[ https://issues.apache.org/jira/browse/YARN-11498?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17727985#comment-17727985 ]
ASF GitHub Bot commented on YARN-11498: --------------------------------------- tomicooler commented on PR #5623: URL: https://github.com/apache/hadoop/pull/5623#issuecomment-1570310784 Hi @devaspatikrishnatri , you can re-trigger the build by creating an empty commit `git commit --allow-empty -m "Trigger the jenkins job"` then pushing it to your fork's branch `git push origin HADOOP-18732`. I think the reason for this exclusion should be documented in the Jira, as far as I know the reason being: ``` An older version of Jetty is being pulled in by jersey-json artifact in hadoop-yarn-common, which contains CVEs. ``` https://mvnrepository.com/artifact/com.sun.jersey/jersey-json/1.19.4 BTW jackson-mapper-asl 1.9.2 has also 2 CVEs (https://mvnrepository.com/artifact/org.codehaus.jackson/jackson-mapper-asl/1.9.2). > Exclude Jettison from jersey-json artifact in hadoop-yarn-common's pom.xml > -------------------------------------------------------------------------- > > Key: YARN-11498 > URL: https://issues.apache.org/jira/browse/YARN-11498 > Project: Hadoop YARN > Issue Type: Task > Components: build > Reporter: Devaspati Krishnatri > Priority: Major > Labels: pull-request-available > -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org