You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@phoenix.apache.org by "ksobolew (via GitHub)" <gi...@apache.org> on 2023/05/31 08:29:57 UTC

[GitHub] [phoenix] ksobolew opened a new pull request, #1614: Update Jackson to 2.15.1

ksobolew opened a new pull request, #1614:
URL: https://github.com/apache/phoenix/pull/1614

   If that's too much of a jump, then we could bump instead to 2.12.7.1 :)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] gjacoby126 commented on a diff in pull request #1614: Update Jackson to 2.15.1

Posted by "gjacoby126 (via GitHub)" <gi...@apache.org>.

gjacoby126 commented on code in PR #1614:
URL: https://github.com/apache/phoenix/pull/1614#discussion_r1214491484


##########
pom.xml:
##########
@@ -92,7 +92,7 @@
     <top.dir>${project.basedir}/..</top.dir>
 
     <!-- Dependency versions -->
-    <jackson-bom.version>2.12.6.20220326</jackson-bom.version>
+    <jackson-bom.version>2.15.1</jackson-bom.version>

Review Comment:
   @ksobolew - thanks for the contribution. We usually try to keep our dependencies in sync with HBase. Looks like they're currently on 2.14.1, so we should probably do the same, unless we find a particular incompatibility or CVE with that version. 
   
   See https://github.com/apache/hbase/blob/branch-2.5/pom.xml#L578



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] gjacoby126 commented on pull request #1614: Update Jackson to 2.15.1

Posted by "gjacoby126 (via GitHub)" <gi...@apache.org>.

gjacoby126 commented on PR #1614:
URL: https://github.com/apache/phoenix/pull/1614#issuecomment-1579312268

   @ksobolew - change looks good. Could you please change the PR and the commit message to include the JIRA number? 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] ksobolew commented on pull request #1614: PHOENIX-6981 Update Jackson to 2.14.1

Posted by "ksobolew (via GitHub)" <gi...@apache.org>.

ksobolew commented on PR #1614:
URL: https://github.com/apache/phoenix/pull/1614#issuecomment-1594655893

   @gjacoby126 Done!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] gjacoby126 commented on pull request #1614: Update Jackson to 2.15.1

Posted by "gjacoby126 (via GitHub)" <gi...@apache.org>.

gjacoby126 commented on PR #1614:
URL: https://github.com/apache/phoenix/pull/1614#issuecomment-1587945574

   @ksobolew - our issue tracking system is https://issues.apache.org/jira/ . Unfortunately, public signup for it was recently turned off because of bot problems, but if you request an account at https://selfserve.apache.org/jira-account.html  I or one of the other PMC members can approve you and make you a contributor to the project. (This step's a one-time thing.) 
   
   Then it's just a matter of filing a JIRA ticket and rebasing the PR so that the commit message includes the JIRA number. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] ksobolew commented on pull request #1614: PHOENIX-6981 Update Jackson to 2.14.1

Posted by "ksobolew (via GitHub)" <gi...@apache.org>.

ksobolew commented on PR #1614:
URL: https://github.com/apache/phoenix/pull/1614#issuecomment-1594658818

   (I requested a new account, but then realized that I already have one, so I used that one instead.)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] gjacoby126 merged pull request #1614: PHOENIX-6981 Update Jackson to 2.14.1

Posted by "gjacoby126 (via GitHub)" <gi...@apache.org>.

gjacoby126 merged PR #1614:
URL: https://github.com/apache/phoenix/pull/1614


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] ksobolew commented on pull request #1614: Update Jackson to 2.15.1

Posted by "ksobolew (via GitHub)" <gi...@apache.org>.

ksobolew commented on PR #1614:
URL: https://github.com/apache/phoenix/pull/1614#issuecomment-1587823614

   > @ksobolew - change looks good. Could you please change the PR and the commit message to include the JIRA number?
   
   @gjacoby126 I don't have a JIRA number. How do I get one?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] ksobolew commented on a diff in pull request #1614: Update Jackson to 2.15.1

Posted by "ksobolew (via GitHub)" <gi...@apache.org>.

ksobolew commented on code in PR #1614:
URL: https://github.com/apache/phoenix/pull/1614#discussion_r1214499522


##########
pom.xml:
##########
@@ -92,7 +92,7 @@
     <top.dir>${project.basedir}/..</top.dir>
 
     <!-- Dependency versions -->
-    <jackson-bom.version>2.12.6.20220326</jackson-bom.version>
+    <jackson-bom.version>2.15.1</jackson-bom.version>

Review Comment:
   Sure, 2.14.1 is good too. Regarding CVEs, both 2.15.1 and 2.14.1 are clear of them, contrary to 2.12.6.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [phoenix] ksobolew commented on a diff in pull request #1614: Update Jackson to 2.15.1

Posted by "ksobolew (via GitHub)" <gi...@apache.org>.

ksobolew commented on code in PR #1614:
URL: https://github.com/apache/phoenix/pull/1614#discussion_r1214500697


##########
pom.xml:
##########
@@ -92,7 +92,7 @@
     <top.dir>${project.basedir}/..</top.dir>
 
     <!-- Dependency versions -->
-    <jackson-bom.version>2.12.6.20220326</jackson-bom.version>
+    <jackson-bom.version>2.15.1</jackson-bom.version>

Review Comment:
   Changed, thanks.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@phoenix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org