You are viewing a plain text version of this content. The canonical link for it is here.
Posted to gitbox@hive.apache.org by GitBox <gi...@apache.org> on 2022/05/23 15:46:38 UTC
[GitHub] [hive] pjfanning opened a new pull request, #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
pjfanning opened a new pull request, #3315:
URL: https://github.com/apache/hive/pull/3315
<!--
Thanks for sending a pull request! Here are some tips for you:
1. If this is your first time, please read our contributor guidelines: https://cwiki.apache.org/confluence/display/Hive/HowToContribute
2. Ensure that you have created an issue on the Hive project JIRA: https://issues.apache.org/jira/projects/HIVE/summary
3. Ensure you have added or run the appropriate tests for your PR:
4. If the PR is unfinished, add '[WIP]' in your PR title, e.g., '[WIP]HIVE-XXXXX: Your PR title ...'.
5. Be sure to keep the PR description updated to reflect all changes.
6. Please write your PR title to summarize what this PR proposes.
7. If possible, provide a concise example to reproduce the issue for a faster review.
-->
### What changes were proposed in this pull request?
<!--
Please clarify what changes you are proposing. The purpose of this section is to outline the changes and how this PR fixes the issue.
If possible, please consider writing useful notes for better and faster reviews in your PR. See the examples below.
1. If you refactor some codes with changing classes, showing the class hierarchy will help reviewers.
2. If you fix some SQL features, you can provide some references of other DBMSes.
3. If there is design documentation, please add the link.
4. If there is a discussion in the mailing list, please add the link.
-->
Upgrade calcite version due to CVE - https://issues.apache.org/jira/browse/HIVE-26254
### Why are the changes needed?
<!--
Please clarify why the changes are needed. For instance,
1. If you propose a new API, clarify the use case for a new API.
2. If you fix a bug, you can clarify why it is a bug.
-->
### Does this PR introduce _any_ user-facing change?
<!--
Note that it means *any* user-facing change including all aspects such as the documentation fix.
If yes, please clarify the previous behavior and the change this PR proposes - provide the console output, description, screenshot and/or a reproducable example to show the behavior difference if possible.
If possible, please also clarify if this is a user-facing change compared to the released Hive versions or within the unreleased branches such as master.
If no, write 'No'.
-->
### How was this patch tested?
<!--
If tests were added, say they were added here. Please make sure to add some test cases that check the changes thoroughly including negative and positive cases if possible.
If it was tested in a way different from regular unit tests, please clarify how you tested step by step, ideally copy and paste-able, so that other reviewers can test and check, and descendants can verify in the future.
If tests were not added, please describe why they were not added and/or why it was difficult to add.
-->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] pjfanning closed pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
pjfanning closed pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
URL: https://github.com/apache/hive/pull/3315
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] github-actions[bot] commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1264166181
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Feel free to reach out on the dev@hive.apache.org list if the patch is in need of reviews.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] zabetak commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
zabetak commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1201190785
Thanks for the pointer @ayushtkn. Indeed the failure is related to Guava and Calcite (most likely due to CALCITE-4259) but it shouldn't require a Guava upgrade. Probably there is a problem on the way Hive shades calcite in the ql module or something along these lines.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] pjfanning commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
pjfanning commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200165460
@ayushtkn I can't recall the issue but I think it was non-trivial. I've started a CI build to get the results.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] pjfanning commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
pjfanning commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200906365
@ayushtkn that link doesn't work for me
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] ayushtkn commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
ayushtkn commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200897632
Try this:
http://ci.hive.apache.org/job/hive-precommit/job/PR-3315/1/
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] github-actions[bot] commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
github-actions[bot] commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1193018914
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Feel free to reach out on the dev@hive.apache.org list if the patch is in need of reviews.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] pjfanning commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
pjfanning commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200300287
@ayushtkn I linked a couple of issues on https://issues.apache.org/jira/browse/HIVE-26254 relating to Guava upgrade. Would there be any stomach to try to upgrade guava?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] ayushtkn commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
ayushtkn commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200303756
I think we need to upgrade guava for other reasons as well. May be it would be possible post HIVE-24484. As of today if you try upgrading guava it will give a bunch of failures due to conflict between current guava version of hadoop. HADOOP-16924 shades guava, so I think post moving to hadoop-3.3.1, upgrading guava should be possible
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] ayushtkn commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
ayushtkn commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1201080969
@zabetak I saw that written in the POM of Calcite as well.
But still I see there is failure due to Guava here:
http://ci.hive.apache.org/job/hive-precommit/job/PR-3315/1/testReport/junit/org.apache.hadoop.hive.cli.split17/TestMiniLlapLocalCliDriver/Testing___split_08___PostProcess___testCliDriver_parquet_map_null_vectorization_/
May be we have to exclude the Guava coming from Calcite and then try with the latest version?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] zabetak commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
zabetak commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200885377
FYI Calcite claims to support all Guava versions from 19.0 to 31.1-jre and there are regular CI tests for both ends:
- CI for 19.0 https://github.com/apache/calcite/blob/657a3d352ff81ef54f2bc0be6884363b49741305/.travis.yml#L27
- CI for 31.1-jre https://github.com/apache/calcite/blob/657a3d352ff81ef54f2bc0be6884363b49741305/.travis.yml#L55
thus I don't think upgrading Calcite would strictly require Guava upgrade.
Apart from that, Calcite 1.31.0 will be out soon so it may be preferable to upgrade to that version directly.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] pjfanning commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
pjfanning commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1272244460
Closed as https://issues.apache.org/jira/browse/HIVE-26254 has been superseded.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] pjfanning closed pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
pjfanning closed pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
URL: https://github.com/apache/hive/pull/3315
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] ayushtkn commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
ayushtkn commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200144264
The build results aren't available now, so couldn't check what broke due to this.
Something which can't be fixed?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] ayushtkn commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
ayushtkn commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200289120
Thanx @pjfanning
Seems atleast there is some guava version conflict. Hive and Calcite Guava version are conflicting, because in a couple of tests I see there is NoSuchMethodException for Guava classes.
Second is some SARG literal and some ClassCastExceptions for it, may be CALCITE-4716 could be a fix, which is there in 1.28.0 and above.
But I think Guava issue will stay....
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org
[GitHub] [hive] pjfanning commented on pull request #3315: HIVE-26254: upgrade calcite to 1.26.0 due to CVE
Posted by GitBox <gi...@apache.org>.
pjfanning commented on PR #3315:
URL: https://github.com/apache/hive/pull/3315#issuecomment-1200891806
The link to the broken build does not work for me.
https://ci.hive.apache.org/job/hive-precommit/job/PR-3315/1/display/redirect
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscribe@hive.apache.org
For additional commands, e-mail: gitbox-help@hive.apache.org