Re: icu4j / i18n-util upgrade

2022-10-20 Thread Istvan Toth
Thanks Andrew, I accepted the OWASP report at face value. The sad reality today is that it is easier to do a needless version bump than to get users to understand and accept that a static code analysis tool gives false positives. Anyway, keeping dependencies up-to-date even without CVEs is

[jira] [Created] (PHOENIX-6818) Remove dependency on the i18n-util library

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created PHOENIX-6818: Summary: Remove dependency on the i18n-util library Key: PHOENIX-6818 URL: https://issues.apache.org/jira/browse/PHOENIX-6818 Project: Phoenix Issue Type:

Re: icu4j / i18n-util upgrade

2022-10-20 Thread Andrew Purtell
The CVE is for the c++ icu library not icu4j but ? We did A where I work and it did what you’d expect and shut up the vuln scanner. +1 for B. The code is compatibly licensed and not that much. Other options carry functionality loss risks or dev work. Dropping it in place is low risk and low

PhoenixDB PyPI project permissions

2022-10-20 Thread Istvan Toth
Hi! I have added Richard as an *Owner* to the *phoenixdb* project on PyPI. The current Owners are Josh, Lukas Lalinsky (the original author), Richard and me. If anyone else has or creates a PyPI account, please contact one of the owners to add you. regards Istvan

[jira] [Updated] (PHOENIX-6817) Switch to guava -JRE variant

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6817?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated PHOENIX-6817: - Description: We chose to include the -android variant of Guava, to ensure compatibiity with

[jira] [Updated] (PHOENIX-6816) Update Jetty to 9.4.49.v20220914

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6816?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated PHOENIX-6816: - Affects Version/s: 5.2.0 5.1.3 > Update Jetty to 9.4.49.v20220914 >

[jira] [Updated] (PHOENIX-6815) Update Gson version to 2.9.1

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6815?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated PHOENIX-6815: - Affects Version/s: 5.2.0 5.1.3 > Update Gson version to 2.9.1 >

[jira] [Updated] (OMID-190) Update website for 1.0.2

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/OMID-190?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated OMID-190: - Fix Version/s: 1.1.1 (was: 1.1.0) > Update website for 1.0.2 >

[jira] [Updated] (OMID-195) Add security system tests

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/OMID-195?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated OMID-195: - Fix Version/s: 1.1.1 (was: 1.1.0) > Add security system tests >

[jira] [Updated] (OMID-206) Half of the regions of commit table not getting used

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/OMID-206?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated OMID-206: - Fix Version/s: 1.1.1 (was: 1.1.0) > Half of the regions of commit table not getting

[jira] [Updated] (PHOENIX-6815) Update Gson version to 2.9.1

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6815?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth updated PHOENIX-6815: - Summary: Update Gson version to 2.9.1 (was: Bump gson version to 2.9.1) > Update Gson version

[jira] [Created] (OMID-234) Bump SnakeYaml version to 1.33

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created OMID-234: Summary: Bump SnakeYaml version to 1.33 Key: OMID-234 URL: https://issues.apache.org/jira/browse/OMID-234 Project: Phoenix Omid Issue Type: Task Affects

[jira] [Created] (PHOENIX-6817) Switch to guava -JRE variant

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created PHOENIX-6817: Summary: Switch to guava -JRE variant Key: PHOENIX-6817 URL: https://issues.apache.org/jira/browse/PHOENIX-6817 Project: Phoenix Issue Type: Improvement

[jira] [Created] (PHOENIX-6816) Update Jetty to 9.4.49.v20220914

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created PHOENIX-6816: Summary: Update Jetty to 9.4.49.v20220914 Key: PHOENIX-6816 URL: https://issues.apache.org/jira/browse/PHOENIX-6816 Project: Phoenix Issue Type: Task

[jira] [Assigned] (PHOENIX-6816) Update Jetty to 9.4.49.v20220914

2022-10-20 Thread Istvan Toth (Jira)
[ https://issues.apache.org/jira/browse/PHOENIX-6816?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Istvan Toth reassigned PHOENIX-6816: Assignee: Istvan Toth > Update Jetty to 9.4.49.v20220914 >

icu4j / i18n-util upgrade

2022-10-20 Thread Istvan Toth
Hi! Our icu4j version has CVEs. It is pulled in via com.salesforce.i18n:i18n-util *[INFO] +- com.salesforce.i18n:i18n-util:jar:1.0.4:compile[INFO] | +- commons-lang:commons-lang:jar:2.6:compile[INFO] | +- com.ibm.icu:icu4j:jar:60.2:compile[INFO] | +-

Re: [VOTE] Release of phoenixdb 1.2.1 RC1

2022-10-20 Thread rajeshb...@apache.org
+1 - Signature: ok - Checksum: ok - Build: ok On Tue, Oct 18, 2022 at 5:59 AM Viraj Jasani wrote: > +1 > > * Signature: ok > * Checksum: ok > * Build: ok > * Tests using docker setup: ok > > > > On Thu, Oct 13, 2022 at 5:31 AM Richárd Antal > wrote: > > > Hello Everyone, > > > > This is a

[jira] [Created] (PHOENIX-6815) Bump gson version to 2.9.1

2022-10-20 Thread Istvan Toth (Jira)
Istvan Toth created PHOENIX-6815: Summary: Bump gson version to 2.9.1 Key: PHOENIX-6815 URL: https://issues.apache.org/jira/browse/PHOENIX-6815 Project: Phoenix Issue Type: Task