From c9f28e1864312cabcaf334e434862284bb8b2109 Mon Sep 17 00:00:00 2001 From: Sean Busbey Date: Tue, 2 Aug 2016 01:17:59 -0500 Subject: [PATCH 1/4] HBASE-16321 ensure no findbugs-jsr305 Signed-off-by: Esteban Gutierrez --- hbase-client/pom.xml | 8 +- .../org/apache/hadoop/hbase/MetaTableAccessor.java | 10 +-- .../hbase/client/ConnectionImplementation.java | 2 +- .../hadoop/hbase/protobuf/ResponseConverter.java | 2 +- .../org/apache/hadoop/hbase/codec/BaseDecoder.java | 5 +- hbase-rsgroup/pom.xml | 12 +-- hbase-server/pom.xml | 4 +- .../hadoop/hbase/coprocessor/ObserverContext.java | 3 +- .../apache/hadoop/hbase/master/LoadBalancer.java | 2 +- .../hadoop/hbase/master/TableStateManager.java | 6 +- .../hadoop/hbase/util/FSTableDescriptors.java | 2 +- .../apache/hadoop/hbase/HBaseTestingUtility.java | 3 +- .../hadoop/hbase/client/TestMetaWithReplicas.java | 5 +- .../TestMultiTableSnapshotInputFormat.java | 2 +- hbase-spark/pom.xml | 39 ++++++++++ pom.xml | 87 +++++++++++++++------- src/main/asciidoc/_chapters/developer.adoc | 4 +- 17 files changed, 133 insertions(+), 63 deletions(-) diff --git a/hbase-client/pom.xml b/hbase-client/pom.xml index 7fc4672..b78f198 100644 --- a/hbase-client/pom.xml +++ b/hbase-client/pom.xml @@ -247,8 +247,8 @@ - com.google.code.findbugs - jsr305 + com.github.stephenc.findbugs + findbugs-annotations true @@ -260,10 +260,6 @@ hadoop-common - com.github.stephenc.findbugs - findbugs-annotations - - net.java.dev.jets3t jets3t diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/MetaTableAccessor.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/MetaTableAccessor.java index 3d40c70..a5dbc94 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/MetaTableAccessor.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/MetaTableAccessor.java @@ -17,8 +17,6 @@ */ package org.apache.hadoop.hbase; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; import java.io.Closeable; import java.io.IOException; import java.io.InterruptedIOException; @@ -34,6 +32,8 @@ import java.util.TreeMap; import java.util.regex.Matcher; import java.util.regex.Pattern; +import edu.umd.cs.findbugs.annotations.NonNull; +import edu.umd.cs.findbugs.annotations.Nullable; import com.google.common.annotations.VisibleForTesting; import com.google.protobuf.ServiceException; import org.apache.commons.logging.Log; @@ -795,10 +795,10 @@ public class MetaTableAccessor { * @return Get closest metatable region row to passed row * @throws java.io.IOException */ - @Nonnull + @NonNull public static HRegionInfo getClosestRegionInfo(Connection connection, - @Nonnull final TableName tableName, - @Nonnull final byte[] row) + @NonNull final TableName tableName, + @NonNull final byte[] row) throws IOException { byte[] searchRow = HRegionInfo.createRegionName(tableName, row, HConstants.NINES, false); Scan scan = getMetaScan(connection, 1); diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionImplementation.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionImplementation.java index bb5c996..8dcda13 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionImplementation.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/ConnectionImplementation.java @@ -43,7 +43,7 @@ import java.util.concurrent.ThreadPoolExecutor; import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicInteger; -import javax.annotation.Nullable; +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ResponseConverter.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ResponseConverter.java index 421907d..76b4ccf 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ResponseConverter.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ResponseConverter.java @@ -17,13 +17,13 @@ */ package org.apache.hadoop.hbase.protobuf; -import javax.annotation.Nullable; import java.io.IOException; import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.hbase.Cell; diff --git a/hbase-common/src/main/java/org/apache/hadoop/hbase/codec/BaseDecoder.java b/hbase-common/src/main/java/org/apache/hadoop/hbase/codec/BaseDecoder.java index 86f8678..485b88a 100644 --- a/hbase-common/src/main/java/org/apache/hadoop/hbase/codec/BaseDecoder.java +++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/codec/BaseDecoder.java @@ -22,8 +22,7 @@ import java.io.IOException; import java.io.InputStream; import java.io.PushbackInputStream; -import javax.annotation.Nonnull; - +import edu.umd.cs.findbugs.annotations.NonNull; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.hbase.Cell; @@ -99,7 +98,7 @@ public abstract class BaseDecoder implements Codec.Decoder { * thrown if EOF is reached prematurely. Does not return null. * @throws IOException */ - @Nonnull + @NonNull protected abstract Cell parseCell() throws IOException; @Override diff --git a/hbase-rsgroup/pom.xml b/hbase-rsgroup/pom.xml index aff49b7..d216263 100644 --- a/hbase-rsgroup/pom.xml +++ b/hbase-rsgroup/pom.xml @@ -259,8 +259,8 @@ - com.google.code.findbugs - jsr305 + com.github.stephenc.findbugs + findbugs-annotations true @@ -272,10 +272,6 @@ hadoop-common - com.github.stephenc.findbugs - findbugs-annotations - - net.java.dev.jets3t jets3t @@ -311,6 +307,10 @@ tomcat jasper-runtime + + com.google.code.findbugs + jsr305 + diff --git a/hbase-server/pom.xml b/hbase-server/pom.xml index ff001b7..6cf1bb6 100644 --- a/hbase-server/pom.xml +++ b/hbase-server/pom.xml @@ -430,8 +430,8 @@ - com.google.code.findbugs - jsr305 + com.github.stephenc.findbugs + findbugs-annotations true diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/coprocessor/ObserverContext.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/coprocessor/ObserverContext.java index d522ce9..52f2b95 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/coprocessor/ObserverContext.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/coprocessor/ObserverContext.java @@ -19,6 +19,7 @@ package org.apache.hadoop.hbase.coprocessor; +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.hadoop.hbase.classification.InterfaceAudience; import org.apache.hadoop.hbase.classification.InterfaceStability; import org.apache.hadoop.hbase.CoprocessorEnvironment; @@ -26,8 +27,6 @@ import org.apache.hadoop.hbase.HBaseInterfaceAudience; import org.apache.hadoop.hbase.ipc.RpcServer; import org.apache.hadoop.hbase.security.User; -import javax.annotation.Nullable; - /** * Carries the execution state for a given invocation of an Observer coprocessor * ({@link RegionObserver}, {@link MasterObserver}, or {@link WALObserver}) diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/LoadBalancer.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/LoadBalancer.java index 5d6be9e..d7111c3 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/LoadBalancer.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/LoadBalancer.java @@ -18,10 +18,10 @@ */ package org.apache.hadoop.hbase.master; -import javax.annotation.Nullable; import java.util.List; import java.util.Map; +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.hadoop.hbase.classification.InterfaceAudience; import org.apache.hadoop.hbase.conf.ConfigurationObserver; import org.apache.hadoop.conf.Configurable; diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/TableStateManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/TableStateManager.java index cc257d0..1499788 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/TableStateManager.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/TableStateManager.java @@ -17,8 +17,6 @@ */ package org.apache.hadoop.hbase.master; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; import java.io.IOException; import java.util.HashMap; import java.util.Map; @@ -27,6 +25,8 @@ import java.util.concurrent.locks.ReadWriteLock; import java.util.concurrent.locks.ReentrantReadWriteLock; import com.google.common.collect.Sets; +import edu.umd.cs.findbugs.annotations.NonNull; +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.hbase.HTableDescriptor; @@ -167,7 +167,7 @@ public class TableStateManager { return rv; } - @Nonnull + @NonNull public TableState.State getTableState(TableName tableName) throws IOException { TableState currentState = readMetaState(tableName); if (currentState == null) { diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/util/FSTableDescriptors.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/util/FSTableDescriptors.java index d0aeb6c..1c59a44 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/util/FSTableDescriptors.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/util/FSTableDescriptors.java @@ -17,7 +17,6 @@ */ package org.apache.hadoop.hbase.util; -import javax.annotation.Nullable; import java.io.FileNotFoundException; import java.io.IOException; import java.util.Comparator; @@ -30,6 +29,7 @@ import java.util.regex.Pattern; import com.google.common.annotations.VisibleForTesting; import com.google.common.primitives.Ints; +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.commons.lang.NotImplementedException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/HBaseTestingUtility.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/HBaseTestingUtility.java index a6dc59f..04afb01 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/HBaseTestingUtility.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/HBaseTestingUtility.java @@ -47,8 +47,7 @@ import java.util.UUID; import java.util.concurrent.TimeUnit; import java.util.concurrent.atomic.AtomicReference; -import javax.annotation.Nullable; - +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.commons.lang.RandomStringUtils; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestMetaWithReplicas.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestMetaWithReplicas.java index 8e87ceb..73e5abb 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestMetaWithReplicas.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestMetaWithReplicas.java @@ -29,8 +29,7 @@ import java.util.Collection; import java.util.List; import java.util.concurrent.ExecutorService; -import javax.annotation.Nullable; - +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.hadoop.conf.Configuration; @@ -459,4 +458,4 @@ public class TestMetaWithReplicas { hbck = doFsck(TEST_UTIL.getConfiguration(), false); assertErrors(hbck, new ERROR_CODE[]{}); } -} \ No newline at end of file +} diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/mapreduce/TestMultiTableSnapshotInputFormat.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/mapreduce/TestMultiTableSnapshotInputFormat.java index 6285ca1..19e7a18 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/mapreduce/TestMultiTableSnapshotInputFormat.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/mapreduce/TestMultiTableSnapshotInputFormat.java @@ -21,6 +21,7 @@ package org.apache.hadoop.hbase.mapreduce; import com.google.common.base.Function; import com.google.common.collect.ImmutableList; import com.google.common.collect.Multimaps; +import edu.umd.cs.findbugs.annotations.Nullable; import org.apache.hadoop.fs.Path; import org.apache.hadoop.hbase.TableName; import org.apache.hadoop.hbase.client.Scan; @@ -35,7 +36,6 @@ import org.junit.Before; import org.junit.BeforeClass; import org.junit.experimental.categories.Category; -import javax.annotation.Nullable; import java.io.IOException; import java.util.Collection; import java.util.List; diff --git a/hbase-spark/pom.xml b/hbase-spark/pom.xml index 89ed186..842ff21 100644 --- a/hbase-spark/pom.xml +++ b/hbase-spark/pom.xml @@ -62,6 +62,10 @@ ${scala.version} provided + org.apache.spark spark-core_${scala.binary.version} @@ -78,9 +82,20 @@ org.scala-lang scalap + + com.google.code.findbugs + jsr305 + + com.google.code.findbugs + jsr305 + 1.3.9 + provided + true + + org.apache.spark spark-sql_${scala.binary.version} ${spark.version} @@ -181,6 +196,10 @@ io.netty netty + + com.google.code.findbugs + jsr305 + @@ -215,6 +234,10 @@ io.netty netty + + com.google.code.findbugs + jsr305 + @@ -646,6 +669,22 @@ + + + org.apache.maven.plugins + maven-enforcer-plugin + + + banned-jsr305 + + enforce + + + false + + + + diff --git a/pom.xml b/pom.xml index b116ae4..c4f1b05 100644 --- a/pom.xml +++ b/pom.xml @@ -931,36 +931,52 @@ - - - - - [${maven.min.version},) - Maven is out of date. + + + min-maven-and-java + + enforce + + + + + + [${maven.min.version},) + Maven is out of date. HBase requires at least version ${maven.min.version} of Maven to properly build from source. You appear to be using an older version. You can use either "mvn -version" or "mvn enforcer:display-info" to verify what version is active. See the reference guide on building for more information: http://hbase.apache.org/book.html#build - - - - - [${java.min.version},) - Java is out of date. + + + + + [${java.min.version},) + Java is out of date. HBase requirs at least version ${java.min.version} of the JDK to properly build from source. You appear to be using an older version. You can use either "mvn -version" or "mvn enforcer:display-info" to verify what version is active. See the reference guide on building for more information: http://hbase.apache.org/book.html#build - - - - - + + + + + - enforce + banned-jsr305 enforce + + + + + com.google.code.findbugs:jsr305 + + We don't allow the JSR305 jar from the Findbugs project, see HBASE-16321. + + + @@ -1257,7 +1273,6 @@ 4.4.4 3.1.2 12.0.1 - 1.3.9 1.9.13 5.5.23 2.2.2 @@ -1508,6 +1523,12 @@ + com.github.stephenc.findbugs + findbugs-annotations + ${findbugs-annotations} + + + org.codehaus.jettison jettison ${jettison.version} @@ -1533,11 +1554,12 @@ com.google.guava guava ${guava.version} - - - com.google.code.findbugs - jsr305 - ${jsr305.version} + + + com.google.code.findbugs + jsr305 + + commons-collections @@ -1853,7 +1875,6 @@ com.github.stephenc.findbugs findbugs-annotations - ${findbugs-annotations} compile @@ -2213,6 +2234,10 @@ io.netty netty + + com.google.code.findbugs + jsr305 + @@ -2247,6 +2272,10 @@ io.netty netty + + com.google.code.findbugs + jsr305 + @@ -2387,6 +2416,10 @@ io.netty netty + + com.google.code.findbugs + jsr305 + @@ -2426,6 +2459,10 @@ io.netty netty + + com.google.code.findbugs + jsr305 + diff --git a/src/main/asciidoc/_chapters/developer.adoc b/src/main/asciidoc/_chapters/developer.adoc index 56aa557..0a29864 100644 --- a/src/main/asciidoc/_chapters/developer.adoc +++ b/src/main/asciidoc/_chapters/developer.adoc @@ -1591,7 +1591,9 @@ value="HE_EQUALS_USE_HASHCODE", justification="I know what I'm doing") ---- -It is important to use the Apache-licensed version of the annotations. +It is important to use the Apache-licensed version of the annotations. That generally means using +annotations in the `edu.umd.cs.findbugs.annotations` package so that we can rely on the cleanroom +reimplementation rather than annotations in the `javax.annotations` package. [[common.patch.feedback.javadoc.defaults]] ===== Javadoc - Useless Defaults -- 2.7.2 From 8e5f89c08dc78361818b3f3cbb60a4250d8dcdad Mon Sep 17 00:00:00 2001 From: Sean Busbey Date: Tue, 2 Aug 2016 11:36:51 -0500 Subject: [PATCH 2/4] HBASE-16340 exclude Xerces iplementation jars from coming in transitively. Signed-off-by: Esteban Gutierrez --- hbase-spark/pom.xml | 4 ++++ pom.xml | 24 +++++++++++++++++++++++- 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/hbase-spark/pom.xml b/hbase-spark/pom.xml index 842ff21..aa03854 100644 --- a/hbase-spark/pom.xml +++ b/hbase-spark/pom.xml @@ -272,6 +272,10 @@ io.netty netty + + xerces + xercesImpl + diff --git a/pom.xml b/pom.xml index c4f1b05..71b77bb 100644 --- a/pom.xml +++ b/pom.xml @@ -933,7 +933,7 @@ - min-maven-and-java + min-maven-min-java-banned-xerces enforce @@ -959,6 +959,12 @@ See the reference guide on building for more information: http://hbase.apache.org/book.html#build + + + xerces:xercesImpl + + We avoid adding our own Xerces jars to the classpath, see HBASE-16340. + @@ -2176,6 +2182,10 @@ stax stax-api + + xerces + xercesImpl + ${hadoop-two.version} @@ -2202,6 +2212,10 @@ stax stax-api + + xerces + xercesImpl + @@ -2362,6 +2376,10 @@ stax stax-api + + xerces + xercesImpl + ${hadoop-three.version} @@ -2384,6 +2402,10 @@ stax stax-api + + xerces + xercesImpl + -- 2.7.2 From 5f590e80c3b8fe3b13e40e373773a4e930889cdd Mon Sep 17 00:00:00 2001 From: Sean Busbey Date: Tue, 2 Aug 2016 00:54:50 -0500 Subject: [PATCH 3/4] HBASE-16318 consistently use the correct name for 'Apache License, Version 2.0' --- .../src/main/resources/META-INF/LICENSE.vm | 2 +- .../src/main/resources/supplemental-models.xml | 669 ++++++++++++++++++++- pom.xml | 11 + 3 files changed, 666 insertions(+), 16 deletions(-) diff --git a/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm b/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm index 54f53fd..8e5c9fe 100644 --- a/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm +++ b/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm @@ -1624,7 +1624,7 @@ ${dep.scm.url} #thrift_license() #end ## Note that this will fail the build if we don't have a license. update supplemental-models. -#if( !(${dep.licenses[0].name.contains("Apache Software License, Version 2.0")}) ) +#if( !(${dep.licenses[0].name.contains("Apache License, Version 2.0")}) ) #if( ${dep.licenses[0].name.contains("CDDL")} ) #if( ${dep.licenses[0].name.contains("1.0")} ) #set($aggregated = $cddl_1_0.add($dep)) diff --git a/hbase-resource-bundle/src/main/resources/supplemental-models.xml b/hbase-resource-bundle/src/main/resources/supplemental-models.xml index 2f94226..5d45a44 100644 --- a/hbase-resource-bundle/src/main/resources/supplemental-models.xml +++ b/hbase-resource-bundle/src/main/resources/supplemental-models.xml @@ -36,7 +36,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -54,7 +54,25 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-beanutils + commons-beanutils-core + + + The Apache Software Foundation + http://www.apache.org/ + + + + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -69,7 +87,232 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + com.google.code.gson + gson + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + com.google.guava + guava + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + com.google.inject + guice + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + com.google.inject.extensions + guice-servlet + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + com.lmax + disruptor + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-cli + commons-cli + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-codec + commons-codec + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-configuration + commons-configuration + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-daemon + commons-daemon + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-digester + commons-digester + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-el + commons-el + Apache Commons El + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-fileupload + commons-fileupload + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-io + commons-io + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-lang + commons-lang + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-logging + commons-logging + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + commons-net + commons-net + + + + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -83,7 +326,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -97,7 +340,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -111,7 +354,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -125,7 +368,21 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + javax.inject + javax.inject + + + + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -139,7 +396,371 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + log4j + log4j + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.avro + avro + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.commons + commons-compress + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.commons + commons-math + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.commons + commons-math3 + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.curator + curator-client + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.curator + curator-framework + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.curator + curator-recipes + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.directory.api + api-asn1-api + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.directory.api + api-util + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.directory.server + apacheds-i18n + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.directory.server + apacheds-kerberos-codec + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.htrace + htrace-core + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.thrift + libthrift + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.xmlgraphics + batik-css + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.xmlgraphics + batik-ext + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.apache.xmlgraphics + batik-util + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.codehaus.jackson + jackson-core-asl + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.codehaus.jackson + jackson-jaxrs + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.codehaus.jackson + jackson-mapper-asl + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.codehaus.jackson + jackson-xc + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + org.xerial.snappy + snappy-java + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + tomcat + jasper-compiler + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + tomcat + jasper-runtime + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + xml-apis + xml-apis + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + + + + xml-apis + xml-apis-ext + + + + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -154,7 +775,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -168,7 +789,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -182,7 +803,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -196,7 +817,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -210,7 +831,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -224,7 +845,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -238,7 +859,7 @@ under the License. - The Apache Software License, Version 2.0 + Apache License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt repo @@ -1195,4 +1816,22 @@ Copyright (c) 2007-2011 The JRuby project + + + xalan + xalan + + + The Apache Software Foundation + http://www.apache.org/ + + + + Apache License, Version 2.0 + http://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + + diff --git a/pom.xml b/pom.xml index 71b77bb..15f5de8 100644 --- a/pom.xml +++ b/pom.xml @@ -49,6 +49,17 @@ http://hbase.apache.org 2007 + + + + Apache License, Version 2.0 + https://www.apache.org/licenses/LICENSE-2.0.txt + repo + + + hbase-resource-bundle hbase-server -- 2.7.2 From b3b424caaca0143e860ae55d7e0a4fa6e49a2dab Mon Sep 17 00:00:00 2001 From: Sean Busbey Date: Tue, 2 Aug 2016 00:53:53 -0500 Subject: [PATCH 4/4] HBASE-16318 fail build while rendering velocity template if dependency license isn't in whitelist. --- .../src/main/resources/META-INF/LICENSE.vm | 32 ++++++++++++++++++++++ 1 file changed, 32 insertions(+) diff --git a/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm b/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm index 8e5c9fe..31e508f 100644 --- a/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm +++ b/hbase-resource-bundle/src/main/resources/META-INF/LICENSE.vm @@ -1558,6 +1558,10 @@ You can redistribute it and/or modify it under either the terms of the GPL #set($jruby = false) ## track hadoops #set($hadoop = false) +## Whitelist of licenses that it's safe to not aggregate as above. +## Note that this doesn't include ALv2 or the aforementioned aggregate +## license mentions. +#set($non_aggregate_fine = [ 'Public Domain', 'New BSD license', 'BSD license', 'Mozilla Public License Version 2.0' ]) ## include LICENSE sections for anything not under ASL2.0 #foreach( ${dep} in ${projects} ) ## if there are no licenses we'll fail the build later, so @@ -1646,6 +1650,34 @@ ${dep.scm.url} This product includes ${dep.name} licensed under the ${dep.licenses[0].name}. ${dep.licenses[0].comments} +#if(!(${non_aggregate_fine.contains($dep.licenses[0].name)})) +Please check ^^^^^^^^^^^^ this License for acceptability here: + +https://www.apache.org/legal/resolved + +If it is okay, then update the list named 'non_aggregate_fine' in the LICENSE.vm file. +If it isn't okay, then revert the change that added the dependency. + +More info on the dependency: + +${dep.groupId} +${dep.artifactId} +${dep.version} + +maven central search +g:${dep.groupId} AND a:${dep.artifactId} AND v:${dep.version} + +project website +${dep.url} +project source +${dep.scm.url} + +## fail the template. If you're looking at the source LICENSE.vm +## file based on a stacktrace or exception message, you need to find +## the generated LICENSE file that has the actual dependency info printed. +#set($empty = []) +${empty[0]} +#end #end #end #end -- 2.7.2