TEZ-4713: Sync 3rd party dependency with Hadoop-3.5.0#490
Open
Aggarwal-Raghav wants to merge 1 commit intoapache:masterfrom
Open
TEZ-4713: Sync 3rd party dependency with Hadoop-3.5.0#490Aggarwal-Raghav wants to merge 1 commit intoapache:masterfrom
Aggarwal-Raghav wants to merge 1 commit intoapache:masterfrom
Conversation
Contributor
Aggarwal-Raghav
commented
Apr 27, 2026
Aggarwal-Raghav
commented
- Update BouncyCastle to 1.82
- Update Guava to 33.4.8-jre
- Update RoaringBitmap to 1.3.0
- Add Jackson 2.18.6 and jackson-bom
- Add Reload4j 1.2.22
- Remove jsr305 dependency version
- Update BouncyCastle to 1.82 - Update Guava to 33.4.8-jre - Update RoaringBitmap to 1.3.0 - Add Jackson 2.18.6 and jackson-bom - Add Reload4j 1.2.22 - Remove jsr305 dependency version
Aggarwal-Raghav
commented
Apr 27, 2026
| <!--dependency versions in alphabetical order--> | ||
| <asynchttpclient.version>2.12.4</asynchttpclient.version> | ||
| <bouncycastle.version>1.79</bouncycastle.version> | ||
| <bouncycastle.version>1.82</bouncycastle.version> |
Contributor
Author
There was a problem hiding this comment.
to be in sync with hadoop-3.5.0
Aggarwal-Raghav
commented
Apr 27, 2026
| <plexus-velocity.version>2.3.0</plexus-velocity.version> | ||
| <frontend-maven-plugin.version>1.15.0</frontend-maven-plugin.version> | ||
| <guava.version>32.0.1-jre</guava.version> | ||
| <guava.version>33.4.8-jre</guava.version> |
Contributor
Author
There was a problem hiding this comment.
to be in sync with hadoop-3.5.0
Aggarwal-Raghav
commented
Apr 27, 2026
| <jackson.version>2.18.6</jackson.version> | ||
| <jersey.version>1.19.4</jersey.version> | ||
| <jettison.version>1.5.4</jettison.version> | ||
| <jsr305.version>3.0.0</jsr305.version> |
Contributor
Author
There was a problem hiding this comment.
can't find any usage
Aggarwal-Raghav
commented
Apr 27, 2026
| <protobuf.version>3.25.5</protobuf.version> | ||
| <protoc-jar-maven-plugin.version>3.11.4</protoc-jar-maven-plugin.version> | ||
| <protoc.path>${env.PROTOC_PATH}</protoc.path> | ||
| <reload4j.version>1.2.22</reload4j.version> |
Contributor
Author
There was a problem hiding this comment.
two version of reload4j was coming 1.2.22 and 1.2.19. Better to define our own version than relying on hadoop.
1.2.19 was coming from slf4j-reload4j dependency
Aggarwal-Raghav
commented
Apr 27, 2026
| <reload4j.version>1.2.22</reload4j.version> | ||
| <restrict-imports.enforcer.version>3.0.0</restrict-imports.enforcer.version> | ||
| <roaringbitmap.version>1.2.1</roaringbitmap.version> | ||
| <roaringbitmap.version>1.3.0</roaringbitmap.version> |
Contributor
Author
There was a problem hiding this comment.
proactively done for iceberg-1.10.x
Aggarwal-Raghav
commented
Apr 27, 2026
| </dependency> | ||
| <dependency> | ||
| <groupId>com.fasterxml.jackson</groupId> | ||
| <artifactId>jackson-bom</artifactId> |
Contributor
Author
There was a problem hiding this comment.
import.*jackson explicitly used in tez java file but it is relying on hadoop for jackson jars. IMO, this is not correct.
Also 2 version of jackson-core are coming in tez-dist/.../lib 2.14.3 and 2.12.7
+- org.apache.avro:avro:jar:1.11.4:compile
[INFO] | \- com.fasterxml.jackson.core:jackson-core:jar:2.14.3:compile
INFO] | +- org.apache.hadoop:hadoop-yarn-common:jar:3.4.2:compile
[INFO] | | +- com.sun.jersey:jersey-core:jar:1.19.4:compile
[INFO] | | | \- javax.ws.rs:jsr311-api:jar:1.1.1:compile
[INFO] | | +- com.google.inject.extensions:guice-servlet:jar:4.2.3:compile
[INFO] | | +- com.google.inject:guice:jar:4.2.3:compile
[INFO] | | | +- javax.inject:javax.inject:jar:1:compile
[INFO] | | | \- aopalliance:aopalliance:jar:1.0:compile
[INFO] | | +- com.sun.jersey.contribs:jersey-guice:jar:1.19.4:compile
[INFO] | | +- com.fasterxml.jackson.core:jackson-core:jar:2.12.7:compile
|
💔 -1 overall
This message was automatically generated. |
Contributor
Author
|
CC @abstractdog , can you please help with CI privilege issue? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.