You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by GitBox <gi...@apache.org> on 2022/06/16 15:04:49 UTC

[GitHub] [kafka] kobihikri opened a new pull request, #12300: Update zookeeper version to 3.8.0

kobihikri opened a new pull request, #12300:
URL: https://github.com/apache/kafka/pull/12300

   *More detailed description of your change,
   if necessary. The PR title and PR message become
   the squashed commit message, so use a separate
   comment to ping reviewers.*
   This change is a maintenance update to zookeeper client version
   
   *Summary of testing strategy (including rationale)
   for the feature or bug fix. Unit and/or integration
   tests are expected for any behaviour change and
   system tests should be considered for larger changes.*
   
   ### Committer Checklist (excluded from commit message)
   - [ ] Verify design and implementation 
   - [ ] Verify test coverage and CI build status
   - [ ] Verify documentation (including upgrade notes)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] kobihikri commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
kobihikri commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1160188536

   @ijuma @Kvicii 
   
   Can you kindly guide me with how to trigger the CI?
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
ijuma commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1160524088

   Can you clarify? The Kafka release should only include reload4j without this PR. Are you seeing log4j in the release tarball?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] kobihikri commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
kobihikri commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1160544459

   Ok, I got you now. I will check and update.
   
   On Mon, Jun 20, 2022 at 5:44 PM Ismael Juma ***@***.***>
   wrote:
   
   > That doesn't answer the question since reload4j is fully compatible with
   > log4j. But it doesn't have the vulnerabilities.
   >
   > —
   > Reply to this email directly, view it on GitHub
   > <https://github.com/apache/kafka/pull/12300#issuecomment-1160537036>, or
   > unsubscribe
   > <https://github.com/notifications/unsubscribe-auth/ABB2WAPEOQAOGN4PGKMHVS3VQB7TTANCNFSM5Y7DYU7Q>
   > .
   > You are receiving this because you were mentioned.Message ID:
   > ***@***.***>
   >
   
   
   -- 
   May peace and love be your share.
   Kobi Hikri.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] kobihikri commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
kobihikri commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1160527310

   You can even see in the failing tests of this PR, that there calls to log4j
   ...
   
   On Mon, Jun 20, 2022 at 5:35 PM Ismael Juma ***@***.***>
   wrote:
   
   > Can you clarify? The Kafka release should only include reload4j without
   > this PR. Are you seeing log4j in the release tarball?
   >
   > —
   > Reply to this email directly, view it on GitHub
   > <https://github.com/apache/kafka/pull/12300#issuecomment-1160524088>, or
   > unsubscribe
   > <https://github.com/notifications/unsubscribe-auth/ABB2WAIDHTODU472XIXF7Q3VQB6RXANCNFSM5Y7DYU7Q>
   > .
   > You are receiving this because you were mentioned.Message ID:
   > ***@***.***>
   >
   
   
   -- 
   May peace and love be your share.
   Kobi Hikri.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
ijuma commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1158278691

   Can you please specify which fixes you're looking for? We currently have no plans to upgrade ZK to 3.7.x or 3.8.x since we plan to remove it in Apache Kafka 4.0. If there are good reasons, we can reconsider.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] kobihikri commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
kobihikri commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1160124213

   @Kvicii @ijuma 
   
   This PR is due to desirable changes made in zookeeper 3.8.0.
   
   In particular - the migration to logback, which together with the changes to kafka-clients 3.2.0 - rids us of the previous logging library completely (and the inherent security risk in it).
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] kobihikri commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
kobihikri commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1162075846

   @ijuma
   
   I checked and indeed log4j doesn't exist in the distribution.
   
   It seems that there are improvement in the realm of library dependencies as well, which might be worth "taking" by updating to the latest version.
   
   Here is the relevant portion from the release notes:
   
   "
   7 March, 2022: release 3.8.0 available
   This is the first release for the 3.8 branch.
   It is a major release and it introduces a lot of new features, most notably:
   
   Migration of the logging framework from Apache Log4j1 to LogBack
   Read Key/Trust store password from file (and other security related improvements)
   Restored support for OSGI
   Reduced the performance impact of Prometheus metrics
   Official support for JDK17 (all tests are passing)
   Updates to all the third party dependencies to get rid of every known CVE.
   ZooKeeper clients from 3.5.x onwards are fully compatible with 3.8.x servers.
   The upgrade from 3.6.x and 3.7.x can be executed as usual, no particular additional upgrade procedure is needed.
   ZooKeeper 3.8.x clients are compatible with 3.5.x, 3.6.x and 3.7.x servers as long as you are not using new APIs not present these versions.
   "
   
   What do you think?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] Kvicii commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
Kvicii commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1157836243

   @kobihikri could you explain this PR?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
ijuma commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1160537036

   That doesn't answer the question since reload4j is fully compatible with log4j. But it doesn't have the vulnerabilities.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] kobihikri closed pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
kobihikri closed pull request #12300: Update zookeeper version to 3.8.0
URL: https://github.com/apache/kafka/pull/12300


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] kobihikri commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
kobihikri commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1162747785

   NP, I will close this PR.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #12300: Update zookeeper version to 3.8.0

Posted by GitBox <gi...@apache.org>.
ijuma commented on PR #12300:
URL: https://github.com/apache/kafka/pull/12300#issuecomment-1162575065

   We have run into regressions when upgrading to new feature releases previously, so we'll probably wait for now. We'll re-evaluate in a few months.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org