This is an automated email from the ASF dual-hosted git repository.
kou pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow.git
The following commit(s) were added to refs/heads/main by this push:
new 3b8b700348 MINOR: [Java] Bump org.apache.hadoop:hadoop-common from
2.7.1 to 3.3.6 in /java (#39833)
3b8b700348 is described below
commit 3b8b700348f5d73fa4cfdb2780b0bde5d83a7f22
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Tue Jan 30 06:02:06 2024 +0900
MINOR: [Java] Bump org.apache.hadoop:hadoop-common from 2.7.1 to 3.3.6 in
/java (#39833)
Bumps org.apache.hadoop:hadoop-common from 2.7.1 to 3.3.6.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting `@
dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@ dependabot rebase` will rebase this PR
- `@ dependabot recreate` will recreate this PR, overwriting any edits that
have been made to it
- `@ dependabot merge` will merge this PR after your CI passes on it
- `@ dependabot squash and merge` will squash and merge this PR after your
CI passes on it
- `@ dependabot cancel merge` will cancel a previously requested merge and
block automerging
- `@ dependabot reopen` will reopen this PR if it is closed
- `@ dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@ dependabot show <dependency name> ignore conditions` will show all of
the ignore conditions of the specified dependency
- `@ dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen the PR
or upgrade to it yourself)
- `@ dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen the PR
or upgrade to it yourself)
- `@ dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the PR or
upgrade to it yourself)
</details>
Authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Sutou Kouhei <[email protected]>
---
java/adapter/orc/pom.xml | 2 +-
java/pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/java/adapter/orc/pom.xml b/java/adapter/orc/pom.xml
index 265a9a71b8..79e51470a4 100644
--- a/java/adapter/orc/pom.xml
+++ b/java/adapter/orc/pom.xml
@@ -75,7 +75,7 @@
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
- <version>3.3.3</version>
+ <version>3.3.6</version>
<scope>test</scope>
<exclusions>
<exclusion>
diff --git a/java/pom.xml b/java/pom.xml
index 2423e2d495..3947f76cae 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -37,7 +37,7 @@
<dep.grpc-bom.version>1.60.0</dep.grpc-bom.version>
<dep.protobuf-bom.version>3.23.1</dep.protobuf-bom.version>
<dep.jackson-bom.version>2.16.0</dep.jackson-bom.version>
- <dep.hadoop.version>2.7.1</dep.hadoop.version>
+ <dep.hadoop.version>3.3.6</dep.hadoop.version>
<dep.fbs.version>23.5.26</dep.fbs.version>
<dep.avro.version>1.11.3</dep.avro.version>
<arrow.vector.classifier />
