pan3793 commented on PR #46520:
URL: https://github.com/apache/spark/pull/46520#issuecomment-2105463104
@dongjoon-hyun Okay, as this fail the CI, we should revert deps removing
first and do more investigation later.
While for supporting "legacy Hive UDF jars", I think if the user impo
dongjoon-hyun commented on PR #46520:
URL: https://github.com/apache/spark/pull/46520#issuecomment-2105347143
For the existing Hive UDFs which assumes `jodd` library, this could be a
breaking change like #46528 .
```
- import jodd.datetime.JDateTime;
+ import org.apache.hadoop.hive
dongjoon-hyun commented on PR #46520:
URL: https://github.com/apache/spark/pull/46520#issuecomment-2105328073
Hi, @pan3793 .
It seems that we need to re-evaluate this dependency removal. Please see the
following which is related to `commons-lang:commons:lang`.
- #46528
--
Th
dongjoon-hyun commented on PR #46520:
URL: https://github.com/apache/spark/pull/46520#issuecomment-2104146941
Merged to master for Apache Spark 4.0.0.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go
dongjoon-hyun closed pull request #46520: [SPARK-48230][BUILD] Remove unused
`jodd-core`
URL: https://github.com/apache/spark/pull/46520
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific
pan3793 opened a new pull request, #46520:
URL: https://github.com/apache/spark/pull/46520
### What changes were proposed in this pull request?
Remove a jar that has CVE https://github.com/advisories/GHSA-jrg3-qq99-35g7
### Why are the changes needed?
Previously,
