Github user srowen commented on the issue: https://github.com/apache/spark/pull/21596 I'm also concerned about the other direction: this dependency leaks onto the user classpath, so we'd be updating Jackson for all apps. That is a good thing in some cases, but probably breaks some other cases. Users can (perhaps should) be shading Jackson but I bet most won't. This is why it's safe for Spark 3, risky for Spark 2.4.
--- --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org