Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade all jetty dependencies to 9.4.51.v20230217. #7429

Merged
merged 2 commits into from
May 4, 2023
Merged

Upgrade all jetty dependencies to 9.4.51.v20230217. #7429

merged 2 commits into from
May 4, 2023

Conversation

mch2
Copy link
Member

@mch2 mch2 commented May 4, 2023

Description

#7405 bumped jetty-server to 9.4.51*, however there are additional jetty dependencies brought in by hadoop-hdfs that are still using 9.4.48* not replaced with that change.

This change explicitly defines a version of org.eclipse.jetty.websocket:javax-websocket-server-impl which transitively covers the remaining dependencies.

./gradlew dependencies
...
|    |    |    +--- org.apache.hadoop:hadoop-yarn-server-nodemanager:3.3.5
|    |    |    |    +--- org.eclipse.jetty.websocket:javax-websocket-server-impl:9.4.48.v20220622
|    |    |    |    |    +--- org.eclipse.jetty:jetty-annotations:9.4.48.v20220622
|    |    |    |    |    |    +--- org.eclipse.jetty:jetty-plus:9.4.48.v20220622
|    |    |    |    |    |    |    \--- org.eclipse.jetty:jetty-jndi:9.4.48.v20220622
|    |    |    |    |    +--- org.eclipse.jetty.websocket:javax-websocket-client-impl:9.4.48.v20220622
|    |    |    |    |    +--- org.eclipse.jetty.websocket:websocket-server:9.4.48.v20220622**
|    |    |    |    |    |    +--- org.eclipse.jetty.websocket:websocket-common:9.4.48.v20220622**
|    |    |    |    |    |    |    +--- org.eclipse.jetty.websocket:websocket-api:9.4.48.v20220622**
|    |    |    |    |    |    +--- org.eclipse.jetty.websocket:websocket-servlet:9.4.48.v20220622**
|    |    |    |    |    |    |    +--- org.eclipse.jetty.websocket:websocket-api:9.4.48.v20220622**
|    |    |    |    |    |    +--- org.eclipse.jetty:jetty-servlet:9.4.48.v20220622 (*)
...

Related Issues

N/A

Check List

  • New functionality includes testing.
    • All tests pass
  • New functionality has been documented.
    • New functionality has javadoc added
  • Commits are signed per the DCO using --signoff
  • Commit changes are listed out in CHANGELOG.md file (See: Changelog)

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@mch2
Upgrade all jetty dependencies to 9.4.51.v20230217.
1810285 
Signed-off-by: Marc Handalian <handalm@amazon.com>
kotwanikunal
kotwanikunal approved these changes May 4, 2023
View reviewed changes
test/fixtures/hdfs-fixture/build.gradle Outdated Show resolved Hide resolved
@github-actions
Copy link
Contributor

github-actions bot commented May 4, 2023

Gradle Check (Jenkins) Run Completed with:

  • RESULT: UNSTABLE ❕
  • TEST FAILURES:
      1 org.opensearch.cluster.allocation.AwarenessAllocationIT.testThreeZoneOneReplicaWithForceZoneValueAndLoadAwareness

@mch2
Pull jetty version to a variable
bd49716 
Signed-off-by: Marc Handalian <handalm@amazon.com>
@github-actions
Copy link
Contributor

github-actions bot commented May 4, 2023

Gradle Check (Jenkins) Run Completed with:

@github-actions
Copy link
Contributor

github-actions bot commented May 4, 2023

Gradle Check (Jenkins) Run Completed with:

  • RESULT: UNSTABLE ❕
  • TEST FAILURES:
      1 org.opensearch.snapshots.DedicatedClusterSnapshotRestoreIT.testIndexDeletionDuringSnapshotCreationInQueue

@mch2 mch2 merged commit 3613881 into opensearch-project:main May 4, 2023
8 checks passed
@mch2 mch2 deleted the jetty-cve-2 branch May 4, 2023 21:22
@mch2 mch2 added the backport 2.x Backport to 2.x branch label May 4, 2023
@opensearch-trigger-bot opensearch-trigger-bot bot mentioned this pull request May 4, 2023
Merged
opensearch-trigger-bot bot pushed a commit that referenced this pull request May 4, 2023
@github-actions
Upgrade all jetty dependencies to 9.4.51.v20230217. (#7429)
19ba5b5 
* Upgrade all jetty dependencies to 9.4.51.v20230217.

Signed-off-by: Marc Handalian <handalm@amazon.com>

* Pull jetty version to a variable

Signed-off-by: Marc Handalian <handalm@amazon.com>

---------

Signed-off-by: Marc Handalian <handalm@amazon.com>
(cherry picked from commit 3613881)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
kotwanikunal pushed a commit that referenced this pull request May 4, 2023
@opensearch-trigger-bot @github-actions
Upgrade all jetty dependencies to 9.4.51.v20230217. (#7429) (#7434)
708b28c 
* Upgrade all jetty dependencies to 9.4.51.v20230217.



* Pull jetty version to a variable



---------


(cherry picked from commit 3613881)

Signed-off-by: Marc Handalian <handalm@amazon.com>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
shiv0408 pushed a commit to Gaurav614/OpenSearch that referenced this pull request Apr 25, 2024
@mch2 @shiv0408
Upgrade all jetty dependencies to 9.4.51.v20230217. (opensearch-proje…
c8c1ba0 
…ct#7429)

* Upgrade all jetty dependencies to 9.4.51.v20230217.

Signed-off-by: Marc Handalian <handalm@amazon.com>

* Pull jetty version to a variable

Signed-off-by: Marc Handalian <handalm@amazon.com>

---------

Signed-off-by: Marc Handalian <handalm@amazon.com>
Signed-off-by: Shivansh Arora <hishiv@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kotwanikunal kotwanikunal kotwanikunal approved these changes

@reta reta Awaiting requested review from reta reta is a code owner

@anasalkouz anasalkouz Awaiting requested review from anasalkouz anasalkouz is a code owner

@andrross andrross Awaiting requested review from andrross andrross is a code owner

@Bukhtawar Bukhtawar Awaiting requested review from Bukhtawar Bukhtawar is a code owner

@CEHENKLE CEHENKLE Awaiting requested review from CEHENKLE CEHENKLE is a code owner

@dblock dblock Awaiting requested review from dblock dblock is a code owner

@gbbafna gbbafna Awaiting requested review from gbbafna gbbafna is a code owner

@setiah setiah Awaiting requested review from setiah

@kartg kartg Awaiting requested review from kartg

@nknize nknize Awaiting requested review from nknize nknize is a code owner

@owaiskazi19 owaiskazi19 Awaiting requested review from owaiskazi19 owaiskazi19 is a code owner

@Rishikesh1159 Rishikesh1159 Awaiting requested review from Rishikesh1159 Rishikesh1159 is a code owner

@ryanbogan ryanbogan Awaiting requested review from ryanbogan

@saratvemulapalli saratvemulapalli Awaiting requested review from saratvemulapalli saratvemulapalli is a code owner

@shwetathareja shwetathareja Awaiting requested review from shwetathareja shwetathareja is a code owner

@dreamer-89 dreamer-89 Awaiting requested review from dreamer-89 dreamer-89 is a code owner

@tlfeng tlfeng Awaiting requested review from tlfeng tlfeng is a code owner

@VachaShah VachaShah Awaiting requested review from VachaShah VachaShah is a code owner

Assignees
No one assigned
Labels
backport 2.x Backport to 2.x branch skip-changelog
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mch2 @kotwanikunal