You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flink.apache.org by ch...@apache.org on 2019/11/21 11:02:56 UTC
[flink] branch release-1.8 updated (15ca8f0 -> f5200c2)
This is an automated email from the ASF dual-hosted git repository.
chesnay pushed a change to branch release-1.8
in repository https://gitbox.apache.org/repos/asf/flink.git.
from 15ca8f0 [FLINK-13184][yarn] Use dynamic properties instead of uploading taskmanager-conf.yaml to hdfs. This will reduce the time cost of launching a TaskExecutor so that YarnResourceManager could start a large number of TaskExecutors timely.
new 6e099b5 [FLINK-14104][build] Bump shade-plugin version to 3.1.1
new 95aca66 [FLINK-14104][build] Add opt-in jackson 2.10.1 profile
new fef8a97 Add building instructions
new f5200c2 bump shade plugin version in dependencies/quickstarts
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
docs/dev/projectsetup/dependencies.md | 2 +-
docs/flinkDev/building.md | 10 ++++++
.../flink-elasticsearch6-test/pom.xml | 1 -
flink-metrics/flink-metrics-influxdb/pom.xml | 27 ++++++++++++++++
.../src/main/resources/archetype-resources/pom.xml | 4 +--
.../src/main/resources/archetype-resources/pom.xml | 2 +-
pom.xml | 37 +++++++++++++++-------
7 files changed, 67 insertions(+), 16 deletions(-)
[flink] 03/04: Add building instructions
Posted by ch...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
chesnay pushed a commit to branch release-1.8
in repository https://gitbox.apache.org/repos/asf/flink.git
commit fef8a9722586f5bbb3b1ca2aa44ffdb006659c51
Author: Chesnay Schepler <ch...@apache.org>
AuthorDate: Wed Nov 20 11:39:55 2019 +0100
Add building instructions
---
docs/flinkDev/building.md | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/docs/flinkDev/building.md b/docs/flinkDev/building.md
index 56cf928..069f93d 100644
--- a/docs/flinkDev/building.md
+++ b/docs/flinkDev/building.md
@@ -138,5 +138,15 @@ The workaround is to add:
in the compiler configuration of the `pom.xml` file of the module causing the error. For example, if the error appears in the `flink-yarn` module, the above code should be added under the `<configuration>` tag of `scala-maven-plugin`. See [this issue](https://issues.apache.org/jira/browse/FLINK-2003) for more information.
+## Jackson
+
+Multiple Flink components use [Jackson](https://github.com/FasterXML/jackson). Older versions of jackson (<`2.10.1`) are subject to a variety of security vulnerabilities.
+
+Flink 1.8.3+ offers an opt-in profile (`use-jackson-2.10.1`) for building Flink against Jackson `2.10.1`; including `jackson-annotations`, `jackson-core` and `jackson-databind`.
+
+Usage: `mvn package -Puse-jackson-2.10.1`
+
+When you build a maven application against this Flink version it is recommended to bump the `maven-shade-plugin` version to at least `3.1.1` to prevent packaging errors.
+
{% top %}
[flink] 01/04: [FLINK-14104][build] Bump shade-plugin version to
3.1.1
Posted by ch...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
chesnay pushed a commit to branch release-1.8
in repository https://gitbox.apache.org/repos/asf/flink.git
commit 6e099b52bbe8ec11e719d3eef57549d493b74837
Author: Chesnay Schepler <ch...@apache.org>
AuthorDate: Thu Nov 14 12:06:39 2019 +0100
[FLINK-14104][build] Bump shade-plugin version to 3.1.1
Earlier versions fail with jackson 2.10.1, likely due to java9+ features present in the jar.
---
flink-end-to-end-tests/flink-elasticsearch6-test/pom.xml | 1 -
pom.xml | 12 +-----------
2 files changed, 1 insertion(+), 12 deletions(-)
diff --git a/flink-end-to-end-tests/flink-elasticsearch6-test/pom.xml b/flink-end-to-end-tests/flink-elasticsearch6-test/pom.xml
index 831b5ef..a099905 100644
--- a/flink-end-to-end-tests/flink-elasticsearch6-test/pom.xml
+++ b/flink-end-to-end-tests/flink-elasticsearch6-test/pom.xml
@@ -53,7 +53,6 @@ under the License.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
- <version>3.0.0</version>
<executions>
<execution>
<phase>package</phase>
diff --git a/pom.xml b/pom.xml
index 7bebbc76..fe56a3a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -768,16 +768,6 @@ under the License.
</dependencyManagement>
<build>
- <pluginManagement>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-shade-plugin</artifactId>
- <version>3.1.1</version>
- </plugin>
- </plugins>
- </pluginManagement>
-
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
@@ -1628,7 +1618,7 @@ under the License.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
- <version>3.0.0</version>
+ <version>3.1.1</version>
</plugin>
<plugin>
[flink] 02/04: [FLINK-14104][build] Add opt-in jackson 2.10.1
profile
Posted by ch...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
chesnay pushed a commit to branch release-1.8
in repository https://gitbox.apache.org/repos/asf/flink.git
commit 95aca66d28735a8f5fbbfc91552319f59e39e266
Author: Chesnay Schepler <ch...@apache.org>
AuthorDate: Wed Nov 13 11:40:04 2019 +0100
[FLINK-14104][build] Add opt-in jackson 2.10.1 profile
---
flink-metrics/flink-metrics-influxdb/pom.xml | 27 +++++++++++++++++++++++++++
pom.xml | 25 +++++++++++++++++++++++++
2 files changed, 52 insertions(+)
diff --git a/flink-metrics/flink-metrics-influxdb/pom.xml b/flink-metrics/flink-metrics-influxdb/pom.xml
index 51ed4a0..b7d05ff 100644
--- a/flink-metrics/flink-metrics-influxdb/pom.xml
+++ b/flink-metrics/flink-metrics-influxdb/pom.xml
@@ -120,6 +120,33 @@ under the License.
</dependencies>
</dependencyManagement>
+ <profiles>
+ <profile>
+ <id>use-jackson-2.10.1</id>
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-annotations</artifactId>
+ <version>2.10.1</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ <version>2.10.1</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-core</artifactId>
+ <version>2.10.1</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+ </profile>
+ </profiles>
+
<build>
<plugins>
<plugin>
diff --git a/pom.xml b/pom.xml
index fe56a3a..f125628 100644
--- a/pom.xml
+++ b/pom.xml
@@ -786,6 +786,31 @@ under the License.
</profile>
<profile>
+ <id>use-jackson-2.10.1</id>
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-annotations</artifactId>
+ <version>2.10.1</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ <version>2.10.1</version>
+ </dependency>
+
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-core</artifactId>
+ <version>2.10.1</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+ </profile>
+
+ <profile>
<id>fast</id>
<activation>
<property>
[flink] 04/04: bump shade plugin version in dependencies/quickstarts
Posted by ch...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
chesnay pushed a commit to branch release-1.8
in repository https://gitbox.apache.org/repos/asf/flink.git
commit f5200c295d0a726d59a9245dbdd9307703d94722
Author: Chesnay Schepler <ch...@apache.org>
AuthorDate: Wed Nov 20 11:40:27 2019 +0100
bump shade plugin version in dependencies/quickstarts
---
docs/dev/projectsetup/dependencies.md | 2 +-
.../src/main/resources/archetype-resources/pom.xml | 4 ++--
.../src/main/resources/archetype-resources/pom.xml | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/docs/dev/projectsetup/dependencies.md b/docs/dev/projectsetup/dependencies.md
index 447a071..8e74568 100644
--- a/docs/dev/projectsetup/dependencies.md
+++ b/docs/dev/projectsetup/dependencies.md
@@ -200,7 +200,7 @@ you can use the following shade plugin definition:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
- <version>3.0.0</version>
+ <version>3.1.1</version>
<executions>
<execution>
<phase>package</phase>
diff --git a/flink-quickstart/flink-quickstart-java/src/main/resources/archetype-resources/pom.xml b/flink-quickstart/flink-quickstart-java/src/main/resources/archetype-resources/pom.xml
index 33399f8..1b0c6fc 100644
--- a/flink-quickstart/flink-quickstart-java/src/main/resources/archetype-resources/pom.xml
+++ b/flink-quickstart/flink-quickstart-java/src/main/resources/archetype-resources/pom.xml
@@ -113,7 +113,7 @@ under the License.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
- <version>3.0.0</version>
+ <version>3.1.1</version>
<executions>
<!-- Run shade goal on package phase -->
<execution>
@@ -168,7 +168,7 @@ under the License.
<pluginExecutionFilter>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
- <versionRange>[3.0.0,)</versionRange>
+ <versionRange>[3.1.1,)</versionRange>
<goals>
<goal>shade</goal>
</goals>
diff --git a/flink-quickstart/flink-quickstart-scala/src/main/resources/archetype-resources/pom.xml b/flink-quickstart/flink-quickstart-scala/src/main/resources/archetype-resources/pom.xml
index e0f50f1..6fe41d4 100644
--- a/flink-quickstart/flink-quickstart-scala/src/main/resources/archetype-resources/pom.xml
+++ b/flink-quickstart/flink-quickstart-scala/src/main/resources/archetype-resources/pom.xml
@@ -108,7 +108,7 @@ under the License.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
- <version>3.0.0</version>
+ <version>3.1.1</version>
<executions>
<!-- Run shade goal on package phase -->
<execution>