException;
-import com.fasterxml.jackson.databind.JsonMappingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.PropertyNamingStrategy;
-import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.databind.*;

Review comment:
       Sure. I will change accordingly### 




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] frederiko commented on a change in pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

frederiko commented on a change in pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787#discussion_r789234286



##########
File path: zookeeper-server/src/main/java/org/apache/zookeeper/server/admin/JsonOutputter.java
##########
@@ -19,10 +19,8 @@
 package org.apache.zookeeper.server.admin;
 
 import com.fasterxml.jackson.core.JsonGenerationException;
-import com.fasterxml.jackson.databind.JsonMappingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.fasterxml.jackson.databind.PropertyNamingStrategy;
-import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.databind.*;

Review comment:
       Sure. I will change accordingly. I believe the IDE made it automatically.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] frederiko commented on pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

frederiko commented on pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787#issuecomment-1019307888


   Sure. Will take a look.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] frederiko edited a comment on pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

frederiko edited a comment on pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787#issuecomment-1019307888


   @maoling Sure. Will take a look.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] maoling commented on pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

maoling commented on pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787#issuecomment-1019690050


   @frederiko 
   Thanks for your contribution.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] maoling closed pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

maoling closed pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] maoling closed pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

maoling closed pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [zookeeper] maoling commented on pull request #1787: ZOOKEEPER-4429: Update jackson-databind to 2.13.1

Posted by GitBox <gi...@apache.org>.

maoling commented on pull request #1787:
URL: https://github.com/apache/zookeeper/pull/1787#issuecomment-1019087900


   @frederiko  The latest code has a checkstyle violation,  we don't need that line before `import java.io.IOException`.
   `mvn checkstyle:check` to check this


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@zookeeper.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org