Thanks Yifan,
This is great ! It would help us maintain Beam more easily and probably help us
fixing CVE as well.
Etienne
Le mercredi 13 juin 2018 à 07:45 -0700, Yifan Zou a écrit :
> Hi,
>
>
> I want to follow up and explain this email.
>
>
> This is a sample email that reports the results of Beam SDK dependency check,
> which was proposed here. The goal is
> finding updates for all Beam Python & Java SDKs' dependencies and prioritize
> them. The job will be auto triggered in
> Jenkins once a week and generate a report. The report lists the high priority
> updates base on the following criteria:
>
>
> The dependency update is high priority if:
> 1. It has major versions update available;
> e.g. org.assertj:assertj-core 2.5.0 -> 3.10.0
> 2. or, it is over 3 minor versions behind the latest version;
> e.g. org.tukaani:xz 1.5 -> 1.8
> 3. or, the current version is behind the later version for over 180 days.
> e.g. com.google.auto.service:auto-service 2014-10-24 -> 2017-12-11
>
>
> This job helps Beam contributors to determine the dependency which is far
> behind the latest released version. The next
> step would be automating filing JIRA bugs for dep updates, group dependencies
> and identify owners to take care of the
> upgrades follow Chamikara's proposal.
>
>
> For more readings:
> [Proposal] Beam dependency check automation by Yifan Zou
> [Proposal] Beam dependency update policy by Chamikara Jayalath
>
> Thank you.
>
> Yifan Zou
> On Wed, Jun 13, 2018 at 7:41 AM Apache Jenkins Server
> <[email protected]> wrote:
> > High Priority Dependency Updates Of Beam Python SDK:
> >
> >
> > Dependency Name
> > Current Version
> > Later Version
> > Current Version Release Date
> > Later Version Release Date
> > google-cloud-bigquery0.25.01.3.02017-06-262018-06-08
> > httplib20.9.20.11.32015-09-282018-03-30
> >
> > High Priority Dependency Updates Of Beam Java SDK:
> >
> >
> > Dependency Name
> > Current Version
> > Later Version
> > Current Version Release Date
> > Later Version Release Date
> > org.assertj:assertj-core2.5.03.10.02016-07-032018-05-11
> > com.google.auto.service:auto-service1.0-rc21.0-rc42014-10-242017-12-11
> > biz.aQute:bndlib1.43.02.0.0.20130123-1334412011-04-012013-02-27
> > org.apache.cassandra:cassandra-all3.93.11.22016-09-262018-02-14
> > commons-cli:commons-cli1.21.42009-03-192017-03-09
> > commons-codec:commons-codec1.91.112013-12-202017-10-17
> > org.apache.commons:commons-dbcp22.1.12.3.02015-08-022018-05-08
> > com.typesafe:config1.3.01.3.32015-05-082018-02-21
> > de.flapdoodle.embed:de.flapdoodle.embed.mongo1.50.12.0.32015-12-112018-02-14
> > de.flapdoodle.embed:de.flapdoodle.embed.process1.50.12.0.32015-12-112018-02-14
> > org.apache.derby:derby10.12.1.110.14.2.02015-10-102018-05-03
> > org.apache.derby:derbyclient10.12.1.110.14.2.02015-10-102018-05-03
> > org.apache.derby:derbynet10.12.1.110.14.2.02015-10-102018-05-03
> > org.elasticsearch:elasticsearch5.6.36.2.42017-10-062018-04-12
> > org.elasticsearch:elasticsearch-hadoop5.0.06.2.42016-10-262018-04-12
> > org.elasticsearch.client:elasticsearch-rest-client5.6.36.2.42017-10-062018-04-12
> > com.alibaba:fastjson1.2.121.2.472016-05-212018-03-15
> > org.elasticsearch.test:framework5.6.36.2.42017-10-062018-04-12
> > org.freemarker:freemarker2.3.25-incubating2.3.282016-06-142018-03-30
> > org.codehaus.groovy:groovy-all2.4.133.0.0-alpha-22017-11-222018-04-16
> > org.apache.hbase:hbase-common1.2.62.0.0.3.0.0.3-22017-05-292018-05-31
> > org.apache.hbase:hbase-hadoop-compat1.2.62.0.0.3.0.0.3-22017-05-292018-05-31
> > org.apache.hbase:hbase-hadoop2-compat1.2.62.0.0.3.0.0.3-22017-05-292018-05-31
> > org.apache.hbase:hbase-server1.2.62.0.0.3.0.0.3-22017-05-292018-05-31
> > org.apache.hbase:hbase-shaded-client1.2.62.0.0.3.0.0.3-22017-05-292018-05-31
> > org.apache.hbase:hbase-shaded-server1.2.62.0.0-alpha22017-05-292018-05-31
> > org.apache.hive:hive-cli2.1.03.0.0.3.0.0.3-22016-06-162018-05-21
> > org.apache.hive:hive-common2.1.03.0.0.3.0.0.3-22016-06-162018-05-21
> > org.apache.hive:hive-exec2.1.03.0.0.3.0.0.3-22016-06-162018-05-21
> > org.apache.hive.hcatalog:hive-hcatalog-core2.1.03.0.0.3.0.0.3-22016-06-162018-05-21
> > org.apache.httpcomponents:httpasyncclient4.1.24.1.32016-06-182017-02-05
> > org.apache.httpcomponents:httpclient4.5.24.5.52016-02-212018-01-18
> > org.apache.httpcomponents:httpcore4.4.54.4.92016-06-082018-01-11
> > net.java.dev.javacc:javacc4.07.0.32018-06-082017-11-06
> > jline:jline2.14.63.0.0.M12018-03-262018-06-08
> > net.java.dev.jna:jna4.1.04.5.12014-03-062017-12-27
> > com.esotericsoftware.kryo:kryo2.212.24.02013-02-272014-05-04
> > io.dropwizard.metrics:metrics-core3.1.24.1.0-rc22015-04-252018-05-03
> > org.mongodb:mongo-java-driver3.2.23.8.0-beta32016-02-152018-05-29
> > io.netty:netty-all4.1.17.Final5.0.0.Alpha22017-11-082018-06-06
> > io.grpc:protoc-gen-grpc-java1.2.01.12.02017-03-152018-05-07
> > org.apache.qpid:proton-j0.13.10.27.12016-07-012018-04-25
> > com.carrotsearch.randomizedtesting:randomizedtesting-runner2.5.02.6.32017-01-232018-06-11
> > org.scala-lang:scala-library2.11.82.13.0-M42017-03-082018-05-14
> > org.slf4j:slf4j-api1.7.251.8.0-beta22017-03-162018-03-21
> > org.slf4j:slf4j-jdk141.7.251.8.0-beta22017-03-162018-03-21
> > org.apache.solr:solr-core5.5.47.3.12017-10-202018-05-17
> > org.apache.solr:solr-solrj5.5.47.3.12017-10-202018-05-17
> > org.apache.solr:solr-test-framework5.5.47.3.12017-10-202018-05-17
> > org.springframework:spring-expression4.3.5.RELEASE5.0.7.RELEASE2017-01-252018-06-12
> > sqlline:sqlline1.3.01.4.02017-05-302018-05-30
> > com.clearspring.analytics:stream2.9.52.9.62016-08-102018-01-10
> > org.elasticsearch.client:transport5.0.06.2.42016-10-252018-04-12
> > org.elasticsearch.plugin:transport-netty4-client5.6.36.2.42017-11-062018-04-12
> > org.tukaani:xz1.51.82014-03-082018-01-04
> >
