[jira] [Work logged] (HADOOP-18224) Upgrade maven compiler plugin to 3.10.1 and maven javadoc plugin to 3.4.0

Mon, 09 May 2022 21:30:06 -0700 


     [ 
https://issues.apache.org/jira/browse/HADOOP-18224?focusedWorklogId=768306&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-768306
 ]

ASF GitHub Bot logged work on HADOOP-18224:
-------------------------------------------

                Author: ASF GitHub Bot
            Created on: 10/May/22 04:29
            Start Date: 10/May/22 04:29
    Worklog Time Spent: 10m 
      Work Description: virajjasani commented on PR #4267:
URL: https://github.com/apache/hadoop/pull/4267#issuecomment-1121906720

   > @aajisaka The above error is resolved and now JDK 8 Javadoc has 65 
`error:` instances for `hadoop-yarn-applications-catalog-webapp` module as per 
https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4267/7/artifact/out/patch-javadoc-root-jdkPrivateBuild-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07.txt
   
   @aajisaka would you recommend resolving these errors? We still have many 
Yarn modules pending the evaluation once catalog webapp is resolved, so it's 
still unclear how many more are yet to go, but if you suggest resolving them, 
will be happy to do so.




Issue Time Tracking
-------------------

    Worklog Id:     (was: 768306)
    Time Spent: 2h 40m  (was: 2.5h)

> Upgrade maven compiler plugin to 3.10.1 and maven javadoc plugin to 3.4.0
> -------------------------------------------------------------------------
>
>                 Key: HADOOP-18224
>                 URL: https://issues.apache.org/jira/browse/HADOOP-18224
>             Project: Hadoop Common
>          Issue Type: Task
>            Reporter: Viraj Jasani
>            Assignee: Viraj Jasani
>            Priority: Major
>              Labels: pull-request-available
>          Time Spent: 2h 40m
>  Remaining Estimate: 0h
>
> Currently we are using maven-compiler-plugin 3.1 version, which is quite old 
> (2013) and it's also pulling in vulnerable log4j dependency:
> {code:java}
> [INFO]    
> org.apache.maven.plugins:maven-compiler-plugin:maven-plugin:3.1:runtime
> [INFO]       org.apache.maven.plugins:maven-compiler-plugin:jar:3.1
> [INFO]       org.apache.maven:maven-plugin-api:jar:2.0.9
> [INFO]       org.apache.maven:maven-artifact:jar:2.0.9
> [INFO]       org.codehaus.plexus:plexus-utils:jar:1.5.1
> [INFO]       org.apache.maven:maven-core:jar:2.0.9
> [INFO]       org.apache.maven:maven-settings:jar:2.0.9
> [INFO]       org.apache.maven:maven-plugin-parameter-documenter:jar:2.0.9
> ...
> ...
> ...
> [INFO]       log4j:log4j:jar:1.2.12
> [INFO]       commons-logging:commons-logging-api:jar:1.1
> [INFO]       com.google.collections:google-collections:jar:1.0
> [INFO]       junit:junit:jar:3.8.2
>  {code}
>  
> We should upgrade to 3.10.1 (latest Mar, 2022) version of 
> maven-compiler-plugin.



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-issues-h...@hadoop.apache.org

Reply via email to