Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[ZEPPELIN-5856] Bump bouncycastle 1.70 #4522

Merged
merged 4 commits into from Dec 4, 2022
Merged

[ZEPPELIN-5856] Bump bouncycastle 1.70 #4522

merged 4 commits into from Dec 4, 2022

Conversation

pan3793
Copy link
Member

@pan3793 pan3793 commented Nov 30, 2022

What is this PR for?

Bump bouncycastle 1.70.

➜  apache-zeppelin git:(master) java -version
openjdk version "1.8.0_332"
OpenJDK Runtime Environment (Zulu 8.62.0.19-CA-macos-aarch64) (build 1.8.0_332-b09)
OpenJDK 64-Bit Server VM (Zulu 8.62.0.19-CA-macos-aarch64) (build 25.332-b09, mixed mode)

The transitive dependencies can not be resolved correctly on my mac when using bouncycastle 1.60, and the build failed w/ same reason.

image

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.10.1:compile (default-compile) on project zeppelin-zengine: Compilation failure: Compilation failure:
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[20,31] package org.bouncycastle.crypto does not exist
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[21,31] package org.bouncycastle.crypto does not exist
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[22,39] package org.bouncycastle.crypto.engines does not exist
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[23,40] package org.bouncycastle.crypto.paddings does not exist
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[24,40] package org.bouncycastle.crypto.paddings does not exist
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[25,38] package org.bouncycastle.crypto.params does not exist
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[26,38] package org.bouncycastle.util.encoders does not exist
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[34,17] cannot find symbol
[ERROR]   symbol:   class BufferedBlockCipher
[ERROR]   location: class org.apache.zeppelin.user.Encryptor
[ERROR] /Users/chengpan/Projects/apache-zeppelin/zeppelin-zengine/src/main/java/org/apache/zeppelin/user/Encryptor.java:[35,17] cannot find symbol
[ERROR]   symbol:   class BufferedBlockCipher
[ERROR]   location: class org.apache.zeppelin.user.Encryptor
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR]   mvn <args> -rf :zeppelin-zengine

It works fine after upgrading.

image

What type of PR is it?

Improvement(maybe)

Please leave your type of PR only

Todos

  • - Task

What is the Jira issue?

ZEPPELIN-5856

How should this be tested?

  • Strongly recommended: add automated unit tests for any new or changed behavior
  • Outline any manual steps to test the PR here.

Screenshots (if appropriate)

Questions:

  • Does the licenses files need to update? Yes and updated.
  • Is there breaking changes for older versions? No.
  • Does this needs documentation? No.

@jongyoul
Copy link
Member

jongyoul commented Dec 1, 2022

Hello, thank you for checking it. BTW, I cannot reproduce this issue on my local machine. could you please let me know how to make an error?

[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary for Zeppelin 0.11.0-SNAPSHOT:
[INFO]
[INFO] Zeppelin ........................................... SUCCESS [  2.850 s]
[INFO] Zeppelin: Common ................................... SUCCESS [  2.474 s]
[INFO] Zeppelin: Interpreter .............................. SUCCESS [ 19.525 s]
[INFO] Zeppelin: Jupyter Support .......................... SUCCESS [  1.359 s]
[INFO] Zeppelin: Zengine .................................. SUCCESS [  7.848 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  35.348 s
[INFO] Finished at: 2022-12-01T13:09:32+09:00
[INFO] ------------------------------------------------------------------------
➜  zeppelin git:(minor/fix-appveyor-error) ./mvnw clean package -pl zeppelin-zengine -am -DskipTests

@pan3793
Copy link
Member Author

pan3793 commented Dec 1, 2022

Hello, thank you for checking it. BTW, I cannot reproduce this issue on my local machine. could you please let me know how to make an error?

[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary for Zeppelin 0.11.0-SNAPSHOT:
[INFO]
[INFO] Zeppelin ........................................... SUCCESS [  2.850 s]
[INFO] Zeppelin: Common ................................... SUCCESS [  2.474 s]
[INFO] Zeppelin: Interpreter .............................. SUCCESS [ 19.525 s]
[INFO] Zeppelin: Jupyter Support .......................... SUCCESS [  1.359 s]
[INFO] Zeppelin: Zengine .................................. SUCCESS [  7.848 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  35.348 s
[INFO] Finished at: 2022-12-01T13:09:32+09:00
[INFO] ------------------------------------------------------------------------
➜  zeppelin git:(minor/fix-appveyor-error) ./mvnw clean package -pl zeppelin-zengine -am -DskipTests

I use the M1 mac, may be related (not sure), I can not compile the project, I'm going to fix it one by one

@jongyoul
Copy link
Member

jongyoul commented Dec 1, 2022

I use the M1 mac, may be related (not sure), I can not compile the project, I'm going to fix it one by one

Yep. I also use m1 mac. BTW, I appreciate your interest for Zeppelin. I look forward to seeing you frequently in the community as well.

@pan3793
Copy link
Member Author

pan3793 commented Dec 4, 2022
edited

I didn't figure out why 1.60 does not work on my machine, but I think the upgrading is fine, I guess the failed CI is not related since master branch has the same failure. And the the Maven Central site show 1.60 is affected by CVE-2020-15522, anyway, we need this upgrade.

@jongyoul jongyoul merged commit 348013e into apache:master Dec 4, 2022
proceane pushed a commit to proceane/zeppelin that referenced this pull request Feb 16, 2023
@pan3793 @proceane
[ZEPPELIN-5856] Bump bouncycastle 1.70 (apache#4522)
8447de6 
* [ZEPPELIN-5856] Bump bouncycastle 1.70

* nit

* nit

* nit
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jongyoul jongyoul jongyoul approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@pan3793 @jongyoul