You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@spark.apache.org by GitBox <gi...@apache.org> on 2022/10/14 21:48:40 UTC

[GitHub] [spark] bjornjorgensen opened a new pull request, #38262: [SPARK-40801] Upgrade Apache commons-text

bjornjorgensen opened a new pull request, #38262:
URL: https://github.com/apache/spark/pull/38262

   
   ### What changes were proposed in this pull request?
   Upgrade Apache from 1.9 to 1.10.0
   
   ### Why are the changes needed?
   [CVE-2022-42889](https://nvd.nist.gov/vuln/detail/CVE-2022-42889) 
   
   
   ### Does this PR introduce _any_ user-facing change?
   No.
   
   
   ### How was this patch tested?
   Pass github action 
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] AmplabJenkins commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

AmplabJenkins commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1279712324

   Can one of the admins verify this patch?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] wangyum closed pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

wangyum closed pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10
URL: https://github.com/apache/spark/pull/38262


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] Stycos commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

Stycos commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1316090923

   When I execute `pip install pyspark` I still get commons-text-1.9.jar in the jars folder.  Shouldn't I get 1.10 now?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] Stycos commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

Stycos commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1316961140

   Thank you! 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] wangyum commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

wangyum commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1287810903

   @bjornjorgensen +1. Please backport this branch-3.2.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] dongjoon-hyun commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

dongjoon-hyun commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1319552102

   The feature release branches like branch-3.3 will, generally, be maintained with bug fix releases for a period of 18 months. We usually have 3 bug fix releases. Since 3.3.1 on released on Oct 25, 3.3.2 will be February or March 2023.
   
   Apache Spark 3.4.0 preparation is going to happen in the similar timeframe. So, v3.3.2 schedule might be adjusted accordingly.
   
   https://spark.apache.org/versioning-policy.html
   
   ![Screenshot 2022-11-17 at 9 03 13 PM](https://user-images.githubusercontent.com/9700541/202622566-33d8a868-3f98-46a3-9c70-f1b328ff29b8.png)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] dongjoon-hyun commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

dongjoon-hyun commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1316472970

   @Stycos SPARK-40801 is arrived after 3.3.1 release.
   ![Screenshot 2022-11-15 at 11 01 06 PM](https://user-images.githubusercontent.com/9700541/202108275-cea1e11f-c998-42c8-b6af-c3fe2d375d1b.png)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] bjornjorgensen commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

bjornjorgensen commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1319181705

   @vitas I think it is best to ask questions like that on the mailing list 
   https://spark.apache.org/community.html under Mailing lists


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] vitas commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

vitas commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1319168813

   when 3.3.2 comes out?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] wangyum commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

wangyum commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1279703445

   Merged to master and branch-3.3


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] bjornjorgensen commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by "bjornjorgensen (via GitHub)" <gi...@apache.org>.

bjornjorgensen commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1426873208

   @vitas We have a RC 1 at dev@spark.apache.org


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] bjornjorgensen commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

bjornjorgensen commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1287127138

   @dongjoon-hyun and @wangyum this is a [9.8 CRITICAL](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2022-42889&vector=AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H&version=3.1&source=NIST) so yours [are starting to ask if we can get this to other branches](https://issues.apache.org/jira/projects/SPARK/issues/SPARK-40861) 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org

[GitHub] [spark] dongjoon-hyun commented on pull request #38262: [SPARK-40801][BUILD] Upgrade `Apache commons-text` to 1.10

Posted by GitBox <gi...@apache.org>.

dongjoon-hyun commented on PR #38262:
URL: https://github.com/apache/spark/pull/38262#issuecomment-1319545728

   Apache Spark has a pre-defined release cadence, @vitas and @bjornjorgensen .
   - https://spark.apache.org/versioning-policy.html
   
   ![Screenshot 2022-11-17 at 8 56 29 PM](https://user-images.githubusercontent.com/9700541/202620165-e2645b89-dc9f-4529-86f0-eba6d74f42f8.png)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: reviews-unsubscribe@spark.apache.org
For additional commands, e-mail: reviews-help@spark.apache.org