Skip to content

Commit

Permalink
[SPARK-44316][BUILD] Upgrade Jersey to 2.40
Browse files Browse the repository at this point in the history 
### What changes were proposed in this pull request?
The pr aims to upgrade Jersey from 2.36 to 2.40.

### Why are the changes needed?
1.This version adapts to ASM9.5, which is also used by Spark currently
[Adopt ASM 9.5](eclipse-ee4j/jersey#5305)

2.Also fix some bugs, eg:
[Fix possible NPE in netty client](eclipse-ee4j/jersey#5330)
[Get media type fix](eclipse-ee4j/jersey#5282)

3.Security vulnerability fix:
[CVE for dependency jackson-databind](eclipse-ee4j/jersey#5225)

4.Full Release Notes:
https://github.com/eclipse-ee4j/jersey/releases/tag/2.40
https://github.com/eclipse-ee4j/jersey/releases/tag/2.39
https://github.com/eclipse-ee4j/jersey/releases/tag/2.38
https://github.com/eclipse-ee4j/jersey/releases/tag/2.37

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
Pass GA.

Closes #41874 from panbingkun/SPARK-44316.

Authored-by: panbingkun <[email protected]>
Signed-off-by: Dongjoon Hyun <[email protected]>
  • Loading branch information
@panbingkun @dongjoon-hyun
panbingkun authored and dongjoon-hyun committed Jul 6, 2023
1 parent d12bec3 commit f6e0b39
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 8 deletions.
14 changes: 7 additions & 7 deletions dev/deps/spark-deps-hadoop-3-hive-2.3
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,19 +112,19 @@ jakarta.validation-api/2.0.2//jakarta.validation-api-2.0.2.jar
jakarta.ws.rs-api/2.1.6//jakarta.ws.rs-api-2.1.6.jar
jakarta.xml.bind-api/2.3.2//jakarta.xml.bind-api-2.3.2.jar
janino/3.1.9//janino-3.1.9.jar
javassist/3.25.0-GA//javassist-3.25.0-GA.jar
javassist/3.29.2-GA//javassist-3.29.2-GA.jar
javax.jdo/3.2.0-m3//javax.jdo-3.2.0-m3.jar
javolution/5.5.1//javolution-5.5.1.jar
jaxb-runtime/2.3.2//jaxb-runtime-2.3.2.jar
jcl-over-slf4j/2.0.7//jcl-over-slf4j-2.0.7.jar
jdo-api/3.0.1//jdo-api-3.0.1.jar
jdom2/2.0.6//jdom2-2.0.6.jar
jersey-client/2.36//jersey-client-2.36.jar
jersey-common/2.36//jersey-common-2.36.jar
jersey-container-servlet-core/2.36//jersey-container-servlet-core-2.36.jar
jersey-container-servlet/2.36//jersey-container-servlet-2.36.jar
jersey-hk2/2.36//jersey-hk2-2.36.jar
jersey-server/2.36//jersey-server-2.36.jar
jersey-client/2.40//jersey-client-2.40.jar
jersey-common/2.40//jersey-common-2.40.jar
jersey-container-servlet-core/2.40//jersey-container-servlet-core-2.40.jar
jersey-container-servlet/2.40//jersey-container-servlet-2.40.jar
jersey-hk2/2.40//jersey-hk2-2.40.jar
jersey-server/2.40//jersey-server-2.40.jar
jettison/1.5.4//jettison-1.5.4.jar
jetty-util-ajax/9.4.51.v20230217//jetty-util-ajax-9.4.51.v20230217.jar
jetty-util/9.4.51.v20230217//jetty-util-9.4.51.v20230217.jar
Expand Down
6 changes: 5 additions & 1 deletion pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -196,7 +196,11 @@
<datanucleus-core.version>4.1.17</datanucleus-core.version>
<guava.version>14.0.1</guava.version>
<janino.version>3.1.9</janino.version>
<jersey.version>2.36</jersey.version>
<!--
Please don't upgrade the version to 3.0.0+,
Because it transition Jakarta REST API from javax to jakarta package.
-->
<jersey.version>2.40</jersey.version>
<joda.version>2.12.5</joda.version>
<jodd.version>3.5.2</jodd.version>
<jsr305.version>3.0.0</jsr305.version>
Expand Down

0 comments on commit f6e0b39

Please sign in to comment.