>From Michael Blow <[email protected]>: Michael Blow has submitted this change. ( https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/21124?usp=email )
Change subject: [NO ISSUE][MISC] update deps ...................................................................... [NO ISSUE][MISC] update deps Ext-ref: MB-71238 Change-Id: Ic7c4b1e6d4e29547fa7c21d8adcfec41d11a5e9b Reviewed-on: https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/21124 Reviewed-by: Ian Maxon <[email protected]> Reviewed-by: Michael Blow <[email protected]> Tested-by: Michael Blow <[email protected]> --- M asterixdb/pom.xml M hyracks-fullstack/hyracks/hyracks-maven-plugins/license-automation-plugin/src/main/java/org/apache/hyracks/maven/license/LicenseMojo.java M hyracks-fullstack/pom.xml 3 files changed, 25 insertions(+), 20 deletions(-) Approvals: Ian Maxon: Looks good to me, approved Michael Blow: Looks good to me, but someone else must approve; Verified diff --git a/asterixdb/pom.xml b/asterixdb/pom.xml index d24579b..c452be3 100644 --- a/asterixdb/pom.xml +++ b/asterixdb/pom.xml @@ -89,17 +89,17 @@ <jacoco.version>0.7.6.201602180812</jacoco.version> <log4j.version>2.25.3</log4j.version> <awsjavasdk.version>2.29.27</awsjavasdk.version> - <parquet.version>1.15.2</parquet.version> <!-- NOTICE: please update transitives from parquet below on any change --> - <hadoop-awsjavasdk.version>1.12.779</hadoop-awsjavasdk.version> + <parquet.version>1.17.0</parquet.version> <!-- NOTICE: please update transitives from parquet below on any change --> + <hadoop-awsjavasdk.version>1.12.797</hadoop-awsjavasdk.version> <azureblobjavasdk.version>12.31.1</azureblobjavasdk.version> <azurecommonjavasdk.version>12.30.1</azurecommonjavasdk.version> <azureidentity.version>1.17.0</azureidentity.version> <azuredatalakejavasdk.version>12.24.1</azuredatalakejavasdk.version> - <azurecore.version>1.56.0</azurecore.version> - <azurecorehttpnetty.version>1.16.0</azurecorehttpnetty.version> + <azurecore.version>1.57.1</azurecore.version> + <azurecorehttpnetty.version>1.16.3</azurecorehttpnetty.version> - <gcsjavasdk.version>2.62.0</gcsjavasdk.version> + <gcsjavasdk.version>2.64.1</gcsjavasdk.version> <hadoop-azuresdk.version>8.6.6</hadoop-azuresdk.version> <hadoop-gcs.version>hadoop3-2.2.25</hadoop-gcs.version> <io.opencensus.version>0.31.1</io.opencensus.version> @@ -1212,7 +1212,7 @@ <dependency> <groupId>org.codehaus.woodstox</groupId> <artifactId>stax2-api</artifactId> - <version>4.2.2</version> + <version>4.3.0</version> </dependency> <dependency> <groupId>com.fasterxml.woodstox</groupId> @@ -1232,7 +1232,7 @@ <dependency> <groupId>commons-logging</groupId> <artifactId>commons-logging</artifactId> - <version>1.3.4</version> + <version>1.3.6</version> </dependency> <dependency> <groupId>org.apache.hyracks</groupId> @@ -1748,7 +1748,7 @@ <dependency> <groupId>com.github.luben</groupId> <artifactId>zstd-jni</artifactId> - <version>1.5.6-6</version> + <version>1.5.7-7</version> </dependency> <dependency> <groupId>commons-pool</groupId> @@ -1826,7 +1826,7 @@ <dependency> <groupId>org.codehaus.jettison</groupId> <artifactId>jettison</artifactId> - <version>1.5.4</version> + <version>1.5.5</version> </dependency> <!-- CVE-2024-8184 --> <dependency> @@ -1842,12 +1842,12 @@ <dependency> <groupId>io.netty</groupId> <artifactId>netty-tcnative-boringssl-static</artifactId> - <version>2.0.73.Final</version> + <version>2.0.75.Final</version> </dependency> <dependency> <groupId>io.grpc</groupId> <artifactId>grpc-bom</artifactId> - <version>1.79.0</version> + <version>1.80.0</version> <type>pom</type> <scope>import</scope> </dependency> diff --git a/hyracks-fullstack/hyracks/hyracks-maven-plugins/license-automation-plugin/src/main/java/org/apache/hyracks/maven/license/LicenseMojo.java b/hyracks-fullstack/hyracks/hyracks-maven-plugins/license-automation-plugin/src/main/java/org/apache/hyracks/maven/license/LicenseMojo.java index 5e91807..6c61480 100644 --- a/hyracks-fullstack/hyracks/hyracks-maven-plugins/license-automation-plugin/src/main/java/org/apache/hyracks/maven/license/LicenseMojo.java +++ b/hyracks-fullstack/hyracks/hyracks-maven-plugins/license-automation-plugin/src/main/java/org/apache/hyracks/maven/license/LicenseMojo.java @@ -434,15 +434,20 @@ for (String extraDependency : extraDependencies) { String[] gavParts = StringUtils.split(extraDependency, ':'); String gav = gavParts[0] + ":" + gavParts[1] + ":" + gavParts[2]; - if (!dependencyGavMap.containsKey(gav)) { + MavenProject existingEntry = dependencyGavMap.get(gav); + boolean shadowed = false; + if (gavParts.length > 3) { + shadowed = "shadowed".equals(gavParts[3]); + } + if (existingEntry == null) { ArtifactHandler handler = new DefaultArtifactHandler("jar"); Artifact manualDep = new DefaultArtifact(gavParts[0], gavParts[1], gavParts[2], Artifact.SCOPE_COMPILE, "jar", null, handler); - boolean shadowed = false; - if (gavParts.length > 3) { - shadowed = "shadowed".equals(gavParts[3]); - } processArtifact(manualDep, dependencyLicenseMap, dependencyGavMap, shadowed); + } else if (!shadowed && (boolean) existingEntry.getContextValue(SHADOWED_KEY)) { + getLog().warn( + "escalating formerly shadowed " + gav + " as non shadowed per extra dependency declaration"); + existingEntry.setContextValue(SHADOWED_KEY, false); } else { getLog().warn("not adding extra dependency " + gav + " as it is already added"); } diff --git a/hyracks-fullstack/pom.xml b/hyracks-fullstack/pom.xml index 41daad0..5aa00d1 100644 --- a/hyracks-fullstack/pom.xml +++ b/hyracks-fullstack/pom.xml @@ -72,10 +72,10 @@ <hadoop.version>3.4.2</hadoop.version> <jacoco.version>0.7.6.201602180812</jacoco.version> <log4j.version>2.25.3</log4j.version> - <snappy.version>1.1.10.5</snappy.version> + <snappy.version>1.1.10.8</snappy.version> <jackson.version>2.19.2</jackson.version> <jackson-databind.version>${jackson.version}</jackson-databind.version> - <netty.version>4.1.130.Final</netty.version> + <netty.version>4.1.132.Final</netty.version> <implementation.title>Apache Hyracks and Algebricks - ${project.name}</implementation.title> <implementation.url>https://asterixdb.apache.org/</implementation.url> @@ -465,7 +465,7 @@ <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>33.3.1-jre</version> + <version>33.5.0-jre</version> <exclusions> <exclusion> <groupId>com.google.code.findbugs</groupId> @@ -527,7 +527,7 @@ <dependency> <groupId>args4j</groupId> <artifactId>args4j</artifactId> - <version>2.33</version> + <version>2.37</version> </dependency> <dependency> <groupId>org.apache.logging.log4j</groupId> -- To view, visit https://asterix-gerrit.ics.uci.edu/c/asterixdb/+/21124?usp=email To unsubscribe, or for help writing mail filters, visit https://asterix-gerrit.ics.uci.edu/settings?usp=email Gerrit-MessageType: merged Gerrit-Project: asterixdb Gerrit-Branch: trinity Gerrit-Change-Id: Ic7c4b1e6d4e29547fa7c21d8adcfec41d11a5e9b Gerrit-Change-Number: 21124 Gerrit-PatchSet: 6 Gerrit-Owner: Michael Blow <[email protected]> Gerrit-Reviewer: Anon. E. Moose #1000171 Gerrit-Reviewer: Ian Maxon <[email protected]> Gerrit-Reviewer: Jenkins <[email protected]> Gerrit-Reviewer: Michael Blow <[email protected]>
