Uploaded image for project: 'Phoenix'
  1. Phoenix
  2. PHOENIX-7163

Update commons-configuration2 to 2.8.0

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Won't Do
    • 5.2.0, 5.1.4
    • None
    • core
    • None

    Description

      We are using commons-configurations2 for the Hadoop metrics code, because that Hadoop API is badly broken.

      Because of this, I have added dependency management for that dependency.

      We are setting an old version, which is known to have CVEs.

      Remove the dependency managment so that we can pick up any possible future fixes from Hadoop instead.

      Hadoop has updated to 2.8.0 without any code changes.
      Since we only add this for the Hadoop API leak , we may update to 2.8.0 just as well.

      It is also not needed in hbase-server and hbase-mapreduce, as it is provided by the expected Hadoop on the classpath.

      Attachments

        Issue Links

          Activity

            People

              stoty Istvan Toth
              stoty Istvan Toth
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: