This is an automated email from the ASF dual-hosted git repository. xxyu pushed a commit to branch kylin5 in repository https://gitbox.apache.org/repos/asf/kylin.git
commit f25edf0fcaeba68aee5731d582509b57f0ad411d Author: huangsheng <[email protected]> AuthorDate: Thu Dec 29 10:54:30 2022 +0800 KYLIN-5448 fix snyk vulnerabilities, upgrade jettison from 1.1 to 1.5.2 --- pom.xml | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/pom.xml b/pom.xml index 4a87ab0a1a..bb4fc4f907 100644 --- a/pom.xml +++ b/pom.xml @@ -843,6 +843,10 @@ <version>${hadoop.version}</version> <scope>provided</scope> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> @@ -946,6 +950,10 @@ <version>${hadoop.version}</version> <scope>provided</scope> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>log4j</groupId> <artifactId>*</artifactId> @@ -981,6 +989,10 @@ <version>${hadoop.version}</version> <scope>provided</scope> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>javax.servlet</groupId> <artifactId>servlet-api</artifactId> @@ -1003,6 +1015,10 @@ <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-mapreduce-client-jobclient</artifactId> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>com.sun.jersey</groupId> <artifactId>*</artifactId> @@ -1211,6 +1227,10 @@ <groupId>org.apache.hive</groupId> <artifactId>hive-jdbc</artifactId> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>com.sun.jersey</groupId> <artifactId>*</artifactId> @@ -1284,6 +1304,10 @@ <artifactId>hive-hcatalog-core</artifactId> <version>${hive-hcatalog.version}</version> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>com.twitter</groupId> <artifactId>parquet-hadoop-bundle</artifactId> @@ -1589,6 +1613,10 @@ <artifactId>hive-common</artifactId> <version>${hive.version}</version> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-1.2-api</artifactId> @@ -1680,6 +1708,10 @@ <artifactId>hive-metastore</artifactId> <version>${hive.version}</version> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-1.2-api</artifactId> @@ -1745,6 +1777,10 @@ <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-yarn-server-resourcemanager</artifactId> <exclusions> + <exclusion> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + </exclusion> <exclusion> <groupId>com.sun.jersey</groupId> <artifactId>*</artifactId> @@ -2239,6 +2275,12 @@ <artifactId>opencsv</artifactId> <version>${opencsv.version}</version> </dependency> + <dependency> + <groupId>org.codehaus.jettison</groupId> + <artifactId>jettison</artifactId> + <version>1.5.2</version> + </dependency> + <!-- Spring Cloud --> <dependency>
