You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by xx...@apache.org on 2023/02/27 08:00:54 UTC
[kylin] 14/34: KYLIN-5448 fix snyk vulnerabilities, upgrade jettison from 1.1 to 1.5.2
This is an automated email from the ASF dual-hosted git repository.
xxyu pushed a commit to branch kylin5
in repository https://gitbox.apache.org/repos/asf/kylin.git
commit f25edf0fcaeba68aee5731d582509b57f0ad411d
Author: huangsheng <hu...@163.com>
AuthorDate: Thu Dec 29 10:54:30 2022 +0800
KYLIN-5448 fix snyk vulnerabilities, upgrade jettison from 1.1 to 1.5.2
---
pom.xml | 42 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
diff --git a/pom.xml b/pom.xml
index 4a87ab0a1a..bb4fc4f907 100644
--- a/pom.xml
+++ b/pom.xml
@@ -843,6 +843,10 @@
<version>${hadoop.version}</version>
<scope>provided</scope>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
@@ -946,6 +950,10 @@
<version>${hadoop.version}</version>
<scope>provided</scope>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>log4j</groupId>
<artifactId>*</artifactId>
@@ -981,6 +989,10 @@
<version>${hadoop.version}</version>
<scope>provided</scope>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
@@ -1003,6 +1015,10 @@
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-mapreduce-client-jobclient</artifactId>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>com.sun.jersey</groupId>
<artifactId>*</artifactId>
@@ -1211,6 +1227,10 @@
<groupId>org.apache.hive</groupId>
<artifactId>hive-jdbc</artifactId>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>com.sun.jersey</groupId>
<artifactId>*</artifactId>
@@ -1284,6 +1304,10 @@
<artifactId>hive-hcatalog-core</artifactId>
<version>${hive-hcatalog.version}</version>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>com.twitter</groupId>
<artifactId>parquet-hadoop-bundle</artifactId>
@@ -1589,6 +1613,10 @@
<artifactId>hive-common</artifactId>
<version>${hive.version}</version>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-1.2-api</artifactId>
@@ -1680,6 +1708,10 @@
<artifactId>hive-metastore</artifactId>
<version>${hive.version}</version>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-1.2-api</artifactId>
@@ -1745,6 +1777,10 @@
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-yarn-server-resourcemanager</artifactId>
<exclusions>
+ <exclusion>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ </exclusion>
<exclusion>
<groupId>com.sun.jersey</groupId>
<artifactId>*</artifactId>
@@ -2239,6 +2275,12 @@
<artifactId>opencsv</artifactId>
<version>${opencsv.version}</version>
</dependency>
+ <dependency>
+ <groupId>org.codehaus.jettison</groupId>
+ <artifactId>jettison</artifactId>
+ <version>1.5.2</version>
+ </dependency>
+
<!-- Spring Cloud -->
<dependency>