Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HADOOP-18333.Upgrade jetty version to 9.4.48.v20220622 #4553

Merged
merged 2 commits into from
Jul 20, 2022
Merged

HADOOP-18333.Upgrade jetty version to 9.4.48.v20220622 #4553

merged 2 commits into from
Jul 20, 2022

Conversation

ashutoshcipher
Copy link
Contributor

@ashutoshcipher ashutoshcipher commented Jul 12, 2022
edited
Loading

Description of PR

Upgrade jetty version to 9.4.48.v20220622 to mitigate CVE-2022-2047

JIRA: HADOOP-18333

For code changes:

  • Does the title or this PR starts with the corresponding JIRA issue id (e.g. 'HADOOP-17799. Your PR title ...')?
  • Object storage: have the integration tests been executed and the endpoint declared according to the connector-specific documentation?
  • If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under ASF 2.0?
  • If applicable, have you updated the LICENSE, LICENSE-binary, NOTICE-binary files?

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 49s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 0s codespell was not available.
+0 🆗 detsecrets 0m 0s detect-secrets was not available.
+0 🆗 xmllint 0m 0s xmllint was not available.
+0 🆗 shelldocs 0m 0s Shelldocs was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 14m 22s Maven dependency ordering for branch
+1 💚 mvninstall 28m 16s trunk passed
+1 💚 compile 24m 51s trunk passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚 compile 21m 39s trunk passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 mvnsite 19m 46s trunk passed
+1 💚 javadoc 8m 29s trunk passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚 javadoc 7m 32s trunk passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 shadedclient 38m 26s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 0m 59s Maven dependency ordering for patch
+1 💚 mvninstall 24m 47s the patch passed
+1 💚 compile 24m 18s the patch passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
-1 ❌ javac 24m 18s /results-compile-javac-root-jdkPrivateBuild-11.0.15+10-Ubuntu-0ubuntu0.20.04.1.txt root-jdkPrivateBuild-11.0.15+10-Ubuntu-0ubuntu0.20.04.1 with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1 generated 3 new + 2878 unchanged - 0 fixed = 2881 total (was 2878)
+1 💚 compile 21m 37s the patch passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
-1 ❌ javac 21m 37s /results-compile-javac-root-jdkPrivateBuild-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07.txt root-jdkPrivateBuild-1.8.0_312-8u312-b07-0ubuntu120.04-b07 with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu120.04-b07 generated 3 new + 2674 unchanged - 0 fixed = 2677 total (was 2674)
+1 💚 blanks 0m 0s The patch has no blanks issues.
+1 💚 mvnsite 19m 20s the patch passed
+1 💚 shellcheck 0m 0s No new issues.
+1 💚 javadoc 8m 22s the patch passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚 javadoc 7m 24s the patch passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 shadedclient 40m 6s patch has no errors when building and testing our client artifacts.
_ Other Tests _
-1 ❌ unit 327m 51s /patch-unit-root.txt root in the patch failed.
+0 🆗 asflicense 1m 10s ASF License check generated no output?
611m 18s
Reason Tests
Failed junit tests hadoop.hdfs.server.namenode.TestFsck
hadoop.hdfs.server.namenode.TestFavoredNodesEndToEnd
hadoop.hdfs.server.namenode.snapshot.TestRenameWithSnapshots
hadoop.hdfs.server.namenode.snapshot.TestSnapshotReplication
Subsystem Report/Notes
Docker ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4553/1/artifact/out/Dockerfile
GITHUB PR #4553
Optional Tests dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient codespell detsecrets xmllint shellcheck shelldocs
uname Linux 189fbe74a3be 4.15.0-175-generic #184-Ubuntu SMP Thu Mar 24 17:48:36 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/bin/hadoop.sh
git revision trunk / fd5d237
Default Java Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
Multi-JDK versions /usr/lib/jvm/java-11-openjdk-amd64:Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4553/1/testReport/
Max. process+thread count 3137 (vs. ulimit of 5500)
modules C: hadoop-project . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4553/1/console
versions git=2.25.1 maven=3.6.3 shellcheck=0.7.0
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

@ashutoshcipher ashutoshcipher mentioned this pull request Jul 18, 2022
Closed
4 tasks
@pjfanning pjfanning mentioned this pull request Jul 18, 2022
Closed
4 tasks
@pjfanning
Copy link
Contributor

@ashutoshcipher I'm not a Hadoop committer, so my review is not all that important - looks like the test failures are due to OOMs and are probably unrelated to your change. I'll run those tests locally to see if they fail for me.

@jojochuang
Copy link
Contributor

All reviews are welcomed!

@ashutoshcipher it would be great to get rid of the deprecation warnings. Otherwise looks good to me.

@hadoop-yetus
Copy link

💔 -1 overall

Vote Subsystem Runtime Logfile Comment
+0 🆗 reexec 0m 53s Docker mode activated.
_ Prechecks _
+1 💚 dupname 0m 0s No case conflicting files found.
+0 🆗 codespell 0m 1s codespell was not available.
+0 🆗 detsecrets 0m 1s detect-secrets was not available.
+0 🆗 xmllint 0m 1s xmllint was not available.
+0 🆗 shelldocs 0m 1s Shelldocs was not available.
+1 💚 @author 0m 0s The patch does not contain any @author tags.
-1 ❌ test4tests 0m 0s The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch.
_ trunk Compile Tests _
+0 🆗 mvndep 14m 48s Maven dependency ordering for branch
+1 💚 mvninstall 28m 18s trunk passed
+1 💚 compile 25m 13s trunk passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚 compile 22m 1s trunk passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 checkstyle 4m 30s trunk passed
+1 💚 mvnsite 20m 10s trunk passed
+1 💚 javadoc 8m 32s trunk passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚 javadoc 7m 23s trunk passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+0 🆗 spotbugs 0m 27s branch/hadoop-project no spotbugs output file (spotbugsXml.xml)
+1 💚 shadedclient 58m 21s branch has no errors when building and testing our client artifacts.
_ Patch Compile Tests _
+0 🆗 mvndep 0m 56s Maven dependency ordering for patch
+1 💚 mvninstall 25m 58s the patch passed
+1 💚 compile 24m 52s the patch passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚 javac 24m 52s the patch passed
+1 💚 compile 22m 3s the patch passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+1 💚 javac 22m 3s the patch passed
+1 💚 blanks 0m 1s The patch has no blanks issues.
+1 💚 checkstyle 4m 52s the patch passed
+1 💚 mvnsite 19m 49s the patch passed
+1 💚 shellcheck 0m 0s No new issues.
+1 💚 javadoc 8m 21s the patch passed with JDK Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1
+1 💚 javadoc 7m 28s the patch passed with JDK Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
+0 🆗 spotbugs 0m 28s hadoop-project has no data from spotbugs
+1 💚 shadedclient 58m 6s patch has no errors when building and testing our client artifacts.
_ Other Tests _
+1 💚 unit 1071m 57s root in the patch passed.
+1 💚 asflicense 2m 14s The patch does not generate ASF License warnings.
1448m 35s
Subsystem Report/Notes
Docker ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4553/2/artifact/out/Dockerfile
GITHUB PR #4553
Optional Tests dupname asflicense compile javac javadoc mvninstall mvnsite unit shadedclient spotbugs checkstyle codespell detsecrets xmllint shellcheck shelldocs
uname Linux 7bdfd70ef618 4.15.0-166-generic #174-Ubuntu SMP Wed Dec 8 19:07:44 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Build tool maven
Personality dev-support/bin/hadoop.sh
git revision trunk / dac51e7
Default Java Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
Multi-JDK versions /usr/lib/jvm/java-11-openjdk-amd64:Private Build-11.0.15+10-Ubuntu-0ubuntu0.20.04.1 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_312-8u312-b07-0ubuntu1~20.04-b07
Test Results https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4553/2/testReport/
Max. process+thread count 2863 (vs. ulimit of 5500)
modules C: hadoop-project hadoop-common-project/hadoop-common . U: .
Console output https://ci-hadoop.apache.org/job/hadoop-multibranch/job/PR-4553/2/console
versions git=2.25.1 maven=3.6.3 spotbugs=4.2.2 shellcheck=0.7.0
Powered by Apache Yetus 0.14.0 https://yetus.apache.org

This message was automatically generated.

jojochuang
jojochuang approved these changes Jul 19, 2022
View reviewed changes
Copy link
Contributor

@jojochuang jojochuang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@jojochuang jojochuang merged commit e664f81 into apache:trunk Jul 20, 2022
@jojochuang jojochuang mentioned this pull request Jul 20, 2022
Merged
@ashutoshcipher
Copy link
Contributor Author

Thanks @jojochuang for reviewing and merging.

@ashutoshcipher ashutoshcipher deleted the HADOOP-18333 branch July 21, 2022 06:23
jojochuang pushed a commit to jojochuang/hadoop that referenced this pull request Aug 9, 2022
@ashutoshcipher @jojochuang
HADOOP-18333.Upgrade jetty version to 9.4.48.v20220622 (apache#4553)
207f5df 
Co-authored-by: Ashutosh Gupta <[email protected]>
(cherry picked from commit e664f81)

 Conflicts:
	LICENSE-binary

Change-Id: I5a758df2551539c2780e170c3738c5b21eb0c79d
jojochuang added a commit that referenced this pull request Aug 24, 2022
@jojochuang @luoyuan3471 @ashutoshcipher
HADOOP-18333. Upgrade jetty version to 9.4.48.v20220622 (#4600)
c4d94f5 
* HADOOP-18001. Upgrade jetty version to 9.4.44 (#3700). Contributed by Yuan Luo.

Signed-off-by: Ayush Saxena <[email protected]>
(cherry picked from commit b85c66a)

* HADOOP-18333.Upgrade jetty version to 9.4.48.v20220622 (#4553)

Co-authored-by: Ashutosh Gupta <[email protected]>
(cherry picked from commit e664f81)

 Conflicts:
	LICENSE-binary

Change-Id: I5a758df2551539c2780e170c3738c5b21eb0c79d

Co-authored-by: better3471 <[email protected]>
Co-authored-by: Ashutosh Gupta <[email protected]>
HarshitGupta11 pushed a commit to HarshitGupta11/hadoop that referenced this pull request Nov 28, 2022
@ashutoshcipher
HADOOP-18333.Upgrade jetty version to 9.4.48.v20220622 (apache#4553)
24936c7 
Co-authored-by: Ashutosh Gupta <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jojochuang jojochuang jojochuang approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ashutoshcipher @hadoop-yetus @pjfanning @jojochuang