Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SPARK-39250][BUILD] Upgrade Jackson to 2.13.3 #36627

Closed
wants to merge 1 commit into from
Closed

[SPARK-39250][BUILD] Upgrade Jackson to 2.13.3 #36627

wants to merge 1 commit into from

Conversation

dongjoon-hyun
Copy link
Member

@dongjoon-hyun dongjoon-hyun commented May 22, 2022
edited
Loading

What changes were proposed in this pull request?

This PR aims to upgrade Jackson to 2.13.3.

Why are the changes needed?

Although Spark is not affected, Jackson 2.13.0~2.13.2 has the following regression which affects the user apps.

Here is a full release note.

Does this PR introduce any user-facing change?

No. The previous version is not released yet.

How was this patch tested?

Pass the CIs.

@dongjoon-hyun
[SPARK-39250][BUILD] Upgrade Jackson to 2.13.3
9006df9 
Signed-off-by: Dongjoon Hyun <dongjoon@apache.org>
@github-actions github-actions bot added the BUILD label May 22, 2022
@dongjoon-hyun
Copy link
Member Author

dongjoon-hyun commented May 22, 2022
edited
Loading

Hi, @MaxGekk . I set this as a blocker for Apache Spark 3.3.0.
Please review this when you have some time. If possible, I'm going to land this to branch-3.3 before your next RC.

pan3793
pan3793 reviewed May 22, 2022
View reviewed changes
pom.xml
<fasterxml.jackson.version>2.13.2</fasterxml.jackson.version>
<fasterxml.jackson.databind.version>2.13.2.1</fasterxml.jackson.databind.version>
<fasterxml.jackson.version>2.13.3</fasterxml.jackson.version>
<fasterxml.jackson.databind.version>2.13.3</fasterxml.jackson.databind.version>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I add this property because of SPARK-38665, and it can be removed because all jackson jars share same version again.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you look at the history, SPARK-38665 is not the only one did that. databind is frequently separated and merged back repeatedly. :) That's the reason why I decided not to remote that property back in this PR.

[SPARK-38665][BUILD] Upgrade jackson due to CVE-2020-36518
[SPARK-33695][BUILD] Upgrade to jackson to 2.10.5 and jackson-databind to 2.10.5.1
[SPARK-28728][BUILD] Bump Jackson Databind to 2.9.9.3

@dongjoon-hyun
Copy link
Member Author

Thank you, @HyukjinKwon , @pan3793 , @MaxGekk . Merged to master/3.3 to unblock next RC.

dongjoon-hyun added a commit that referenced this pull request May 22, 2022
@dongjoon-hyun
[SPARK-39250][BUILD] Upgrade Jackson to 2.13.3
047c108 
### What changes were proposed in this pull request?

This PR aims to upgrade Jackson to 2.13.3.

### Why are the changes needed?

Although Spark is not affected, Jackson 2.13.0~2.13.2 has the following regression which affects the user apps.
- FasterXML/jackson-databind#3446

Here is a full release note.
- https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13.3

### Does this PR introduce _any_ user-facing change?

No. The previous version is not released yet.

### How was this patch tested?

Pass the CIs.

Closes #36627 from dongjoon-hyun/SPARK-39250.

Authored-by: Dongjoon Hyun <dongjoon@apache.org>
Signed-off-by: Dongjoon Hyun <dongjoon@apache.org>
(cherry picked from commit 73438c0)
Signed-off-by: Dongjoon Hyun <dongjoon@apache.org>
@dongjoon-hyun dongjoon-hyun deleted the SPARK-39250 branch May 22, 2022 21:15
@MaxGekk
Copy link
Member

MaxGekk commented May 23, 2022
edited
Loading

After merge of the changes to 3.3, I observe the error:

[info] - Hide credentials in show create table *** FAILED *** (34 milliseconds)
[info]   "[0,10000000d5,5420455441455243,62617420454c4241,414e20200a282031,4e4952545320454d,45485420200a2c47,a29544e49204449,726f20474e495355,6568636170612e67,732e6b726170732e,a6362646a2e6c71,20534e4f4954504f,7462642720200a28,203d2027656c6261,45502e5453455427,200a2c27454c504f,6f77737361702720,2a27203d20276472,2a2a2a2a2a2a2a2a,6574636164657228,2720200a2c272964,27203d20276c7275,2a2a2a2a2a2a2a2a,746361646572282a,20200a2c27296465,3d20277265737527,7355747365742720,a29277265]" did not contain "TEST.PEOPLE" (JDBCSuite.scala:1146)
[info]   org.scalatest.exceptions.TestFailedException:

Is it just a coincidence?

For example: https://github.com/apache/spark/runs/6552079071?check_suite_focus=true

@dongjoon-hyun
Copy link
Member Author

Yes, that failure was irrelevant to this PR, @MaxGekk .

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pan3793 pan3793 pan3793 left review comments

@MaxGekk MaxGekk MaxGekk approved these changes

@HyukjinKwon HyukjinKwon HyukjinKwon approved these changes

Assignees
No one assigned
Labels
BUILD
Projects
None yet
Milestone
No milestone
4 participants
@dongjoon-hyun @MaxGekk @HyukjinKwon @pan3793