This is an automated email from the ASF dual-hosted git repository. srowen pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/master by this push: new 2e6bc9a6b21 [MINOR][BUILD] Upgrade apache-rat to 0.14 2e6bc9a6b21 is described below commit 2e6bc9a6b217f5ae737ac2559488e798d3c48593 Author: panbingkun <pbk1...@gmail.com> AuthorDate: Sun Aug 14 18:20:30 2022 -0500 [MINOR][BUILD] Upgrade apache-rat to 0.14 ### What changes were proposed in this pull request? This PR upgrade `apache-rat` to 0.14. ### Why are the changes needed? #### 1.This brings security issues fix like the following: > 1.Update to doxia 1.11.1 in order to get CVE-2020-13956-httpclient problem fixes in doxia. Fixes [RAT-275](https://issues.apache.org/jira/browse/RAT-275) > 2.Update to latest Commons IO to fix CVE-2021-29425 (Moderate severity). Fixes [RAT-281](https://issues.apache.org/jira/browse/RAT-281). > 3.Update to junit 4.13.1 to fix CVE-2020-15250. Fixes [RAT-277](https://issues.apache.org/jira/browse/RAT-277) > 4.Update to latest Apache Ant 1.10.9 to fix CVE-2020-11979. Update to JDK8 as minimal version/compiler version. Fixes [RAT-274](https://issues.apache.org/jira/browse/RAT-274) > 5.Update to latest Apache Ant to fix CVE-2020-1945. Fixes [RAT-269](https://issues.apache.org/jira/browse/RAT-269) > 6.Update to latest commons-compress to fix CVE-2019-12402. Fixes [RAT-258](https://issues.apache.org/jira/browse/RAT-258) > 7.Update compiler level to 1.7 to allow building with more recent JDKs. Update plugins and dependencies to more modern versions to fix security issues (CVE-warnings). Fixes [RAT-244](https://issues.apache.org/jira/browse/RAT-244). #### 2.Release notes: > https://creadur.apache.org/rat/changes-report.html#a0.14 ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? Pass GA & manual tests: ./dev/check-license Closes #37511 from panbingkun/upgrade_rat. Authored-by: panbingkun <pbk1...@gmail.com> Signed-off-by: Sean Owen <sro...@gmail.com> --- dev/check-license | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/check-license b/dev/check-license index f1cd5a5f1d4..55db95734dd 100755 --- a/dev/check-license +++ b/dev/check-license @@ -58,7 +58,7 @@ else declare java_cmd=java fi -export RAT_VERSION=0.13 +export RAT_VERSION=0.14 export rat_jar="$FWDIR"/lib/apache-rat-${RAT_VERSION}.jar mkdir -p "$FWDIR"/lib --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org For additional commands, e-mail: commits-h...@spark.apache.org