You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pinot.apache.org by GitBox <gi...@apache.org> on 2021/12/10 11:34:46 UTC
[GitHub] [pinot] richardstartin opened a new pull request #7889: update log4j 2 to avoid CVE-2021-44228
richardstartin opened a new pull request #7889:
URL: https://github.com/apache/pinot/pull/7889
[CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) was announced this morning affecting log4j 2 until 2.15.0. I verified that there are no transitive dependencies on older versions of log4j 2:
```
mvn dependency:tree | grep log4j
[INFO] +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | | \- log4j:log4j:jar:1.2.17:compile
[INFO] | +- org.slf4j:slf4j-log4j12:jar:1.7.10:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:compile
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:compile
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:runtime
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:compile
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
[INFO] | | \- log4j:log4j:jar:1.2.17:provided
[INFO] | +- org.slf4j:slf4j-log4j12:jar:1.7.10:provided
[INFO] | +- org.apache.logging.log4j:log4j-slf4j-impl:jar:2.15.0:provided
[INFO] | | +- org.apache.logging.log4j:log4j-api:jar:2.15.0:provided
[INFO] | | \- org.apache.logging.log4j:log4j-core:jar:2.15.0:provided
[INFO] | +- org.apache.logging.log4j:log4j-1.2-api:jar:2.15.0:provided
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org
[GitHub] [pinot] codecov-commenter edited a comment on pull request #7889: update log4j 2 to avoid CVE-2021-44228
Posted by GitBox <gi...@apache.org>.
codecov-commenter edited a comment on pull request #7889:
URL: https://github.com/apache/pinot/pull/7889#issuecomment-990918459
# [Codecov](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#7889](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (11490c6) into [master](https://codecov.io/gh/apache/pinot/commit/24504b32e640a517850e294903e898809c7805fa?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (24504b3) will **decrease** coverage by `6.30%`.
> The diff coverage is `n/a`.
[![Impacted file tree graph](https://codecov.io/gh/apache/pinot/pull/7889/graphs/tree.svg?width=650&height=150&src=pr&token=4ibza2ugkz&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
```diff
@@ Coverage Diff @@
## master #7889 +/- ##
============================================
- Coverage 71.40% 65.09% -6.31%
- Complexity 4081 4082 +1
============================================
Files 1583 1538 -45
Lines 81871 80000 -1871
Branches 12239 12036 -203
============================================
- Hits 58458 52076 -6382
- Misses 19454 24200 +4746
+ Partials 3959 3724 -235
```
| Flag | Coverage Δ | |
|---|---|---|
| integration1 | `?` | |
| integration2 | `?` | |
| unittests1 | `68.46% <ø> (+<0.01%)` | :arrow_up: |
| unittests2 | `14.44% <ø> (+0.01%)` | :arrow_up: |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [...a/org/apache/pinot/common/metrics/MinionMeter.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWV0cmljcy9NaW5pb25NZXRlci5qYXZh) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...g/apache/pinot/common/metrics/ControllerMeter.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWV0cmljcy9Db250cm9sbGVyTWV0ZXIuamF2YQ==) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [.../apache/pinot/common/metrics/BrokerQueryPhase.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWV0cmljcy9Ccm9rZXJRdWVyeVBoYXNlLmphdmE=) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [.../apache/pinot/common/metrics/MinionQueryPhase.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWV0cmljcy9NaW5pb25RdWVyeVBoYXNlLmphdmE=) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...he/pinot/common/messages/SegmentReloadMessage.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWVzc2FnZXMvU2VnbWVudFJlbG9hZE1lc3NhZ2UuamF2YQ==) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...pinot/core/data/manager/realtime/TimerService.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29yZS9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvcGlub3QvY29yZS9kYXRhL21hbmFnZXIvcmVhbHRpbWUvVGltZXJTZXJ2aWNlLmphdmE=) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...pinot/minion/exception/TaskCancelledException.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtbWluaW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9taW5pb24vZXhjZXB0aW9uL1Rhc2tDYW5jZWxsZWRFeGNlcHRpb24uamF2YQ==) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...not/common/exception/HttpErrorStatusException.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vZXhjZXB0aW9uL0h0dHBFcnJvclN0YXR1c0V4Y2VwdGlvbi5qYXZh) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...t/core/startree/plan/StarTreeDocIdSetPlanNode.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29yZS9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvcGlub3QvY29yZS9zdGFydHJlZS9wbGFuL1N0YXJUcmVlRG9jSWRTZXRQbGFuTm9kZS5qYXZh) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...ot/common/restlet/resources/TableMetadataInfo.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vcmVzdGxldC9yZXNvdXJjZXMvVGFibGVNZXRhZGF0YUluZm8uamF2YQ==) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| ... and [355 more](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [24504b3...11490c6](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org
[GitHub] [pinot] codecov-commenter commented on pull request #7889: update log4j 2 to avoid CVE-2021-44228
Posted by GitBox <gi...@apache.org>.
codecov-commenter commented on pull request #7889:
URL: https://github.com/apache/pinot/pull/7889#issuecomment-990918459
# [Codecov](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> Merging [#7889](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (11490c6) into [master](https://codecov.io/gh/apache/pinot/commit/24504b32e640a517850e294903e898809c7805fa?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) (24504b3) will **decrease** coverage by `2.93%`.
> The diff coverage is `n/a`.
[![Impacted file tree graph](https://codecov.io/gh/apache/pinot/pull/7889/graphs/tree.svg?width=650&height=150&src=pr&token=4ibza2ugkz&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
```diff
@@ Coverage Diff @@
## master #7889 +/- ##
============================================
- Coverage 71.40% 68.46% -2.94%
+ Complexity 4081 4002 -79
============================================
Files 1583 1189 -394
Lines 81871 59175 -22696
Branches 12239 9151 -3088
============================================
- Hits 58458 40517 -17941
+ Misses 19454 15792 -3662
+ Partials 3959 2866 -1093
```
| Flag | Coverage Δ | |
|---|---|---|
| integration1 | `?` | |
| integration2 | `?` | |
| unittests1 | `68.46% <ø> (+<0.01%)` | :arrow_up: |
| unittests2 | `?` | |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#carryforward-flags-in-the-pull-request-comment) to find out more.
| [Impacted Files](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | Coverage Δ | |
|---|---|---|
| [...a/org/apache/pinot/common/metrics/MinionMeter.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWV0cmljcy9NaW5pb25NZXRlci5qYXZh) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...g/apache/pinot/common/metrics/ControllerMeter.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWV0cmljcy9Db250cm9sbGVyTWV0ZXIuamF2YQ==) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [.../apache/pinot/common/metrics/BrokerQueryPhase.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWV0cmljcy9Ccm9rZXJRdWVyeVBoYXNlLmphdmE=) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [.../apache/pinot/common/metrics/MinionQueryPhase.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWV0cmljcy9NaW5pb25RdWVyeVBoYXNlLmphdmE=) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...he/pinot/common/messages/SegmentReloadMessage.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vbWVzc2FnZXMvU2VnbWVudFJlbG9hZE1lc3NhZ2UuamF2YQ==) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...pinot/core/data/manager/realtime/TimerService.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29yZS9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvcGlub3QvY29yZS9kYXRhL21hbmFnZXIvcmVhbHRpbWUvVGltZXJTZXJ2aWNlLmphdmE=) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...not/common/exception/HttpErrorStatusException.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vZXhjZXB0aW9uL0h0dHBFcnJvclN0YXR1c0V4Y2VwdGlvbi5qYXZh) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...t/core/startree/plan/StarTreeDocIdSetPlanNode.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29yZS9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvcGlub3QvY29yZS9zdGFydHJlZS9wbGFuL1N0YXJUcmVlRG9jSWRTZXRQbGFuTm9kZS5qYXZh) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [...ot/common/restlet/resources/TableMetadataInfo.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29tbW9uL3NyYy9tYWluL2phdmEvb3JnL2FwYWNoZS9waW5vdC9jb21tb24vcmVzdGxldC9yZXNvdXJjZXMvVGFibGVNZXRhZGF0YUluZm8uamF2YQ==) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| [.../core/startree/plan/StarTreeTransformPlanNode.java](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#diff-cGlub3QtY29yZS9zcmMvbWFpbi9qYXZhL29yZy9hcGFjaGUvcGlub3QvY29yZS9zdGFydHJlZS9wbGFuL1N0YXJUcmVlVHJhbnNmb3JtUGxhbk5vZGUuamF2YQ==) | `0.00% <0.00%> (-100.00%)` | :arrow_down: |
| ... and [598 more](https://codecov.io/gh/apache/pinot/pull/7889/diff?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) | |
------
[Continue to review full report at Codecov](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
> **Legend** - [Click here to learn more](https://docs.codecov.io/docs/codecov-delta?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
> `Δ = absolute <relative> (impact)`, `ø = not affected`, `? = missing data`
> Powered by [Codecov](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=footer&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Last update [24504b3...11490c6](https://codecov.io/gh/apache/pinot/pull/7889?src=pr&el=lastupdated&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation). Read the [comment docs](https://docs.codecov.io/docs/pull-request-comments?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org
[GitHub] [pinot] mayankshriv merged pull request #7889: update log4j 2 to avoid CVE-2021-44228
Posted by GitBox <gi...@apache.org>.
mayankshriv merged pull request #7889:
URL: https://github.com/apache/pinot/pull/7889
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@pinot.apache.org
For additional commands, e-mail: commits-help@pinot.apache.org