LuciferYang commented on PR #44477: URL: https://github.com/apache/spark/pull/44477#issuecomment-1869971189
Apart from backporting the upgrade to branch-3.4 and branch-3.5, I can't think of a better way to reduce this compatibility impact now. So, shall we skip the upgrade to Ivy 2.5.2? Although there is a CVE issue with a score of 8.2 before Ivy 2.5.1 (CVE-2022-46751), it doesn't seem to have a significant impact on Apache Spark. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: reviews-unsubscr...@spark.apache.org For additional commands, e-mail: reviews-h...@spark.apache.org
