This is an automated email from the ASF dual-hosted git repository. dongjoon pushed a commit to branch branch-2.4 in repository https://gitbox.apache.org/repos/asf/spark.git
The following commit(s) were added to refs/heads/branch-2.4 by this push: new bfeaef1 [SPARK-33405][BUILD][2.4] Upgrade commons-compress to 1.20 bfeaef1 is described below commit bfeaef1bc3d67a16aed401dbf5c91fff5a835a2a Author: Dongjoon Hyun <dh...@apple.com> AuthorDate: Mon Nov 9 19:55:23 2020 -0800 [SPARK-33405][BUILD][2.4] Upgrade commons-compress to 1.20 ### What changes were proposed in this pull request? This PR aims to upgrade `commons-compress` from 1.8 to 1.20. ### Why are the changes needed? - https://commons.apache.org/proper/commons-compress/security-reports.html ### Does this PR introduce _any_ user-facing change? No. ### How was this patch tested? Pass the CIs. Closes #30307 from dongjoon-hyun/SPARK-33405. Authored-by: Dongjoon Hyun <dh...@apple.com> Signed-off-by: Dongjoon Hyun <dh...@apple.com> --- dev/deps/spark-deps-hadoop-2.6 | 2 +- dev/deps/spark-deps-hadoop-2.7 | 2 +- dev/deps/spark-deps-hadoop-3.1 | 2 +- pom.xml | 6 ++++++ 4 files changed, 9 insertions(+), 3 deletions(-) diff --git a/dev/deps/spark-deps-hadoop-2.6 b/dev/deps/spark-deps-hadoop-2.6 index b4fad23..87c48fa 100644 --- a/dev/deps/spark-deps-hadoop-2.6 +++ b/dev/deps/spark-deps-hadoop-2.6 @@ -34,7 +34,7 @@ commons-cli/1.2//commons-cli-1.2.jar commons-codec/1.10//commons-codec-1.10.jar commons-collections/3.2.2//commons-collections-3.2.2.jar commons-compiler/3.0.16//commons-compiler-3.0.16.jar -commons-compress/1.8.1//commons-compress-1.8.1.jar +commons-compress/1.20//commons-compress-1.20.jar commons-configuration/1.6//commons-configuration-1.6.jar commons-crypto/1.0.0//commons-crypto-1.0.0.jar commons-dbcp/1.4//commons-dbcp-1.4.jar diff --git a/dev/deps/spark-deps-hadoop-2.7 b/dev/deps/spark-deps-hadoop-2.7 index 3dcb4d7..80e3ecc 100644 --- a/dev/deps/spark-deps-hadoop-2.7 +++ b/dev/deps/spark-deps-hadoop-2.7 @@ -34,7 +34,7 @@ commons-cli/1.2//commons-cli-1.2.jar commons-codec/1.10//commons-codec-1.10.jar commons-collections/3.2.2//commons-collections-3.2.2.jar commons-compiler/3.0.16//commons-compiler-3.0.16.jar -commons-compress/1.8.1//commons-compress-1.8.1.jar +commons-compress/1.20//commons-compress-1.20.jar commons-configuration/1.6//commons-configuration-1.6.jar commons-crypto/1.0.0//commons-crypto-1.0.0.jar commons-dbcp/1.4//commons-dbcp-1.4.jar diff --git a/dev/deps/spark-deps-hadoop-3.1 b/dev/deps/spark-deps-hadoop-3.1 index 01b6224..c925808 100644 --- a/dev/deps/spark-deps-hadoop-3.1 +++ b/dev/deps/spark-deps-hadoop-3.1 @@ -32,7 +32,7 @@ commons-cli/1.2//commons-cli-1.2.jar commons-codec/1.10//commons-codec-1.10.jar commons-collections/3.2.2//commons-collections-3.2.2.jar commons-compiler/3.0.16//commons-compiler-3.0.16.jar -commons-compress/1.8.1//commons-compress-1.8.1.jar +commons-compress/1.20//commons-compress-1.20.jar commons-configuration2/2.1.1//commons-configuration2-2.1.1.jar commons-crypto/1.0.0//commons-crypto-1.0.0.jar commons-daemon/1.0.13//commons-daemon-1.0.13.jar diff --git a/pom.xml b/pom.xml index ab2dd91..630979b 100644 --- a/pom.xml +++ b/pom.xml @@ -165,6 +165,7 @@ <netlib.java.version>1.1.2</netlib.java.version> <calcite.version>1.2.0-incubating</calcite.version> <commons-codec.version>1.10</commons-codec.version> + <commons-compress.version>1.20</commons-compress.version> <commons-io.version>2.4</commons-io.version> <!-- org.apache.commons/commons-lang/--> <commons-lang2.version>2.6</commons-lang2.version> @@ -462,6 +463,11 @@ </dependency> <dependency> <groupId>org.apache.commons</groupId> + <artifactId>commons-compress</artifactId> + <version>${commons-compress.version}</version> + </dependency> + <dependency> + <groupId>org.apache.commons</groupId> <artifactId>commons-math3</artifactId> <version>${commons.math3.version}</version> </dependency> --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@spark.apache.org For additional commands, e-mail: commits-h...@spark.apache.org