Repository: calcite Updated Branches: refs/heads/master 312ab8122 -> 625edb88e
[CALCITE-2379] CVSS dependency-check-maven fails for calcite-spark and calcite-ubenchmark modules - Exclude py4j lib from spark-core - Disable dependency-check-maven for calcite-ubenchmark module Close apache/calcite#746 Project: http://git-wip-us.apache.org/repos/asf/calcite/repo Commit: http://git-wip-us.apache.org/repos/asf/calcite/commit/625edb88 Tree: http://git-wip-us.apache.org/repos/asf/calcite/tree/625edb88 Diff: http://git-wip-us.apache.org/repos/asf/calcite/diff/625edb88 Branch: refs/heads/master Commit: 625edb88e6afd41b37fdae95e15d5d04cc794b7e Parents: 312ab81 Author: Volodymyr Vysotskyi <[email protected]> Authored: Sat Jun 30 15:17:32 2018 +0300 Committer: Volodymyr Vysotskyi <[email protected]> Committed: Mon Jul 2 22:16:00 2018 +0300 ---------------------------------------------------------------------- site/_docs/howto.md | 3 ++- spark/pom.xml | 8 ++++++++ ubenchmark/pom.xml | 9 +++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/calcite/blob/625edb88/site/_docs/howto.md ---------------------------------------------------------------------- diff --git a/site/_docs/howto.md b/site/_docs/howto.md index 842de16..bc912a7 100644 --- a/site/_docs/howto.md +++ b/site/_docs/howto.md @@ -507,7 +507,8 @@ Before you start: (i.e. gives no errors; warnings are OK) * Generate a report of vulnerabilities that occur among dependencies, using `-Ppedantic`; if you like, run again with `-DfailBuildOnCVSS=8` to see - whether serious vulnerabilities exist. + whether serious vulnerabilities exist. Report to [[email protected]](mailto:[email protected]) + if new critical vulnerabilities are found among dependencies. * Make sure that `mvn apache-rat:check` succeeds. (It will be run as part of the release, but it's better to trouble-shoot early.) * Decide the supported configurations of JDK, operating system and http://git-wip-us.apache.org/repos/asf/calcite/blob/625edb88/spark/pom.xml ---------------------------------------------------------------------- diff --git a/spark/pom.xml b/spark/pom.xml index 8a2cff2..6b763de 100644 --- a/spark/pom.xml +++ b/spark/pom.xml @@ -62,6 +62,14 @@ limitations under the License. <dependency> <groupId>org.apache.spark</groupId> <artifactId>spark-core_2.10</artifactId> + <exclusions> + <!-- Excludes py4j lib, since it has vulnerabilities + with level >= 8. --> + <exclusion> + <groupId>net.sf.py4j</groupId> + <artifactId>py4j</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>org.eclipse.jetty</groupId> http://git-wip-us.apache.org/repos/asf/calcite/blob/625edb88/ubenchmark/pom.xml ---------------------------------------------------------------------- diff --git a/ubenchmark/pom.xml b/ubenchmark/pom.xml index d6e8a9f..ebe6824 100644 --- a/ubenchmark/pom.xml +++ b/ubenchmark/pom.xml @@ -138,6 +138,15 @@ limitations under the License. </execution> </executions> </plugin> + <plugin> + <groupId>org.owasp</groupId> + <artifactId>dependency-check-maven</artifactId> + <executions> + <execution> + <phase>none</phase> + </execution> + </executions> + </plugin> </plugins> </build> </project>
