[jira] [Assigned] (ARROW-1347) List null type should use consistent name for inner field
[ https://issues.apache.org/jira/browse/ARROW-1347?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Steven Phillips reassigned ARROW-1347: -- Assignee: Steven Phillips > List null type should use consistent name for inner field > - > > Key: ARROW-1347 > URL: https://issues.apache.org/jira/browse/ARROW-1347 > Project: Apache Arrow > Issue Type: Bug >Reporter: Steven Phillips >Assignee: Steven Phillips > > The child field for List type has the field name "$data$" in most cases. In > the case that there is not a known type for the List, currently the > getField() method will return a subfield with name "DEFAULT". We should make > this consistent with the rest of the cases. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Assigned] (ARROW-1341) [C++] Deprecate arrow::MakeTable in favor of new ctor from ARROW-1334
[ https://issues.apache.org/jira/browse/ARROW-1341?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Steven Phillips reassigned ARROW-1341: -- Assignee: (was: Steven Phillips) > [C++] Deprecate arrow::MakeTable in favor of new ctor from ARROW-1334 > - > > Key: ARROW-1341 > URL: https://issues.apache.org/jira/browse/ARROW-1341 > Project: Apache Arrow > Issue Type: Bug > Components: C++ >Reporter: Wes McKinney > > Small oversight not doing this already in ARROW-1334 -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Created] (ARROW-1347) List null type should use consistent name for inner field
Steven Phillips created ARROW-1347: -- Summary: List null type should use consistent name for inner field Key: ARROW-1347 URL: https://issues.apache.org/jira/browse/ARROW-1347 Project: Apache Arrow Issue Type: Bug Reporter: Steven Phillips The child field for List type has the field name "$data$" in most cases. In the case that there is not a known type for the List, currently the getField() method will return a subfield with name "DEFAULT". We should make this consistent with the rest of the cases. -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Assigned] (ARROW-1341) [C++] Deprecate arrow::MakeTable in favor of new ctor from ARROW-1334
[ https://issues.apache.org/jira/browse/ARROW-1341?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Steven Phillips reassigned ARROW-1341: -- Assignee: Steven Phillips > [C++] Deprecate arrow::MakeTable in favor of new ctor from ARROW-1334 > - > > Key: ARROW-1341 > URL: https://issues.apache.org/jira/browse/ARROW-1341 > Project: Apache Arrow > Issue Type: Bug > Components: C++ >Reporter: Wes McKinney >Assignee: Steven Phillips > > Small oversight not doing this already in ARROW-1334 -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (ARROW-1339) [C++] Use boost::filesystem for handling of platform-specific file path encodings
[ https://issues.apache.org/jira/browse/ARROW-1339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16122080#comment-16122080 ] Max Risuhin commented on ARROW-1339: [~wesmckinn], it seems that boost::filesystem::path can be used to replace recently introduced `PlatformFilename` struct. I have tried to use [path::wstring|http://www.boost.org/doc/libs/1_53_0/libs/filesystem/doc/reference.html#wstring] and path::string, it seems it works fine. I'm wondering if it was supposed here more changes than just replace `PlatformFilename` struct with `boost::filesystem::path`? > [C++] Use boost::filesystem for handling of platform-specific file path > encodings > - > > Key: ARROW-1339 > URL: https://issues.apache.org/jira/browse/ARROW-1339 > Project: Apache Arrow > Issue Type: Improvement > Components: C++ >Reporter: Wes McKinney >Assignee: Max Risuhin > Fix For: 0.7.0 > > -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Resolved] (ARROW-592) [C++] Provide .deb and .rpm packages
[ https://issues.apache.org/jira/browse/ARROW-592?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Wes McKinney resolved ARROW-592. Resolution: Fixed Assignee: Kouhei Sutou > [C++] Provide .deb and .rpm packages > > > Key: ARROW-592 > URL: https://issues.apache.org/jira/browse/ARROW-592 > Project: Apache Arrow > Issue Type: Wish > Components: C++ > Environment: GNU/Linux >Reporter: Kouhei Sutou >Assignee: Kouhei Sutou >Priority: Minor > Fix For: 0.7.0 > > > If we provide .deb and .rpm packages for C++ Arrow, users can install it > easily. (At least, I'm happy as an user.) > Is there any location to provide .deb and .rpm packages? If it doesn't exist, > how about using https://packagecloud.io/ with "Open Source plan"? We can find > "Open Source plan" by clicking "Looking for free or open-source plans" at > https://packagecloud.io/pricing . -- This message was sent by Atlassian JIRA (v6.4.14#64029)
[jira] [Commented] (ARROW-1346) [Python] pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121835#comment-16121835
]
Wes McKinney commented on ARROW-1346:
-
Yeah, I agree that the state of Python packaging continues to be very sad. 26
years into the Python programming language I'm not optimistic that things will
get much better
> [Python] pypi packages compatible with setuptools
> -
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Closed] (ARROW-1346) [Python] pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Antony Mayi closed ARROW-1346.
--
Resolution: Workaround
> [Python] pypi packages compatible with setuptools
> -
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (ARROW-1346) [Python] pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121829#comment-16121829
]
Antony Mayi commented on ARROW-1346:
Right, that's why said I am not suggesting to publish eggs. No probs. It's just
odd that setuptools is still the main python packaging concept that can nicely
define dependencies ([even in pyarrow
iself|https://github.com/apache/arrow/blob/master/python/setup.py#L371]) and is
unable to deploy such packages itself (in case of wheel deps) but needs another
tools to resolve its dependencies. But I understand this is not a problem of
arrow...
> [Python] pypi packages compatible with setuptools
> -
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (ARROW-1346) [Python] pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121746#comment-16121746
]
Wes McKinney commented on ARROW-1346:
-
My understanding is that installing packages via {{setup.py}} (i.e.
easy_install) is effectively deprecated, and so it's unlikely we'll support it
here. See associated discussion in the TensorFlow issue tracker
https://github.com/tensorflow/tensorflow/issues/6540 ("Building and
distributing an egg file is not planned for tensorflow, as it is the old
deprecated standard. I will close this issue now.") . I would recommend
changing your software deployment process to use pip and requirements.txt. You
can also use conda to achieve the same result.
> [Python] pypi packages compatible with setuptools
> -
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (ARROW-1346) [Python] pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121684#comment-16121684
]
Antony Mayi commented on ARROW-1346:
I am on linux.
Yes, pip works fine, but setuptools is not using pip. Any version of setuptools
(I am on the latest 36.2.7).
The attached [^setup.py] demonstrates the problem - ie if I am trying to
distribute my python project that depends on pyarrow as per the [^setup.py] it
won't pull pyarrow out of the box (running the typical {{python setup.py
install}} fails as per the error shown above due to the setuptools inability to
pull wheels from pypi).
> [Python] pypi packages compatible with setuptools
> -
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (ARROW-1346) [Python] pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Wes McKinney updated ARROW-1346:
Summary: [Python] pypi packages compatible with setuptools (was: pypi
packages compatible with setuptools)
> [Python] pypi packages compatible with setuptools
> -
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Comment Edited] (ARROW-1346) pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121652#comment-16121652
]
Wes McKinney edited comment on ARROW-1346 at 8/10/17 2:06 PM:
--
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
What version of setuptools? I'm pretty surprised by this. In production
deployments I usually see {{pip install -r requirements.txt}}, and pip knows
how to install wheels
was (Author: wesmckinn):
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
What version of setuptools? I'm pretty surprised by this. In production
deployments I usually see {{pip install -r requirements.txt}}, and pip knows
how to install weehsl
> pypi packages compatible with setuptools
>
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (ARROW-1346) pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121652#comment-16121652
]
Wes McKinney commented on ARROW-1346:
-
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
What version of setuptools? I'm pretty surprised by this. In production
deployments I usually see {{pip install -r requirements.txt}}, and pip knows
how to install weehsl
> pypi packages compatible with setuptools
>
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Commented] (ARROW-1346) pypi packages compatible with setuptools
[
https://issues.apache.org/jira/browse/ARROW-1346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121646#comment-16121646
]
Wes McKinney commented on ARROW-1346:
-
What platform are you on? There are only 0.5.0.post2 binaries for Linux, for
the other platforms it is still 0.5.0
https://pypi.python.org/pypi/pyarrow
> pypi packages compatible with setuptools
>
>
> Key: ARROW-1346
> URL: https://issues.apache.org/jira/browse/ARROW-1346
> Project: Apache Arrow
> Issue Type: Wish
> Components: Python
>Affects Versions: 0.5.0
>Reporter: Antony Mayi
> Attachments: setup.py
>
>
> setuptools is internally using easy_install for pulling packages from pypi.
> easy_install doesn't support wheel so since pyarrow is in pypi distributed
> only as wheels it is not possible to package a product depending on pyarrow
> using setuptools.
> see attached [^setup.py]:
> {code}
> $ python setup.py test
> running test
> Searching for pyarrow==0.5.0.post2
> Reading https://pypi.python.org/simple/pyarrow/
> No local packages or working download links found for pyarrow==0.5.0.post2
> error: Could not find suitable distribution for
> Requirement.parse('pyarrow==0.5.0.post2')
> {code}
> It's a shame setuptools don't support wheels. unfortunately it supports only
> eggs or raw source packages (see
> [distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
> I am not suggesting providing eggs but perhaps publishing raw tar.gz should
> be considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Created] (ARROW-1346) pypi packages compatible with setuptools
Antony Mayi created ARROW-1346:
--
Summary: pypi packages compatible with setuptools
Key: ARROW-1346
URL: https://issues.apache.org/jira/browse/ARROW-1346
Project: Apache Arrow
Issue Type: Wish
Components: Python
Affects Versions: 0.5.0
Reporter: Antony Mayi
Attachments: setup.py
setuptools is internally using easy_install for pulling packages from pypi.
easy_install doesn't support wheel so since pyarrow is in pypi distributed only
as wheels it is not possible to package a product depending on pyarrow using
setuptools.
see attached [^setup.py]:
{code}
$ python setup.py test
running test
Searching for pyarrow==0.5.0.post2
Reading https://pypi.python.org/simple/pyarrow/
No local packages or working download links found for pyarrow==0.5.0.post2
error: Could not find suitable distribution for
Requirement.parse('pyarrow==0.5.0.post2')
{code}
It's a shame setuptools don't support wheels. unfortunately it supports only
eggs or raw source packages (see
[distro_for_location|https://github.com/pypa/setuptools/blob/master/setuptools/package_index.py#L112]).
I am not suggesting providing eggs but perhaps publishing raw tar.gz should be
considered so that setuptools can at least build the dependency itself.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Comment Edited] (ARROW-1242) [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
[
https://issues.apache.org/jira/browse/ARROW-1242?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121263#comment-16121263
]
Matt Darwin edited comment on ARROW-1242 at 8/10/17 8:50 AM:
-
Sorry [~wesmckinn], there was a bug in my PR and it's not changed the Jackson
version. java/pom.xml defines a {{jackson.version}} variable, but in
java/vector/pom.xml it doesn't use that variable. I've changed it in my branch
and have submitted a new PR [#957|https://github.com/apache/arrow/pull/957] .
was (Author: mdarwin):
Sorry [~wesmckinn], there was a bug in my PR and it's not changed the Jackson
version. java/pom.xml defines a {{jackson.version}} variable, but in
java/vector/pom.xml it doesn't use that variable. I've changed it in my branch
and have submitted a new PR [PR 957|https://github.com/apache/arrow/pull/957] .
> [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
> ---
>
> Key: ARROW-1242
> URL: https://issues.apache.org/jira/browse/ARROW-1242
> Project: Apache Arrow
> Issue Type: Bug
> Components: Java - Memory, Java - Vectors
>Affects Versions: 0.4.1
>Reporter: Matt Darwin
>Assignee: Matt Darwin
> Fix For: 0.6.0
>
>
> please consider upgrading jackson to mitigate its various vulnerabilities in
> 2.7.1:
> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jackson
> see also
> https://github.com/FasterXML/jackson-databind/issues/1599
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Comment Edited] (ARROW-1242) [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
[
https://issues.apache.org/jira/browse/ARROW-1242?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121263#comment-16121263
]
Matt Darwin edited comment on ARROW-1242 at 8/10/17 8:49 AM:
-
Sorry [~wesmckinn], there was a bug in my PR and it's not changed the Jackson
version. java/pom.xml defines a {{jackson.version}} variable, but in
java/vector/pom.xml it doesn't use that variable. I've changed it in my branch
and have submitted a new PR [PR 957|https://github.com/apache/arrow/pull/957] .
was (Author: mdarwin):
Sorry [~wesmckinn], there was a bug in my PR and it's not changed the Jackson
version. java/pom.xml defines a {{jackson.version}} variable, but in
java/vector/pom.xml it doesn't use that variable. I've changed it in my branch
and have submitted a new PR #957.
> [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
> ---
>
> Key: ARROW-1242
> URL: https://issues.apache.org/jira/browse/ARROW-1242
> Project: Apache Arrow
> Issue Type: Bug
> Components: Java - Memory, Java - Vectors
>Affects Versions: 0.4.1
>Reporter: Matt Darwin
>Assignee: Matt Darwin
> Fix For: 0.6.0
>
>
> please consider upgrading jackson to mitigate its various vulnerabilities in
> 2.7.1:
> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jackson
> see also
> https://github.com/FasterXML/jackson-databind/issues/1599
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Comment Edited] (ARROW-1242) [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
[
https://issues.apache.org/jira/browse/ARROW-1242?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16121263#comment-16121263
]
Matt Darwin edited comment on ARROW-1242 at 8/10/17 8:48 AM:
-
Sorry [~wesmckinn], there was a bug in my PR and it's not changed the Jackson
version. java/pom.xml defines a {{jackson.version}} variable, but in
java/vector/pom.xml it doesn't use that variable. I've changed it in my branch
and have submitted a new PR #957.
was (Author: mdarwin):
Sorry, there was a bug in my PR and it's not changed the Jackson version.
java/pom.xml defines a {{jackson.version}} variable, but in java/vector/pom.xml
it doesn't use that variable. I've changed it in my branch and have submitted
a new PR #957.
> [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
> ---
>
> Key: ARROW-1242
> URL: https://issues.apache.org/jira/browse/ARROW-1242
> Project: Apache Arrow
> Issue Type: Bug
> Components: Java - Memory, Java - Vectors
>Affects Versions: 0.4.1
>Reporter: Matt Darwin
>Assignee: Matt Darwin
> Fix For: 0.6.0
>
>
> please consider upgrading jackson to mitigate its various vulnerabilities in
> 2.7.1:
> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jackson
> see also
> https://github.com/FasterXML/jackson-databind/issues/1599
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Issue Comment Deleted] (ARROW-1242) [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
[
https://issues.apache.org/jira/browse/ARROW-1242?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matt Darwin updated ARROW-1242:
---
Comment: was deleted
(was: Sorry, there was a bug in my PR and it's not changed the Jackson version.
java/pom.xml defines a {{jackson.version}} variable, but in
java/vector/pom.xml it doesn't use that variable. I've changed it in the
branch and will submit a new PR.)
> [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
> ---
>
> Key: ARROW-1242
> URL: https://issues.apache.org/jira/browse/ARROW-1242
> Project: Apache Arrow
> Issue Type: Bug
> Components: Java - Memory, Java - Vectors
>Affects Versions: 0.4.1
>Reporter: Matt Darwin
>Assignee: Matt Darwin
> Fix For: 0.6.0
>
>
> please consider upgrading jackson to mitigate its various vulnerabilities in
> 2.7.1:
> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jackson
> see also
> https://github.com/FasterXML/jackson-databind/issues/1599
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Reopened] (ARROW-1242) [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
[
https://issues.apache.org/jira/browse/ARROW-1242?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matt Darwin reopened ARROW-1242:
Sorry, there was a bug in my PR and it's not changed the Jackson version.
java/pom.xml defines a {{jackson.version}} variable, but in java/vector/pom.xml
it doesn't use that variable. I've changed it in my branch and have submitted
a new PR #957.
> [Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities
> ---
>
> Key: ARROW-1242
> URL: https://issues.apache.org/jira/browse/ARROW-1242
> Project: Apache Arrow
> Issue Type: Bug
> Components: Java - Memory, Java - Vectors
>Affects Versions: 0.4.1
>Reporter: Matt Darwin
>Assignee: Matt Darwin
> Fix For: 0.6.0
>
>
> please consider upgrading jackson to mitigate its various vulnerabilities in
> 2.7.1:
> https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jackson
> see also
> https://github.com/FasterXML/jackson-databind/issues/1599
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
