Skip to content

MLE-29543: Bump nifi version to 2.9.0 to avoid CVEs#263

Merged
stevebio merged 1 commit into
developfrom
29543-bump-deps-cve
May 13, 2026
Merged

MLE-29543: Bump nifi version to 2.9.0 to avoid CVEs#263
stevebio merged 1 commit into
developfrom
29543-bump-deps-cve

Conversation

@stevebio
Copy link
Copy Markdown

@stevebio stevebio commented May 12, 2026

Upgrade Nifi to 2.9.0. Compatible incremental release, no code changes required. Transitive dependencies in Nifi updated to clear CVEs.

Copilot AI review requested due to automatic review settings May 12, 2026 21:41
Copilot AI reviewed May 12, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR upgrades the MarkLogic NiFi connector build and documentation to target Apache NiFi 2.9.0, primarily to pick up updated transitive dependencies and address reported CVEs.

Changes:

  • Bump the Apache NiFi parent and ${nifi.version} property to 2.9.0.
  • Update documentation/manual testing assets to reference NiFi 2.9.0.
  • Upgrade maven-failsafe-plugin from a milestone version to 3.5.5.

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
README.md Updates the “developed and tested on” NiFi version to 2.9.0.
pom.xml Bumps NiFi parent and ${nifi.version} to 2.9.0 for build/dependency alignment.
nifi-marklogic-processors/pom.xml Updates maven-failsafe-plugin version to a stable release (3.5.5).
nifi-marklogic-processors/flows-for-manual-testing.json Updates embedded NiFi bundle version references to 2.9.0 for manual testing flows.
docs/index.md Updates system requirements text to state testing on NiFi 2.9.0+.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread pom.xml Outdated
rjrudin
rjrudin approved these changes May 13, 2026
View reviewed changes
Comment thread README.md Outdated
data to be easily written to and read from MarkLogic. The connector consists of a set of custom NiFi processors and
controller services which can be used in NiFi flows for integrating with MarkLogic. The connector has been developed
and tested on NiFi 2.5.0; it may work in more recent versions of NiFi too.
and tested on NiFi 2.9.0; it may work in more recent versions of NiFi too.
Copy link
Copy Markdown

@rjrudin rjrudin May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add that it may work on earlier versions of NiFi 2 as well. The main risk of it not working on an older version of NiFi 2 is if we modify part of our connector to depend on a newer API in e.g. NiFi 2.9 that's not in NiFi 2.8. But we haven't yet done that, so it's likely that it works on all versions of NiFi 2.x.

Copy link
Copy Markdown
Author

@stevebio stevebio May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok making modification, will force push the changes.

@stevebio stevebio force-pushed the 29543-bump-deps-cve branch from 3cadc03 to ce32dd4 Compare May 13, 2026 15:44
@stevebio stevebio merged commit accfc14 into develop May 13, 2026
2 checks passed
@stevebio stevebio deleted the 29543-bump-deps-cve branch May 13, 2026 15:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@rjrudin rjrudin rjrudin approved these changes

@BillFarber BillFarber Awaiting requested review from BillFarber BillFarber is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@stevebio @rjrudin