Details
-
Task
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
None
-
None
-
None
-
Reviewed
Description
Dependabot auto-generated dependency upgrade: https://github.com/apache/hbase/pull/4291
We can't accept the dependabot PR as-is because it causes a unit test failure. Bump the dependency and fix the test by hand.
There is a comment in our POM indicating this is a known issue:
<!-- Updating the httpclient will break hbase-rest. It writes out URLs with '//' in it especially when writing out 'no column families'. Later httpclients collapse the '//' into single '/' as double-slash is not legal in an URL. Breaks #testDelete in TestRemoteTable. -->
Staying back on a version of httpclient with CVE listed vulnerabilities just for this isn't a good option.
Attachments
Issue Links
1.
|
[REST] Client must disable URI normalization | Resolved | Unassigned |