(cassandra) 01/01: Merge branch 'cassandra-5.0' into trunk

[mck]

This is an automated email from the ASF dual-hosted git repository.

mck pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/cassandra.git

commit 41b8fd0da47cc9e3b08f6684865cf20f455852fe
Merge: 68a4e6f690 11eb601352
Author: Mick Semb Wever <m...@apache.org>
AuthorDate: Sun Mar 30 14:03:24 2025 +0200

    Merge branch 'cassandra-5.0' into trunk
    
    * cassandra-5.0:
      ninja-fix – python2 compat on .build/generate-snyk-file

 .build/docker/_build-redhat.sh |  1 +
 .build/generate-snyk-file      |  2 +-
 .snyk                          | 26 ++++++--------------------
 3 files changed, 8 insertions(+), 21 deletions(-)

diff --cc .build/docker/_build-redhat.sh
index 8ef72bf356,81b03bc945..ec58f17658
--- a/.build/docker/_build-redhat.sh
+++ b/.build/docker/_build-redhat.sh
@@@ -96,9 -114,10 +96,10 @@@ cp ${DIST_DIR}/apache-cassandra-*-src.t
  
  # if CASSANDRA_VERSION is -alphaN, -betaN, -rcN, then rpmbuild fails on the 
'-' char; replace with '~'
  CASSANDRA_VERSION=${CASSANDRA_VERSION/-/\~}
+ CASSANDRA_REVISION=${CASSANDRA_REVISION/-/_}
  
  command -v python >/dev/null 2>&1 || alias python=/usr/bin/python3
 -rpmbuild --define="version ${CASSANDRA_VERSION}" --define="revision 
${CASSANDRA_REVISION}" --define="_topdir ${RPM_BUILD_DIR}" -ba ${RPM_SPEC}
 +rpmbuild --define="version ${CASSANDRA_VERSION}" --define="revision 
${CASSANDRA_REVISION}" --define="_topdir ${RPM_BUILD_DIR}" -ba 
redhat/cassandra.spec
  cp ${RPM_BUILD_DIR}/SRPMS/*.rpm ${RPM_BUILD_DIR}/RPMS/noarch/*.rpm ${DIST_DIR}
  
  popd >/dev/null
diff --cc .snyk
index 265caab402,5e0f359c56..e111ff3e10
--- a/.snyk
+++ b/.snyk
@@@ -2,28 -2,28 +2,10 @@@
  # This file is autogenerated from .build/dependency-check-suppressions.xml
  version: v1.25.0
  ignore:
--  CVE-2022-1471:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17907 -- 
^pkg:maven/org\.yaml/snakeyaml@.*$
--  CVE-2022-25857:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17907 -- 
^pkg:maven/org\.yaml/snakeyaml@.*$
--  CVE-2022-38749:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17907 -- 
^pkg:maven/org\.yaml/snakeyaml@.*$
--  CVE-2022-38750:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17907 -- 
^pkg:maven/org\.yaml/snakeyaml@.*$
--  CVE-2022-38751:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17907 -- 
^pkg:maven/org\.yaml/snakeyaml@.*$
--  CVE-2022-38752:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17907 -- 
^pkg:maven/org\.yaml/snakeyaml@.*$
--  CVE-2022-41854:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17907 -- 
^pkg:maven/org\.yaml/snakeyaml@.*$
-   CVE-2023-44487:
-     - reason: https://issues.apache.org/jira/browse/CASSANDRA-18943 -- 
^pkg:maven/io\.netty/netty\-.*@.*$
--  CVE-2022-42003:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17966 -- 
^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$
--  CVE-2022-42004:
--    - reason: https://issues.apache.org/jira/browse/CASSANDRA-17966 -- 
^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$
    CVE-2023-35116:
      - reason: https://issues.apache.org/jira/browse/CASSANDRA-17966 -- 
^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$
+   CVE-2023-44487:
+     - reason: https://issues.apache.org/jira/browse/CASSANDRA-18943 -- 
^pkg:maven/io\.netty/netty\-.*@.*$
    CVE-2023-6378:
      - reason: Suppressed due to internal review, see project's 
.build/dependency-check-suppressions.xml
    CVE-2023-6481:


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org