You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@bookkeeper.apache.org by yo...@apache.org on 2023/06/20 05:51:05 UTC
[bookkeeper] branch branch-4.16 updated (306eaef60d -> d3e4630757)
This is an automated email from the ASF dual-hosted git repository.
yong pushed a change to branch branch-4.16
in repository https://gitbox.apache.org/repos/asf/bookkeeper.git
from 306eaef60d Unify ByteBufAllocator for the DirectIO component (#3985)
new 2038cf4386 Upgrade snappy-java to address multiple CVEs (#3993)
new 9bfb4a921e Upgrade grpc and protobuf to address CVE-2023-32732 (#3992)
new d3e4630757 Make slogger use current class (#3994)
The 3 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../src/main/resources/LICENSE-all.bin.txt | 68 +++++++++++-----------
.../src/main/resources/LICENSE-bkctl.bin.txt | 68 +++++++++++-----------
.../src/main/resources/LICENSE-server.bin.txt | 68 +++++++++++-----------
.../src/main/resources/NOTICE-all.bin.txt | 18 +++---
.../src/main/resources/NOTICE-bkctl.bin.txt | 18 +++---
.../src/main/resources/NOTICE-server.bin.txt | 18 +++---
.../DirectCompactionEntryLog.java | 2 +-
.../directentrylogger/DirectEntryLogger.java | 3 +-
.../storage/directentrylogger/DirectWriter.java | 6 +-
.../{ => directentrylogger}/EntryLogIdsImpl.java | 6 +-
.../bookie/storage/ldb/DbLedgerStorage.java | 2 +-
.../bookie/storage/EntryLogTestUtils.java | 1 +
.../{ => directentrylogger}/TestEntryLogIds.java | 6 +-
.../TestTransactionalEntryLogCompactor.java | 1 -
metadata-drivers/etcd/pom.xml | 8 +++
pom.xml | 8 +--
stream/common/pom.xml | 8 +++
stream/tests-common/pom.xml | 8 +++
18 files changed, 171 insertions(+), 146 deletions(-)
rename bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/{ => directentrylogger}/EntryLogIdsImpl.java (96%)
rename bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/{ => directentrylogger}/TestEntryLogIds.java (98%)
[bookkeeper] 03/03: Make slogger use current class (#3994)
Posted by yo...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
yong pushed a commit to branch branch-4.16
in repository https://gitbox.apache.org/repos/asf/bookkeeper.git
commit d3e46307576b76d38ff87ed901f680204a979d6e
Author: Hang Chen <ch...@apache.org>
AuthorDate: Tue Jun 20 09:10:41 2023 +0800
Make slogger use current class (#3994)
### Motivation
We use Slogger to support DirectIO Entrylogger and create the slogger instance in DbLedgerStorage and passed down to DirectIOEntrylogger. However, in the subclasses, we generate a new Slogger instance without setting the context, which leads to the Slogger instance belonging to DbLedgerStorage or Slf4j. The broker logs are as follows.
```
2023-06-19T15:21:56,518+0800 [main] INFO org.apache.bookkeeper.bookie.storage.ldb.DbLedgerStorage - ENTRYLOG_IDS_CANDIDATES_SELECTED
2023-06-19T15:21:56,561+0800 [main] INFO org.apache.bookkeeper.slogger.slf4j.Slf4jSlogger {directory=data/bookkeeper/ledgers/current, event=ENTRYLOGGER_CREATED, maxCachedReaders=32, maxCachedReadersPerThread=4, maxFileSize=1073741824, maxSaneEntrySize=5252620, perThreadBufferSize=33554432, readBufferSize=8388608, singleWriteBufferSize=33554432, totalReadBufferSize=268435456, totalWriteBufferSize=268435456} - ENTRYLOGGER_CREATED
```
Without the specific slogger instance name, it will be hard to configure a specific class to enable KV logger configuration.
### Modification
Set the specific class context for each subclass slogger instance.
After this change, the broker logs are as follows.
```
2023-06-19T16:01:56,685+0800 [main] INFO org.apache.bookkeeper.bookie.storage.directentrylogger.EntryLogIdsImpl {dirs=[data/bookkeeper/ledgers/current], durationMs=0, event=ENTRYLOG_IDS_CANDIDATES_SELECTED, maxId=21474836
47, nextId=0} - ENTRYLOG_IDS_CANDIDATES_SELECTED
2023-06-19T16:01:56,721+0800 [main] INFO org.apache.bookkeeper.bookie.storage.directentrylogger.DirectEntryLogger {directory=data/bookkeeper/ledgers/current, event=ENTRYLOGGER_CREATED, maxCachedReaders=32, maxCachedReader
sPerThread=4, maxFileSize=1073741824, maxSaneEntrySize=5252620, perThreadBufferSize=33554432, readBufferSize=8388608, singleWriteBufferSize=33554432, totalReadBufferSize=268435456, totalWriteBufferSize=268435456} - ENTRYLO
GGER_CREATED
```
(cherry picked from commit 8085f66ecefbc6159ba3e8cc2fc04ac5dcd56d72)
---
.../bookie/storage/directentrylogger/DirectCompactionEntryLog.java | 2 +-
.../bookie/storage/directentrylogger/DirectEntryLogger.java | 3 +--
.../bookkeeper/bookie/storage/directentrylogger/DirectWriter.java | 6 ++++--
.../bookie/storage/{ => directentrylogger}/EntryLogIdsImpl.java | 6 +++---
.../org/apache/bookkeeper/bookie/storage/ldb/DbLedgerStorage.java | 2 +-
.../org/apache/bookkeeper/bookie/storage/EntryLogTestUtils.java | 1 +
.../bookie/storage/{ => directentrylogger}/TestEntryLogIds.java | 6 +++---
.../directentrylogger/TestTransactionalEntryLogCompactor.java | 1 -
8 files changed, 14 insertions(+), 13 deletions(-)
diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectCompactionEntryLog.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectCompactionEntryLog.java
index fadde648de..58ac98fec5 100644
--- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectCompactionEntryLog.java
+++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectCompactionEntryLog.java
@@ -87,7 +87,7 @@ public abstract class DirectCompactionEntryLog implements CompactionEntryLog {
this.srcLogId = srcLogId;
this.dstLogId = dstLogId;
- this.slog = slog.kv("dstLogId", dstLogId).kv("srcLogId", srcLogId).ctx();
+ this.slog = slog.kv("dstLogId", dstLogId).kv("srcLogId", srcLogId).ctx(DirectCompactionEntryLog.class);
}
@Override
diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectEntryLogger.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectEntryLogger.java
index f5b74d1265..0d2d509598 100644
--- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectEntryLogger.java
+++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectEntryLogger.java
@@ -53,7 +53,6 @@ import org.apache.bookkeeper.bookie.Bookie.NoEntryException;
import org.apache.bookkeeper.bookie.EntryLogMetadata;
import org.apache.bookkeeper.bookie.storage.CompactionEntryLog;
import org.apache.bookkeeper.bookie.storage.EntryLogIds;
-import org.apache.bookkeeper.bookie.storage.EntryLogIdsImpl;
import org.apache.bookkeeper.bookie.storage.EntryLogScanner;
import org.apache.bookkeeper.bookie.storage.EntryLogger;
import org.apache.bookkeeper.common.util.nativeio.NativeIO;
@@ -112,7 +111,7 @@ public class DirectEntryLogger implements EntryLogger {
this.maxSaneEntrySize = maxSaneEntrySize;
this.readBufferSize = Buffer.nextAlignment(readBufferSize);
this.ids = ids;
- this.slog = slogParent.kv("directory", ledgerDir).ctx();
+ this.slog = slogParent.kv("directory", ledgerDir).ctx(DirectEntryLogger.class);
this.stats = new DirectEntryLoggerStats(stats);
diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectWriter.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectWriter.java
index be411982d3..20a3d855b4 100644
--- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectWriter.java
+++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/DirectWriter.java
@@ -45,6 +45,7 @@ class DirectWriter implements LogWriter {
final ExecutorService writeExecutor;
final Object bufferLock = new Object();
final List<Future<?>> outstandingWrites = new ArrayList<Future<?>>();
+ final Slogger slog;
Buffer nativeBuffer;
long offset;
private static volatile boolean useFallocate = true;
@@ -60,6 +61,7 @@ class DirectWriter implements LogWriter {
this.filename = filename;
this.writeExecutor = writeExecutor;
this.nativeIO = nativeIO;
+ this.slog = slog.ctx(DirectWriter.class);
offset = 0;
@@ -76,7 +78,7 @@ class DirectWriter implements LogWriter {
if (useFallocate) {
if (!SystemUtils.IS_OS_LINUX) {
disableUseFallocate();
- slog.warn(Events.FALLOCATE_NOT_AVAILABLE);
+ this.slog.warn(Events.FALLOCATE_NOT_AVAILABLE);
} else {
try {
int ret = nativeIO.fallocate(fd, NativeIO.FALLOC_FL_ZERO_RANGE, 0, maxFileSize);
@@ -85,7 +87,7 @@ class DirectWriter implements LogWriter {
// fallocate(2) is not supported on all filesystems. Since this is an optimization, disable
// subsequent usage instead of failing the operation.
disableUseFallocate();
- slog.kv("message", ex.getMessage())
+ this.slog.kv("message", ex.getMessage())
.kv("file", filename)
.kv("errno", ex.getErrno())
.warn(Events.FALLOCATE_NOT_AVAILABLE);
diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/EntryLogIdsImpl.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/EntryLogIdsImpl.java
similarity index 96%
rename from bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/EntryLogIdsImpl.java
rename to bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/EntryLogIdsImpl.java
index 704d07ed6c..6b43fca47a 100644
--- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/EntryLogIdsImpl.java
+++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/directentrylogger/EntryLogIdsImpl.java
@@ -18,7 +18,7 @@
* under the License.
*
*/
-package org.apache.bookkeeper.bookie.storage;
+package org.apache.bookkeeper.bookie.storage.directentrylogger;
import java.io.File;
import java.io.IOException;
@@ -29,7 +29,7 @@ import java.util.concurrent.TimeUnit;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.bookkeeper.bookie.LedgerDirsManager;
-import org.apache.bookkeeper.bookie.storage.directentrylogger.Events;
+import org.apache.bookkeeper.bookie.storage.EntryLogIds;
import org.apache.bookkeeper.slogger.Slogger;
import org.apache.commons.lang3.tuple.Pair;
/**
@@ -48,7 +48,7 @@ public class EntryLogIdsImpl implements EntryLogIds {
public EntryLogIdsImpl(LedgerDirsManager ledgerDirsManager,
Slogger slog) throws IOException {
this.ledgerDirsManager = ledgerDirsManager;
- this.slog = slog;
+ this.slog = slog.ctx(EntryLogIdsImpl.class);
findLargestGap();
}
diff --git a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/ldb/DbLedgerStorage.java b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/ldb/DbLedgerStorage.java
index ce9e8370ea..5b28332591 100644
--- a/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/ldb/DbLedgerStorage.java
+++ b/bookkeeper-server/src/main/java/org/apache/bookkeeper/bookie/storage/ldb/DbLedgerStorage.java
@@ -54,9 +54,9 @@ import org.apache.bookkeeper.bookie.LedgerCache;
import org.apache.bookkeeper.bookie.LedgerDirsManager;
import org.apache.bookkeeper.bookie.LedgerStorage;
import org.apache.bookkeeper.bookie.StateManager;
-import org.apache.bookkeeper.bookie.storage.EntryLogIdsImpl;
import org.apache.bookkeeper.bookie.storage.EntryLogger;
import org.apache.bookkeeper.bookie.storage.directentrylogger.DirectEntryLogger;
+import org.apache.bookkeeper.bookie.storage.directentrylogger.EntryLogIdsImpl;
import org.apache.bookkeeper.bookie.storage.ldb.KeyValueStorageFactory.DbConfigType;
import org.apache.bookkeeper.bookie.storage.ldb.SingleDirectoryDbLedgerStorage.LedgerLoggerProcessor;
import org.apache.bookkeeper.common.util.MathUtils;
diff --git a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/EntryLogTestUtils.java b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/EntryLogTestUtils.java
index 8fa4bb9f84..f88e3883af 100644
--- a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/EntryLogTestUtils.java
+++ b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/EntryLogTestUtils.java
@@ -32,6 +32,7 @@ import java.util.Arrays;
import org.apache.bookkeeper.bookie.DefaultEntryLogger;
import org.apache.bookkeeper.bookie.LedgerDirsManager;
import org.apache.bookkeeper.bookie.storage.directentrylogger.DirectEntryLogger;
+import org.apache.bookkeeper.bookie.storage.directentrylogger.EntryLogIdsImpl;
import org.apache.bookkeeper.common.util.nativeio.NativeIOImpl;
import org.apache.bookkeeper.conf.ServerConfiguration;
import org.apache.bookkeeper.slogger.Slogger;
diff --git a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/TestEntryLogIds.java b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/directentrylogger/TestEntryLogIds.java
similarity index 98%
rename from bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/TestEntryLogIds.java
rename to bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/directentrylogger/TestEntryLogIds.java
index 8b0d7f68bd..787a0514be 100644
--- a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/TestEntryLogIds.java
+++ b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/directentrylogger/TestEntryLogIds.java
@@ -18,7 +18,7 @@
* under the License.
*
*/
-package org.apache.bookkeeper.bookie.storage;
+package org.apache.bookkeeper.bookie.storage.directentrylogger;
import static org.apache.bookkeeper.bookie.storage.EntryLogTestUtils.logIdFromLocation;
import static org.apache.bookkeeper.bookie.storage.EntryLogTestUtils.makeEntry;
@@ -33,8 +33,8 @@ import com.google.common.collect.Lists;
import io.netty.buffer.ByteBuf;
import java.io.File;
import org.apache.bookkeeper.bookie.LedgerDirsManager;
-import org.apache.bookkeeper.bookie.storage.directentrylogger.DirectCompactionEntryLog;
-import org.apache.bookkeeper.bookie.storage.directentrylogger.DirectEntryLogger;
+import org.apache.bookkeeper.bookie.storage.EntryLogIds;
+import org.apache.bookkeeper.bookie.storage.EntryLogger;
import org.apache.bookkeeper.slogger.Slogger;
import org.apache.bookkeeper.test.TmpDirs;
import org.apache.commons.lang3.tuple.Pair;
diff --git a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/directentrylogger/TestTransactionalEntryLogCompactor.java b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/directentrylogger/TestTransactionalEntryLogCompactor.java
index db79988af3..86d760d459 100644
--- a/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/directentrylogger/TestTransactionalEntryLogCompactor.java
+++ b/bookkeeper-server/src/test/java/org/apache/bookkeeper/bookie/storage/directentrylogger/TestTransactionalEntryLogCompactor.java
@@ -49,7 +49,6 @@ import org.apache.bookkeeper.bookie.EntryLogMetadata;
import org.apache.bookkeeper.bookie.MockLedgerStorage;
import org.apache.bookkeeper.bookie.TransactionalEntryLogCompactor;
import org.apache.bookkeeper.bookie.storage.CompactionEntryLog;
-import org.apache.bookkeeper.bookie.storage.EntryLogIdsImpl;
import org.apache.bookkeeper.bookie.storage.EntryLogScanner;
import org.apache.bookkeeper.bookie.storage.EntryLogger;
import org.apache.bookkeeper.common.util.nativeio.NativeIOImpl;
[bookkeeper] 02/03: Upgrade grpc and protobuf to address CVE-2023-32732 (#3992)
Posted by yo...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
yong pushed a commit to branch branch-4.16
in repository https://gitbox.apache.org/repos/asf/bookkeeper.git
commit 9bfb4a921e8fd13f02af926dd7e23e8455839a7a
Author: Lari Hotari <lh...@users.noreply.github.com>
AuthorDate: Tue Jun 20 06:33:49 2023 +0300
Upgrade grpc and protobuf to address CVE-2023-32732 (#3992)
### Motivation
OWASP dependency check fails because of CVE-2023-32732 in grpc.
### Changes
* Upgrade grpc to 1.56.0
* Upgrade protobuf to 3.22.3 to match the version used in grpc 1.56.0
* Upgrade other grpc/protobuf related libs
(cherry picked from commit e188ed82d39705132a2b4848a240dc60c50cd72b)
---
.../src/main/resources/LICENSE-all.bin.txt | 64 +++++++++++-----------
.../src/main/resources/LICENSE-bkctl.bin.txt | 64 +++++++++++-----------
.../src/main/resources/LICENSE-server.bin.txt | 64 +++++++++++-----------
.../src/main/resources/NOTICE-all.bin.txt | 18 +++---
.../src/main/resources/NOTICE-bkctl.bin.txt | 18 +++---
.../src/main/resources/NOTICE-server.bin.txt | 18 +++---
metadata-drivers/etcd/pom.xml | 8 +++
pom.xml | 6 +-
stream/common/pom.xml | 8 +++
stream/tests-common/pom.xml | 8 +++
10 files changed, 150 insertions(+), 126 deletions(-)
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
index 3b5f140ed3..ba837481ab 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
@@ -275,26 +275,26 @@ Apache Software License, Version 2.
- lib/com.yahoo.datasketches-memory-0.8.3.jar [25]
- lib/com.yahoo.datasketches-sketches-core-0.8.3.jar [25]
- lib/net.jpountz.lz4-lz4-1.3.0.jar [26]
-- lib/com.google.api.grpc-proto-google-common-protos-2.0.1.jar [28]
-- lib/com.google.code.gson-gson-2.9.0.jar [29]
+- lib/com.google.api.grpc-proto-google-common-protos-2.17.0.jar [28]
+- lib/com.google.code.gson-gson-2.10.1.jar [29]
- lib/io.opencensus-opencensus-api-0.28.0.jar [30]
- lib/io.opencensus-opencensus-contrib-http-util-0.28.0.jar [30]
- lib/io.opencensus-opencensus-proto-0.2.0.jar [30]
-- lib/io.grpc-grpc-all-1.47.0.jar [33]
-- lib/io.grpc-grpc-alts-1.47.0.jar [33]
-- lib/io.grpc-grpc-api-1.47.0.jar [33]
-- lib/io.grpc-grpc-auth-1.47.0.jar [33]
-- lib/io.grpc-grpc-context-1.47.0.jar [33]
-- lib/io.grpc-grpc-core-1.47.0.jar [33]
-- lib/io.grpc-grpc-grpclb-1.47.0.jar [33]
-- lib/io.grpc-grpc-netty-1.47.0.jar [33]
-- lib/io.grpc-grpc-protobuf-1.47.0.jar [33]
-- lib/io.grpc-grpc-protobuf-lite-1.47.0.jar [33]
-- lib/io.grpc-grpc-services-1.47.0.jar [33]
-- lib/io.grpc-grpc-stub-1.47.0.jar [33]
-- lib/io.grpc-grpc-testing-1.47.0.jar [33]
-- lib/io.grpc-grpc-xds-1.47.0.jar [33]
-- lib/io.grpc-grpc-rls-1.47.0.jar[33]
+- lib/io.grpc-grpc-all-1.56.0.jar [33]
+- lib/io.grpc-grpc-alts-1.56.0.jar [33]
+- lib/io.grpc-grpc-api-1.56.0.jar [33]
+- lib/io.grpc-grpc-auth-1.56.0.jar [33]
+- lib/io.grpc-grpc-context-1.56.0.jar [33]
+- lib/io.grpc-grpc-core-1.56.0.jar [33]
+- lib/io.grpc-grpc-grpclb-1.56.0.jar [33]
+- lib/io.grpc-grpc-netty-1.56.0.jar [33]
+- lib/io.grpc-grpc-protobuf-1.56.0.jar [33]
+- lib/io.grpc-grpc-protobuf-lite-1.56.0.jar [33]
+- lib/io.grpc-grpc-services-1.56.0.jar [33]
+- lib/io.grpc-grpc-stub-1.56.0.jar [33]
+- lib/io.grpc-grpc-testing-1.56.0.jar [33]
+- lib/io.grpc-grpc-xds-1.56.0.jar [33]
+- lib/io.grpc-grpc-rls-1.56.0.jar[33]
- lib/org.apache.curator-curator-client-5.1.0.jar [34]
- lib/org.apache.curator-curator-framework-5.1.0.jar [34]
- lib/org.apache.curator-curator-recipes-5.1.0.jar [34]
@@ -308,15 +308,15 @@ Apache Software License, Version 2.
- lib/com.google.android-annotations-4.1.1.4.jar [42]
- lib/com.google.http-client-google-http-client-1.41.0.jar [43]
- lib/com.google.http-client-google-http-client-gson-1.41.0.jar [43]
-- lib/com.google.auto.value-auto-value-annotations-1.9.jar [44]
+- lib/com.google.auto.value-auto-value-annotations-1.10.1.jar [44]
- lib/com.google.j2objc-j2objc-annotations-1.3.jar [45]
-- lib/com.google.re2j-re2j-1.5.jar [46]
+- lib/com.google.re2j-re2j-1.7.jar [46]
- lib/io.dropwizard.metrics-metrics-core-4.1.12.1.jar [47]
- lib/io.dropwizard.metrics-metrics-graphite-4.1.12.1.jar [47]
- lib/io.dropwizard.metrics-metrics-jmx-4.1.12.1.jar [47]
- lib/io.dropwizard.metrics-metrics-jvm-4.1.12.1.jar [47]
-- lib/io.perfmark-perfmark-api-0.25.0.jar [48]
-- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.1.jar [49]
+- lib/io.perfmark-perfmark-api-0.26.0.jar [48]
+- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.2.jar [49]
- lib/org.xerial.snappy-snappy-java-1.1.10.1.jar [50]
- lib/io.reactivex.rxjava3-rxjava-3.0.1.jar [51]
- lib/org.hdrhistogram-HdrHistogram-2.1.10.jar [52]
@@ -347,10 +347,10 @@ Apache Software License, Version 2.
[24] Source available at https://github.com/cbeust/jcommander/tree/1.82
[25] Source available at https://github.com/DataSketches/sketches-core/tree/sketches-0.8.3
[26] Source available at https://github.com/lz4/lz4-java/tree/1.3.0
-[28] Source available at https://github.com/googleapis/java-common-protos/tree/v2.0.1
-[29] Source available at https://github.com/google/gson/tree/gson-parent-2.9.0
+[28] Source available at https://github.com/googleapis/java-common-protos/tree/v2.17.0
+[29] Source available at https://github.com/google/gson/tree/gson-parent-2.10.1
[30] Source available at https://github.com/census-instrumentation/opencensus-java/tree/v0.28.0
-[33] Source available at https://github.com/grpc/grpc-java/tree/v1.47.0
+[33] Source available at https://github.com/grpc/grpc-java/tree/v1.56.0
[34] Source available at https://github.com/apache/curator/releases/tag/apache.curator-5.1.0
[35] Source available at https://github.com/inferred/FreeBuilder/tree/v2.7.0
[36] Source available at https://github.com/google/error-prone/tree/v2.9.0
@@ -361,12 +361,12 @@ Apache Software License, Version 2.
[41] Source available at https://github.com/apache/thrift/tree/0.14.2
[42] Source available at https://source.android.com/
[43] Source available at https://github.com/googleapis/google-http-java-client/releases/tag/v1.41.0
-[44] Source available at https://github.com/google/auto/releases/tag/auto-value-1.9
+[44] Source available at https://github.com/google/auto/releases/tag/auto-value-1.10.1
[45] Source available at https://github.com/google/j2objc/releases/tag/1.3
-[46] Source available at https://github.com/google/re2j/releases/tag/re2j-1.5
+[46] Source available at https://github.com/google/re2j/releases/tag/re2j-1.7
[47] Source available at https://github.com/dropwizard/metrics/releases/tag/v4.1.12.1
-[48] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.25.0
-[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.1
+[48] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.26.0
+[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.2
[50] Source available at https://github.com/xerial/snappy-java/releases/tag/v1.1.10.1
[51] Source available at https://github.com/ReactiveX/RxJava/tree/v3.0.1
[52] Source available at https://github.com/HdrHistogram/HdrHistogram/tree/HdrHistogram-2.1.10
@@ -641,13 +641,13 @@ This product bundles Google Protocol Buffers, which is available under a "3-clau
license.
Bundled as
- - lib/com.google.protobuf-protobuf-java-3.19.6.jar
-Source available at https://github.com/google/protobuf/tree/v3.19.6
+ - lib/com.google.protobuf-protobuf-java-3.22.3.jar
+Source available at https://github.com/google/protobuf/tree/v3.22.3
For details, see deps/protobuf-3.14.0/LICENSE.
Bundled as
- - lib/com.google.protobuf-protobuf-java-util-3.19.6.jar
-Source available at https://github.com/protocolbuffers/protobuf/tree/v3.19.6
+ - lib/com.google.protobuf-protobuf-java-util-3.22.3.jar
+Source available at https://github.com/protocolbuffers/protobuf/tree/v3.22.3
For details, see deps/protobuf-3.12.0/LICENSE.
------------------------------------------------------------------------------------
This product bundles the JCP Standard Java Servlet API, which is available under a
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
index b31351645f..67897da947 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
@@ -250,26 +250,26 @@ Apache Software License, Version 2.
- lib/org.apache.zookeeper-zookeeper-3.8.1-tests.jar [20]
- lib/com.beust-jcommander-1.82.jar [23]
- lib/net.jpountz.lz4-lz4-1.3.0.jar [25]
-- lib/com.google.api.grpc-proto-google-common-protos-2.0.1.jar [27]
-- lib/com.google.code.gson-gson-2.9.0.jar [28]
+- lib/com.google.api.grpc-proto-google-common-protos-2.17.0.jar [27]
+- lib/com.google.code.gson-gson-2.10.1.jar [28]
- lib/io.opencensus-opencensus-api-0.28.0.jar [29]
- lib/io.opencensus-opencensus-contrib-http-util-0.28.0.jar [29]
- lib/io.opencensus-opencensus-proto-0.2.0.jar [29]
-- lib/io.grpc-grpc-all-1.47.0.jar [32]
-- lib/io.grpc-grpc-alts-1.47.0.jar [32]
-- lib/io.grpc-grpc-api-1.47.0.jar [32]
-- lib/io.grpc-grpc-auth-1.47.0.jar [32]
-- lib/io.grpc-grpc-context-1.47.0.jar [32]
-- lib/io.grpc-grpc-core-1.47.0.jar [32]
-- lib/io.grpc-grpc-grpclb-1.47.0.jar [32]
-- lib/io.grpc-grpc-netty-1.47.0.jar [32]
-- lib/io.grpc-grpc-protobuf-1.47.0.jar [32]
-- lib/io.grpc-grpc-protobuf-lite-1.47.0.jar [32]
-- lib/io.grpc-grpc-services-1.47.0.jar [32]
-- lib/io.grpc-grpc-stub-1.47.0.jar [32]
-- lib/io.grpc-grpc-testing-1.47.0.jar [32]
-- lib/io.grpc-grpc-xds-1.47.0.jar [32]
-- lib/io.grpc-grpc-rls-1.47.0.jar[32]
+- lib/io.grpc-grpc-all-1.56.0.jar [32]
+- lib/io.grpc-grpc-alts-1.56.0.jar [32]
+- lib/io.grpc-grpc-api-1.56.0.jar [32]
+- lib/io.grpc-grpc-auth-1.56.0.jar [32]
+- lib/io.grpc-grpc-context-1.56.0.jar [32]
+- lib/io.grpc-grpc-core-1.56.0.jar [32]
+- lib/io.grpc-grpc-grpclb-1.56.0.jar [32]
+- lib/io.grpc-grpc-netty-1.56.0.jar [32]
+- lib/io.grpc-grpc-protobuf-1.56.0.jar [32]
+- lib/io.grpc-grpc-protobuf-lite-1.56.0.jar [32]
+- lib/io.grpc-grpc-services-1.56.0.jar [32]
+- lib/io.grpc-grpc-stub-1.56.0.jar [32]
+- lib/io.grpc-grpc-testing-1.56.0.jar [32]
+- lib/io.grpc-grpc-xds-1.56.0.jar [32]
+- lib/io.grpc-grpc-rls-1.56.0.jar[32]
- lib/org.apache.curator-curator-client-5.1.0.jar [33]
- lib/org.apache.curator-curator-framework-5.1.0.jar [33]
- lib/org.apache.curator-curator-recipes-5.1.0.jar [33]
@@ -281,14 +281,14 @@ Apache Software License, Version 2.
- lib/org.apache.httpcomponents-httpcore-4.4.15.jar [39]
- lib/org.apache.thrift-libthrift-0.14.2.jar [40]
- lib/com.google.android-annotations-4.1.1.4.jar [41]
-- lib/com.google.auto.value-auto-value-annotations-1.9.jar [42]
+- lib/com.google.auto.value-auto-value-annotations-1.10.1.jar [42]
- lib/com.google.http-client-google-http-client-1.41.0.jar [43]
- lib/com.google.http-client-google-http-client-gson-1.41.0.jar [43]
- lib/com.google.j2objc-j2objc-annotations-1.3.jar [44]
-- lib/com.google.re2j-re2j-1.5.jar [45]
+- lib/com.google.re2j-re2j-1.7.jar [45]
- lib/io.dropwizard.metrics-metrics-core-4.1.12.1.jar [46]
-- lib/io.perfmark-perfmark-api-0.25.0.jar [47]
-- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.1.jar [49]
+- lib/io.perfmark-perfmark-api-0.26.0.jar [47]
+- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.2.jar [49]
- lib/org.xerial.snappy-snappy-java-1.1.10.1.jar [50]
- lib/io.reactivex.rxjava3-rxjava-3.0.1.jar [51]
- lib/com.carrotsearch-hppc-0.9.1.jar [52]
@@ -310,10 +310,10 @@ Apache Software License, Version 2.
[20] Source available at https://github.com/apache/zookeeper/tree/release-3.8.0
[23] Source available at https://github.com/cbeust/jcommander/tree/1.82
[25] Source available at https://github.com/lz4/lz4-java/tree/1.3.0
-[27] Source available at https://github.com/googleapis/java-common-protos/tree/v2.0.1
-[28] Source available at https://github.com/google/gson/tree/gson-parent-2.9.0
+[27] Source available at https://github.com/googleapis/java-common-protos/tree/v2.17.0
+[28] Source available at https://github.com/google/gson/tree/gson-parent-2.10.1
[29] Source available at https://github.com/census-instrumentation/opencensus-java/tree/v0.28.0
-[32] Source available at https://github.com/grpc/grpc-java/tree/v1.47.0
+[32] Source available at https://github.com/grpc/grpc-java/tree/v1.56.0
[33] Source available at https://github.com/apache/curator/tree/apache-curator-5.1.0
[34] Source available at https://github.com/inferred/FreeBuilder/tree/v2.7.0
[35] Source available at https://github.com/google/error-prone/tree/v2.9.0
@@ -323,13 +323,13 @@ Apache Software License, Version 2.
[39] Source available at https://github.com/apache/httpcomponents-core/tree/rel/v4.4.15
[40] Source available at https://github.com/apache/thrift/tree/0.14.2
[41] Source available at https://source.android.com/
-[42] Source available at https://github.com/google/auto/releases/tag/auto-value-1.9
+[42] Source available at https://github.com/google/auto/releases/tag/auto-value-1.10.1
[43] Source available at https://github.com/googleapis/google-http-java-client/releases/tag/v1.41.0
[44] Source available at https://github.com/google/j2objc/releases/tag/1.3
-[45] Source available at https://github.com/google/re2j/releases/tag/re2j-1.5
+[45] Source available at https://github.com/google/re2j/releases/tag/re2j-1.7
[46] Source available at https://github.com/dropwizard/metrics/releases/tag/v4.1.12.1
-[47] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.25.0
-[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.1
+[47] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.26.0
+[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.2
[50] Source available at https://github.com/xerial/snappy-java/releases/tag/v1.1.10.1
[51] Source available at https://github.com/ReactiveX/RxJava/tree/v3.0.1
[52] Source available at https://github.com/carrotsearch/hppc/tree/0.9.1
@@ -566,13 +566,13 @@ This product bundles Google Protocol Buffers, which is available under a "3-clau
license.
Bundled as
- - lib/com.google.protobuf-protobuf-java-3.19.6.jar
-Source available at https://github.com/google/protobuf/tree/v3.19.6
+ - lib/com.google.protobuf-protobuf-java-3.22.3.jar
+Source available at https://github.com/google/protobuf/tree/v3.22.3
For details, see deps/protobuf-3.14.0/LICENSE.
Bundled as
- - lib/com.google.protobuf-protobuf-java-util-3.19.6.jar
-Source available at https://github.com/protocolbuffers/protobuf/tree/v3.19.6
+ - lib/com.google.protobuf-protobuf-java-util-3.22.3.jar
+Source available at https://github.com/protocolbuffers/protobuf/tree/v3.22.3
For details, see deps/protobuf-3.12.0/LICENSE.
------------------------------------------------------------------------------------
This product bundles Simple Logging Facade for Java, which is available under a
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
index b26219b582..4c430e8515 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
@@ -275,26 +275,26 @@ Apache Software License, Version 2.
- lib/com.yahoo.datasketches-memory-0.8.3.jar [25]
- lib/com.yahoo.datasketches-sketches-core-0.8.3.jar [25]
- lib/net.jpountz.lz4-lz4-1.3.0.jar [26]
-- lib/com.google.api.grpc-proto-google-common-protos-2.0.1.jar [28]
-- lib/com.google.code.gson-gson-2.9.0.jar [29]
+- lib/com.google.api.grpc-proto-google-common-protos-2.17.0.jar [28]
+- lib/com.google.code.gson-gson-2.10.1.jar [29]
- lib/io.opencensus-opencensus-api-0.28.0.jar [30]
- lib/io.opencensus-opencensus-contrib-http-util-0.28.0.jar [30]
- lib/io.opencensus-opencensus-proto-0.2.0.jar [30]
-- lib/io.grpc-grpc-all-1.47.0.jar [33]
-- lib/io.grpc-grpc-alts-1.47.0.jar [33]
-- lib/io.grpc-grpc-api-1.47.0.jar [33]
-- lib/io.grpc-grpc-auth-1.47.0.jar [33]
-- lib/io.grpc-grpc-context-1.47.0.jar [33]
-- lib/io.grpc-grpc-core-1.47.0.jar [33]
-- lib/io.grpc-grpc-grpclb-1.47.0.jar [33]
-- lib/io.grpc-grpc-netty-1.47.0.jar [33]
-- lib/io.grpc-grpc-protobuf-1.47.0.jar [33]
-- lib/io.grpc-grpc-protobuf-lite-1.47.0.jar [33]
-- lib/io.grpc-grpc-services-1.47.0.jar [33]
-- lib/io.grpc-grpc-stub-1.47.0.jar [33]
-- lib/io.grpc-grpc-testing-1.47.0.jar [33]
-- lib/io.grpc-grpc-xds-1.47.0.jar [33]
-- lib/io.grpc-grpc-rls-1.47.0.jar[33]
+- lib/io.grpc-grpc-all-1.56.0.jar [33]
+- lib/io.grpc-grpc-alts-1.56.0.jar [33]
+- lib/io.grpc-grpc-api-1.56.0.jar [33]
+- lib/io.grpc-grpc-auth-1.56.0.jar [33]
+- lib/io.grpc-grpc-context-1.56.0.jar [33]
+- lib/io.grpc-grpc-core-1.56.0.jar [33]
+- lib/io.grpc-grpc-grpclb-1.56.0.jar [33]
+- lib/io.grpc-grpc-netty-1.56.0.jar [33]
+- lib/io.grpc-grpc-protobuf-1.56.0.jar [33]
+- lib/io.grpc-grpc-protobuf-lite-1.56.0.jar [33]
+- lib/io.grpc-grpc-services-1.56.0.jar [33]
+- lib/io.grpc-grpc-stub-1.56.0.jar [33]
+- lib/io.grpc-grpc-testing-1.56.0.jar [33]
+- lib/io.grpc-grpc-xds-1.56.0.jar [33]
+- lib/io.grpc-grpc-rls-1.56.0.jar[33]
- lib/org.apache.curator-curator-client-5.1.0.jar [34]
- lib/org.apache.curator-curator-framework-5.1.0.jar [34]
- lib/org.apache.curator-curator-recipes-5.1.0.jar [34]
@@ -308,12 +308,12 @@ Apache Software License, Version 2.
- lib/com.google.android-annotations-4.1.1.4.jar [42]
- lib/com.google.http-client-google-http-client-1.41.0.jar [43]
- lib/com.google.http-client-google-http-client-gson-1.41.0.jar [43]
-- lib/com.google.auto.value-auto-value-annotations-1.9.jar [44]
+- lib/com.google.auto.value-auto-value-annotations-1.10.1.jar [44]
- lib/com.google.j2objc-j2objc-annotations-1.3.jar [45]
-- lib/com.google.re2j-re2j-1.5.jar [46]
+- lib/com.google.re2j-re2j-1.7.jar [46]
- lib/io.dropwizard.metrics-metrics-core-4.1.12.1.jar [47]
-- lib/io.perfmark-perfmark-api-0.25.0.jar [48]
-- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.1.jar [49]
+- lib/io.perfmark-perfmark-api-0.26.0.jar [48]
+- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.2.jar [49]
- lib/org.xerial.snappy-snappy-java-1.1.10.1.jar [50]
- lib/io.reactivex.rxjava3-rxjava-3.0.1.jar [51]
- lib/com.carrotsearch-hppc-0.9.1.jar [52]
@@ -343,10 +343,10 @@ Apache Software License, Version 2.
[24] Source available at https://github.com/cbeust/jcommander/tree/1.82
[25] Source available at https://github.com/DataSketches/sketches-core/tree/sketches-0.8.3
[26] Source available at https://github.com/lz4/lz4-java/tree/1.3.0
-[28] Source available at https://github.com/googleapis/java-common-protos/tree/v2.0.1
-[29] Source available at https://github.com/google/gson/tree/gson-parent-2.9.0
+[28] Source available at https://github.com/googleapis/java-common-protos/tree/v2.17.0
+[29] Source available at https://github.com/google/gson/tree/gson-parent-2.10.1
[30] Source available at https://github.com/census-instrumentation/opencensus-java/tree/v0.28.0
-[33] Source available at https://github.com/grpc/grpc-java/tree/v1.47.0
+[33] Source available at https://github.com/grpc/grpc-java/tree/v1.56.0
[34] Source available at https://github.com/apache/curator/releases/tag/apache.curator-5.1.0
[35] Source available at https://github.com/inferred/FreeBuilder/tree/v2.7.0
[36] Source available at https://github.com/google/error-prone/tree/v2.9.0
@@ -357,12 +357,12 @@ Apache Software License, Version 2.
[41] Source available at https://github.com/apache/thrift/tree/0.14.2
[42] Source available at https://source.android.com/
[43] Source available at https://github.com/googleapis/google-http-java-client/releases/tag/v1.41.0
-[44] Source available at https://github.com/google/auto/releases/tag/auto-value-1.9
+[44] Source available at https://github.com/google/auto/releases/tag/auto-value-1.10.1
[45] Source available at https://github.com/google/j2objc/releases/tag/1.3
-[46] Source available at https://github.com/google/re2j/releases/tag/re2j-1.5
+[46] Source available at https://github.com/google/re2j/releases/tag/re2j-1.7
[47] Source available at https://github.com/dropwizard/metrics/releases/tag/v4.1.12.1
-[48] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.25.0
-[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.1
+[48] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.26.0
+[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.2
[50] Source available at https://github.com/xerial/snappy-java/releases/tag/v1.1.10.1
[51] Source available at https://github.com/ReactiveX/RxJava/tree/v3.0.1
[52] Source available at https://github.com/carrotsearch/hppc/tree/0.9.1
@@ -630,13 +630,13 @@ This product bundles Google Protocol Buffers, which is available under a "3-clau
license.
Bundled as
- - lib/com.google.protobuf-protobuf-java-3.19.6.jar
-Source available at https://github.com/google/protobuf/tree/v3.19.6
+ - lib/com.google.protobuf-protobuf-java-3.22.3.jar
+Source available at https://github.com/google/protobuf/tree/v3.22.3
For details, see deps/protobuf-3.14.0/LICENSE.
Bundled as
- - lib/com.google.protobuf-protobuf-java-util-3.19.6.jar
-Source available at https://github.com/protocolbuffers/protobuf/tree/v3.19.6
+ - lib/com.google.protobuf-protobuf-java-util-3.22.3.jar
+Source available at https://github.com/protocolbuffers/protobuf/tree/v3.22.3
For details, see deps/protobuf-3.12.0/LICENSE.
------------------------------------------------------------------------------------
This product bundles the JCP Standard Java Servlet API, which is available under a
diff --git a/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt b/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
index 0d630af6a5..01ceaf80c6 100644
--- a/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
+++ b/bookkeeper-dist/src/main/resources/NOTICE-all.bin.txt
@@ -134,15 +134,15 @@ granted provided that the copyright notice appears in all copies.
Copyright 2010 Cedric Beust cedric@beust.com
------------------------------------------------------------------------------------
-- lib/io.grpc-grpc-all-1.47.0.jar
-- lib/io.grpc-grpc-auth-1.47.0.jar
-- lib/io.grpc-grpc-context-1.47.0.jar
-- lib/io.grpc-grpc-core-1.47.0.jar
-- lib/io.grpc-grpc-netty-1.47.0.jar
-- lib/io.grpc-grpc-protobuf-1.47.0.jar
-- lib/io.grpc-grpc-protobuf-lite-1.47.0.jar
-- lib/io.grpc-grpc-stub-1.47.0.jar
-- lib/io.grpc-grpc-testing-1.47.0.jar
+- lib/io.grpc-grpc-all-1.56.0.jar
+- lib/io.grpc-grpc-auth-1.56.0.jar
+- lib/io.grpc-grpc-context-1.56.0.jar
+- lib/io.grpc-grpc-core-1.56.0.jar
+- lib/io.grpc-grpc-netty-1.56.0.jar
+- lib/io.grpc-grpc-protobuf-1.56.0.jar
+- lib/io.grpc-grpc-protobuf-lite-1.56.0.jar
+- lib/io.grpc-grpc-stub-1.56.0.jar
+- lib/io.grpc-grpc-testing-1.56.0.jar
Copyright 2014, gRPC Authors All rights reserved.
diff --git a/bookkeeper-dist/src/main/resources/NOTICE-bkctl.bin.txt b/bookkeeper-dist/src/main/resources/NOTICE-bkctl.bin.txt
index 292620d1b0..e4c1a03a8a 100644
--- a/bookkeeper-dist/src/main/resources/NOTICE-bkctl.bin.txt
+++ b/bookkeeper-dist/src/main/resources/NOTICE-bkctl.bin.txt
@@ -56,15 +56,15 @@ under the License.
Copyright 2010 Cedric Beust cedric@beust.com
------------------------------------------------------------------------------------
-- lib/io.grpc-grpc-all-1.47.0.jar
-- lib/io.grpc-grpc-auth-1.47.0.jar
-- lib/io.grpc-grpc-context-1.47.0.jar
-- lib/io.grpc-grpc-core-1.47.0.jar
-- lib/io.grpc-grpc-netty-1.47.0.jar
-- lib/io.grpc-grpc-protobuf-1.47.0.jar
-- lib/io.grpc-grpc-protobuf-lite-1.47.0.jar
-- lib/io.grpc-grpc-stub-1.47.0.jar
-- lib/io.grpc-grpc-testing-1.47.0.jar
+- lib/io.grpc-grpc-all-1.56.0.jar
+- lib/io.grpc-grpc-auth-1.56.0.jar
+- lib/io.grpc-grpc-context-1.56.0.jar
+- lib/io.grpc-grpc-core-1.56.0.jar
+- lib/io.grpc-grpc-netty-1.56.0.jar
+- lib/io.grpc-grpc-protobuf-1.56.0.jar
+- lib/io.grpc-grpc-protobuf-lite-1.56.0.jar
+- lib/io.grpc-grpc-stub-1.56.0.jar
+- lib/io.grpc-grpc-testing-1.56.0.jar
Copyright 2014, gRPC Authors All rights reserved.
diff --git a/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt b/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
index c0cd48d335..96d7d9d664 100644
--- a/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
+++ b/bookkeeper-dist/src/main/resources/NOTICE-server.bin.txt
@@ -116,15 +116,15 @@ granted provided that the copyright notice appears in all copies.
Copyright 2010 Cedric Beust cedric@beust.com
------------------------------------------------------------------------------------
-- lib/io.grpc-grpc-all-1.47.0.jar
-- lib/io.grpc-grpc-auth-1.47.0.jar
-- lib/io.grpc-grpc-context-1.47.0.jar
-- lib/io.grpc-grpc-core-1.47.0.jar
-- lib/io.grpc-grpc-netty-1.47.0.jar
-- lib/io.grpc-grpc-protobuf-1.47.0.jar
-- lib/io.grpc-grpc-protobuf-lite-1.47.0.jar
-- lib/io.grpc-grpc-stub-1.47.0.jar
-- lib/io.grpc-grpc-testing-1.47.0.jar
+- lib/io.grpc-grpc-all-1.56.0.jar
+- lib/io.grpc-grpc-auth-1.56.0.jar
+- lib/io.grpc-grpc-context-1.56.0.jar
+- lib/io.grpc-grpc-core-1.56.0.jar
+- lib/io.grpc-grpc-netty-1.56.0.jar
+- lib/io.grpc-grpc-protobuf-1.56.0.jar
+- lib/io.grpc-grpc-protobuf-lite-1.56.0.jar
+- lib/io.grpc-grpc-stub-1.56.0.jar
+- lib/io.grpc-grpc-testing-1.56.0.jar
Copyright 2014, gRPC Authors All rights reserved.
diff --git a/metadata-drivers/etcd/pom.xml b/metadata-drivers/etcd/pom.xml
index 2d13190404..be330511a4 100644
--- a/metadata-drivers/etcd/pom.xml
+++ b/metadata-drivers/etcd/pom.xml
@@ -58,6 +58,14 @@
<groupId>io.grpc</groupId>
<artifactId>grpc-okhttp</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>io.grpc</groupId>
+ <artifactId>grpc-servlet</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>io.grpc</groupId>
+ <artifactId>grpc-servlet-jakarta</artifactId>
+ </exclusion>
</exclusions>
</dependency>
diff --git a/pom.xml b/pom.xml
index 3ecb97eaf2..e8a9d83c9c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -132,7 +132,7 @@
<freebuilder.version>2.7.0</freebuilder.version>
<google.code.version>3.0.2</google.code.version>
<google.errorprone.version>2.9.0</google.errorprone.version>
- <grpc.version>1.47.0</grpc.version>
+ <grpc.version>1.56.0</grpc.version>
<guava.version>31.0.1-jre</guava.version>
<kerby.version>1.1.1</kerby.version>
<hadoop.version>3.3.5</hadoop.version>
@@ -161,8 +161,8 @@
<datasketches.version>0.8.3</datasketches.version>
<httpclient.version>4.5.13</httpclient.version>
<httpcore.version>4.4.15</httpcore.version>
- <protobuf.version>3.19.6</protobuf.version>
- <protoc3.version>3.19.6</protoc3.version>
+ <protobuf.version>3.22.3</protobuf.version>
+ <protoc3.version>3.22.3</protoc3.version>
<protoc-gen-grpc-java.version>${grpc.version}</protoc-gen-grpc-java.version>
<reflections.version>0.9.11</reflections.version>
<rocksdb.version>7.9.2</rocksdb.version>
diff --git a/stream/common/pom.xml b/stream/common/pom.xml
index 25a272714c..a6d0304ca7 100644
--- a/stream/common/pom.xml
+++ b/stream/common/pom.xml
@@ -52,6 +52,14 @@
<groupId>io.grpc</groupId>
<artifactId>grpc-okhttp</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>io.grpc</groupId>
+ <artifactId>grpc-servlet</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>io.grpc</groupId>
+ <artifactId>grpc-servlet-jakarta</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
diff --git a/stream/tests-common/pom.xml b/stream/tests-common/pom.xml
index 6961f64c50..e5b5a5e937 100644
--- a/stream/tests-common/pom.xml
+++ b/stream/tests-common/pom.xml
@@ -44,6 +44,14 @@
<groupId>io.grpc</groupId>
<artifactId>grpc-okhttp</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>io.grpc</groupId>
+ <artifactId>grpc-servlet</artifactId>
+ </exclusion>
+ <exclusion>
+ <groupId>io.grpc</groupId>
+ <artifactId>grpc-servlet-jakarta</artifactId>
+ </exclusion>
</exclusions>
</dependency>
<dependency>
[bookkeeper] 01/03: Upgrade snappy-java to address multiple CVEs (#3993)
Posted by yo...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
yong pushed a commit to branch branch-4.16
in repository https://gitbox.apache.org/repos/asf/bookkeeper.git
commit 2038cf438618dcce609ec9d99acf069e928924ac
Author: Lari Hotari <lh...@users.noreply.github.com>
AuthorDate: Tue Jun 20 04:11:30 2023 +0300
Upgrade snappy-java to address multiple CVEs (#3993)
Address multiple CVEs:
CVE-2023-34453
CVE-2023-34454
CVE-2023-34455
See https://github.com/xerial/snappy-java/releases/tag/v1.1.10.1
(cherry picked from commit 5ca8d83aedf3f300c029eda3ec0f64bbffbbee8d)
---
bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt | 4 ++--
bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt | 4 ++--
bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt | 4 ++--
pom.xml | 2 +-
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
index d97eca6248..3b5f140ed3 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-all.bin.txt
@@ -317,7 +317,7 @@ Apache Software License, Version 2.
- lib/io.dropwizard.metrics-metrics-jvm-4.1.12.1.jar [47]
- lib/io.perfmark-perfmark-api-0.25.0.jar [48]
- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.1.jar [49]
-- lib/org.xerial.snappy-snappy-java-1.1.7.7.jar [50]
+- lib/org.xerial.snappy-snappy-java-1.1.10.1.jar [50]
- lib/io.reactivex.rxjava3-rxjava-3.0.1.jar [51]
- lib/org.hdrhistogram-HdrHistogram-2.1.10.jar [52]
- lib/com.carrotsearch-hppc-0.9.1.jar [53]
@@ -367,7 +367,7 @@ Apache Software License, Version 2.
[47] Source available at https://github.com/dropwizard/metrics/releases/tag/v4.1.12.1
[48] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.25.0
[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.1
-[50] Source available at https://github.com/google/snappy/releases/tag/1.1.7.7
+[50] Source available at https://github.com/xerial/snappy-java/releases/tag/v1.1.10.1
[51] Source available at https://github.com/ReactiveX/RxJava/tree/v3.0.1
[52] Source available at https://github.com/HdrHistogram/HdrHistogram/tree/HdrHistogram-2.1.10
[53] Source available at https://github.com/carrotsearch/hppc/tree/0.9.1
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
index b8f1f29231..b31351645f 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-bkctl.bin.txt
@@ -289,7 +289,7 @@ Apache Software License, Version 2.
- lib/io.dropwizard.metrics-metrics-core-4.1.12.1.jar [46]
- lib/io.perfmark-perfmark-api-0.25.0.jar [47]
- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.1.jar [49]
-- lib/org.xerial.snappy-snappy-java-1.1.7.7.jar [50]
+- lib/org.xerial.snappy-snappy-java-1.1.10.1.jar [50]
- lib/io.reactivex.rxjava3-rxjava-3.0.1.jar [51]
- lib/com.carrotsearch-hppc-0.9.1.jar [52]
@@ -330,7 +330,7 @@ Apache Software License, Version 2.
[46] Source available at https://github.com/dropwizard/metrics/releases/tag/v4.1.12.1
[47] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.25.0
[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.1
-[50] Source available at https://github.com/google/snappy/releases/tag/1.1.7.7
+[50] Source available at https://github.com/xerial/snappy-java/releases/tag/v1.1.10.1
[51] Source available at https://github.com/ReactiveX/RxJava/tree/v3.0.1
[52] Source available at https://github.com/carrotsearch/hppc/tree/0.9.1
diff --git a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
index 7383286d0c..b26219b582 100644
--- a/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
+++ b/bookkeeper-dist/src/main/resources/LICENSE-server.bin.txt
@@ -314,7 +314,7 @@ Apache Software License, Version 2.
- lib/io.dropwizard.metrics-metrics-core-4.1.12.1.jar [47]
- lib/io.perfmark-perfmark-api-0.25.0.jar [48]
- lib/org.conscrypt-conscrypt-openjdk-uber-2.5.1.jar [49]
-- lib/org.xerial.snappy-snappy-java-1.1.7.7.jar [50]
+- lib/org.xerial.snappy-snappy-java-1.1.10.1.jar [50]
- lib/io.reactivex.rxjava3-rxjava-3.0.1.jar [51]
- lib/com.carrotsearch-hppc-0.9.1.jar [52]
@@ -363,7 +363,7 @@ Apache Software License, Version 2.
[47] Source available at https://github.com/dropwizard/metrics/releases/tag/v4.1.12.1
[48] Source available at https://github.com/perfmark/perfmark/releases/tag/v0.25.0
[49] Source available at https://github.com/google/conscrypt/releases/tag/2.5.1
-[50] Source available at https://github.com/google/snappy/releases/tag/1.1.7.7
+[50] Source available at https://github.com/xerial/snappy-java/releases/tag/v1.1.10.1
[51] Source available at https://github.com/ReactiveX/RxJava/tree/v3.0.1
[52] Source available at https://github.com/carrotsearch/hppc/tree/0.9.1
diff --git a/pom.xml b/pom.xml
index 9396e5f699..3ecb97eaf2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -174,7 +174,7 @@
<testcontainers.version>1.17.6</testcontainers.version>
<vertx.version>4.3.8</vertx.version>
<zookeeper.version>3.8.1</zookeeper.version>
- <snappy.version>1.1.7.7</snappy.version>
+ <snappy.version>1.1.10.1</snappy.version>
<jctools.version>2.1.2</jctools.version>
<hppc.version>0.9.1</hppc.version>
<!-- plugin dependencies -->