Need to fix twist lock vulnerabilities for Google Cloud Kubernetes Engine

[averma111]

Druid Version : 0.18.1 version.

There 5 high priority vulnerabilities which have poped up. They are give below:

Jackson
Guava
netty
log4j
logging-log4j.

I am trying to build druid after replacing the version in the pom.xml and trying to build the druid from source code.

I need urgent help how to build druid from source code . I mean exact commands and steps.

Any help is appretiated.

Thanks,
Ashish

[averma111]

Druid 0.18.1 build is also getting failed with below error
[ERROR] Failed to execute goal org.codehaus.mojo:exec-maven-plugin:1.6.0:exec (generate-binary-license) on project distribution: Command execution failed.: Process exited with an error: 1 (Exit value: 1) -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR] mvn -rf :distribution
root@debian:/home/ashish/druid_build/druid#

[github-actions]

This issue has been marked as stale due to 280 days of inactivity.
It will be closed in 4 weeks if no further activity occurs. If this issue is still
relevant, please simply write any comment. Even if closed, you can still revive the
issue at any time or discuss it on the dev@druid.apache.org list.
Thank you for your contributions.

[github-actions]

This issue has been closed due to lack of activity. If you think that
is incorrect, or the issue requires additional review, you can revive the issue at
any time.