Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DX-86156: upgrade netty to 4.1.104.Final #63

Merged
merged 7 commits into from
Jan 12, 2024
Merged

DX-86156: upgrade netty to 4.1.104.Final #63

merged 7 commits into from
Jan 12, 2024

Conversation

lriggs
Copy link

@lriggs lriggs commented Jan 12, 2024

Upgrading netty.
Arrow Flight jars wouldn't build so I had to bring in some other changes to remove unused dependencies.

panbingkun and others added 7 commits January 4, 2024 11:56
@panbingkun @lriggs
DX-86156: Cherry pick a4a3d3f for apacheGH-39265
2f3a61c
@lriggs
Update README_DREMIO.md
a5db296
@davisusanibar @lriggs
ARROW-16996: [Java] Configure Netty/GRPC/Protobuf base on BOM configu…
9b18459 
…ration + upgrade of dependencies by CVE (apache#13544)

- Configure Netty/GRPC/Protobuf base on BOM Bill Of Material configuration to dependencies versions be added by configuration (netty/netty#5994).
- Upgrade Netty/GRPC/Protobuf dependencies. Netty [CVE](GHSA-269q-hmxg-m83q)

Authored-by: david dali susanibar arce <davi.sarces@gmail.com>
Signed-off-by: David Li <li.davidm96@gmail.com>
@lriggs
Revert "ARROW-16996: [Java] Configure Netty/GRPC/Protobuf base on BOM…
be4c901 
… configuration + upgrade of dependencies by CVE (apache#13544)"

This reverts commit 9b18459.
@lriggs
Update pom.xml Remove unused dependency.
c55136c
@jduo @lriggs
apacheGH-38996: [Java] Update dependencies and plugins for JPMS modul…
ccae6e9 
…es (apache#38994)

Update dependencies and plugins to versions that work correctly with JPMS modules.

* Update several plugins to use module-enabled versions:
  * maven-compiler-plugin is updated to 3.11.0
  * maven-shade-plugin is updated to 3.2.4
  * maven-dependency-plugin is updated to 3.1.2
  * CycloneDX is updated to 2.7.10
* Update grpc-java to 1.59 for module support
* Update jackson to 2.16.0 as 2.15.1 had corrupt module-info.class files that broke module support.

Existing tests only

Users may need to update their own dependencies if they have the same ones.
* Closes: apache#38996

Authored-by: James Duong <james.duong@improving.com>
Signed-off-by: Sutou Kouhei <kou@clear-code.com>
@lriggs
Update README_DREMIO.md
52ccd3b
@lriggs lriggs requested a review from xxlaykxx January 12, 2024 17:21
@github-actions GitHub Actions
Copy link

Thanks for opening a pull request!

If this is not a minor PR. Could you open an issue for this pull request on GitHub? https://github.com/apache/arrow/issues/new/choose

Opening GitHub issues ahead of time contributes to the Openness of the Apache Arrow project.

Then could you also rename the pull request title in the following format?

GH-${GITHUB_ISSUE_ID}: [${COMPONENT}] ${SUMMARY}

or

MINOR: [${COMPONENT}] ${SUMMARY}

In the case of PARQUET issues on JIRA the title also supports:

PARQUET-${JIRA_ISSUE_ID}: [${COMPONENT}] ${SUMMARY}

See also:

@lriggs lriggs requested a review from XN137 January 12, 2024 17:21
@lriggs lriggs merged commit eecb9a6 into dremio:dremio_25.0_12.0 Jan 12, 2024
7 of 15 checks passed
@XN137
Copy link

XN137 commented Jan 15, 2024

the 1st cherry pick seems to contain other unnecessary library upgrades that are not in the original commit?
were they necessary to include? especially the slf4j to 2.x could be problematic

DenisTarasyuk pushed a commit that referenced this pull request Jan 18, 2024
@lriggs @panbingkun
@davisusanibar @jduo @DenisTarasyuk
DX-86156: upgrade netty to 4.1.104.Final (#63)
c32d44d 
* DX-86156: Cherry pick a4a3d3f for apacheGH-39265

* Update README_DREMIO.md

* ARROW-16996: [Java] Configure Netty/GRPC/Protobuf base on BOM configuration + upgrade of dependencies by CVE (apache#13544)

- Configure Netty/GRPC/Protobuf base on BOM Bill Of Material configuration to dependencies versions be added by configuration (netty/netty#5994).
- Upgrade Netty/GRPC/Protobuf dependencies. Netty [CVE](GHSA-269q-hmxg-m83q)

Authored-by: david dali susanibar arce <davi.sarces@gmail.com>
Signed-off-by: David Li <li.davidm96@gmail.com>

* Revert "ARROW-16996: [Java] Configure Netty/GRPC/Protobuf base on BOM configuration + upgrade of dependencies by CVE (apache#13544)"

This reverts commit 9b18459.

* Update pom.xml Remove unused dependency.

* apacheGH-38996: [Java] Update dependencies and plugins for JPMS modules (apache#38994)

Update dependencies and plugins to versions that work correctly with JPMS modules.

* Update several plugins to use module-enabled versions:
  * maven-compiler-plugin is updated to 3.11.0
  * maven-shade-plugin is updated to 3.2.4
  * maven-dependency-plugin is updated to 3.1.2
  * CycloneDX is updated to 2.7.10
* Update grpc-java to 1.59 for module support
* Update jackson to 2.16.0 as 2.15.1 had corrupt module-info.class files that broke module support.

Existing tests only

Users may need to update their own dependencies if they have the same ones.
* Closes: apache#38996

Authored-by: James Duong <james.duong@improving.com>
Signed-off-by: Sutou Kouhei <kou@clear-code.com>

* Update README_DREMIO.md

---------

Signed-off-by: David Li <li.davidm96@gmail.com>
Signed-off-by: Sutou Kouhei <kou@clear-code.com>
Co-authored-by: panbingkun <pbk1982@gmail.com>
Co-authored-by: david dali susanibar arce <davi.sarces@gmail.com>
Co-authored-by: James Duong <james.duong@improving.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xxlaykxx xxlaykxx xxlaykxx approved these changes

@XN137 XN137 Awaiting requested review from XN137

Assignees
No one assigned
Labels
awaiting review Component: Documentation Component: Java
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@lriggs @XN137 @xxlaykxx @panbingkun @davisusanibar @jduo