Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FLINK-29514][Deployment/YARN] Bump Minikdc to v3.2.4 #20973

Merged
merged 2 commits into from Oct 7, 2022
Merged

[FLINK-29514][Deployment/YARN] Bump Minikdc to v3.2.4 #20973

merged 2 commits into from Oct 7, 2022

Conversation

MartijnVisser
Copy link
Contributor

What is the purpose of the change

  • Bump Minikdc to v3.2.4 to avoid getting falsely flagged as vulnerable for CVEs which don't impact Flink

Brief change log

  • Updated dependency in POM

Verifying this change

This change is a trivial rework / code cleanup without any test coverage.

Does this pull request potentially affect one of the following parts:

  • Dependencies (does it add or upgrade a dependency): yes
  • The public API, i.e., is any changed class annotated with @Public(Evolving): no
  • The serializers: no
  • The runtime per-record code paths (performance sensitive): no
  • Anything that affects deployment or recovery: JobManager (and its components), Checkpointing, Kubernetes/Yarn, ZooKeeper: no
  • The S3 file system connector: no

Documentation

  • Does this pull request introduce a new feature? no
  • If yes, how is the feature documented? not applicable

@flinkbot
Copy link
Collaborator

flinkbot commented Oct 5, 2022
edited

CI report:

Bot commands The @flinkbot bot supports the following commands:
  • @flinkbot run azure re-run the last Azure build

@MartijnVisser
Copy link
Contributor Author

@flinkbot run azure

@zentol zentol self-assigned this Oct 6, 2022
zentol
zentol reviewed Oct 6, 2022
View reviewed changes
pom.xml Show resolved Hide resolved
@zentol
Copy link
Contributor

zentol commented Oct 6, 2022

@flinkbot run azure

@MartijnVisser MartijnVisser merged commit b38abd4 into apache:master Oct 7, 2022
@MartijnVisser MartijnVisser deleted the FLINK-29514-minikdc branch October 7, 2022 11:23
huangxiaofeng10047 pushed a commit to huangxiaofeng10047/flink that referenced this pull request Nov 3, 2022
@MartijnVisser @huangxiaofeng10047
[FLINK-29514][Deployment/YARN] Bump Minikdc to v3.2.4. This closes ap…
93d5eff 
…ache#20973

* [FLINK-29514][Deployment/YARN] Bump Minikdc to v3.2.4 to avoid getting falsely flagged as vulnerable for CVEs which don't impact Flink

* [FLINK-29514][Deployment/YARN] Exclude slf4j-reload4j
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zentol zentol zentol approved these changes

Assignees

@zentol zentol

Labels
component=Deployment/YARN
Projects
None yet
Milestone
No milestone
3 participants
@MartijnVisser @flinkbot @zentol