Commit Graph

1051 Commits

Author SHA1 Message Date
Shuhei Yamasaki 49bdf6140e
HBASE-27634 Builds emit errors related to SBOM parsing (#5246)
Update CycloneDX version

Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-05-21 19:52:07 +08:00
Duo Zhang 71d7996047
HBASE-27870 Eliminate the 'WARNING: package jdk.internal.util.random not in java.base' when running UTs with jdk11 (#5242)
Signed-off-by: Tianhang Tang <tianhang@apache.org>
2023-05-18 23:17:01 +08:00
Duo Zhang 0d57ee147e HBASE-27218 Support rolling upgrading (#4808)
Signed-off-by: Yu Li <liyu@apache.org>
2023-05-15 22:53:48 +08:00
Jonathan Albrecht 67612cc264
HBASE-27858 Update surefire version to 3.1.0 and use SurefireForkNodeFactory (#5234)
Surefire version updated from 3.0.0-M6 -> 3.1.0.

SurefireForkNodeFactory is a new strategy to control how the forked
nodes communicate with the main maven process. It uses a tcp channel
instead of pipes and fixes some corrupted messages seen in the s390x
build.

Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-05-13 18:52:30 +08:00
Jonathan Albrecht 5d2b6956e5
HBASE-27838 Update zstd-jni from version 1.5.4-2 -> 1.5.5-2. (#5220)
Note: This version includes a fix that prevented zstd-jni from
running on s390x.

Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-05-05 11:52:30 +08:00
Nihal Jain 216cdf9f69
Add nihaljain to the developer list (#5219) 2023-05-03 19:57:54 +05:30
Yash Dodeja 1f605cc642
HBASE-27693 Support for Hadoop's LDAP Authentication mechanism (#5144) 2023-04-28 23:58:36 +08:00
Nick Dimiduk a2cfa6822a
HBASE-27808 Change flatten mode for oss in our pom file (#5201)
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-04-28 11:38:15 +08:00
dependabot[bot] 735fb43388 HBASE-27748 Bump jettison from 1.5.2 to 1.5.4 (#5136)
Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](https://github.com/jettison-json/jettison/compare/jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-03-24 21:55:02 +08:00
Duo Zhang de91a8d83a Revert "Bump jettison from 1.5.2 to 1.5.4 (#5136)"
This reverts commit 6cc6182646.
2023-03-24 21:54:53 +08:00
dependabot[bot] 6cc6182646
Bump jettison from 1.5.2 to 1.5.4 (#5136)
Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.2 to 1.5.4.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](https://github.com/jettison-json/jettison/compare/jettison-1.5.2...jettison-1.5.4)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-03-24 21:54:23 +08:00
Andrew Purtell 3e08f9230c
HBASE-27744 Update compression dependencies (#5137)
Update compression codec dependencies:

 - aircompressor 0.21 -> 0.24
 - brotli4j 1.8.0 -> 1.11.0
 - snappy 1.1.8.4 -> 1.1.9.1
 - zstd-jni 1.5.0-4 -> 1.5.4-2

and add a new supplemental model for new brotli4j dependency.

Signed-off-by: Nick Dimiduk <ndimiduk@apache.org>
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-03-23 13:05:55 -07:00
Wes e6af6e0be9
HBASE-27731 Upgrade commons-validator to 1.7 (#5116)
Address CVE-2014-0114 and CVE-2019-10086 brought in by commons-beanutils
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-03-21 22:48:39 +08:00
tianhang b0cfd74edd Add tianhang to the developer list 2023-03-16 10:47:32 +08:00
Horváth Dóra 72d5a46899
HBASE-27685 Enable code coverage reporting to SonarQube in HBase (#5076) 2023-03-10 20:14:43 +01:00
tianhang a1cf0731e3
HBASE-27643 [JDK17] Add-opens java.util.concurrent (#5028)
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-02-17 21:12:26 +08:00
tianhang 0b032558d5
HBASE-27599 Cleanup wrong dependency in dependencyManagement (#4999)
Co-authored-by: tianhang.tang <tianhang.tang@shopee.com>
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-02-04 17:47:22 +08:00
Duo Zhang 55b4bbc057 HBASE-27598 Addendum remove references to mockito-core.version in pom 2023-02-02 22:12:43 +08:00
tianhang 8e72cc6ee0
HBASE-27581 [JDK17] Fix failure TestHBaseTestingUtil#testResolvePortConflict (#4991)
Co-authored-by: tianhang.tang <tianhang.tang@shopee.com>
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-01-31 10:19:57 +08:00
Duo Zhang bd7a78add5
HBASE-27598 Upgrade mockito to 4.x (#4998)
Signed-off-by: Yulin Niu <niuyulin@apache.org>
2023-01-29 11:29:51 +08:00
Rajeshbabu Chintaguntla 235864056c
HBASE-27585 Bump up jruby to 9.3.9.0 and related joni and jcodings to 2.1.43 and 1.0.57 respectively (#4992)
Co-authored-by: Rajeshbabu Chintaguntla <rchintag@visa.com>
Signed-off-by: Duo Zhang <zhangduo@apache.org>
Signed-off-by: Reid Chan <reidchan@apache.org>
2023-01-28 10:18:56 +08:00
tianhang 06f294e637
HBASE-27591 [JDK17] Fix failure TestImmutableScan#testScanCopyConstructor (#4994)
Co-authored-by: tianhang.tang <tianhang.tang@shopee.com>
Signed-off-by: Reid Chan <reidchan@apache.org>
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-01-27 22:42:24 +08:00
Rajeshbabu Chintaguntla 5516fb86b6
HBASE-27586 Bump up commons-codec to 1.15 (#4993)
Co-authored-by: Rajeshbabu Chintaguntla <rchintag@visa.com>
Signed-off-by: Duo Zhang <zhangduo@apache.org>
Signed-off-by: Reid Chan <reidchan@apache.org>
2023-01-27 22:40:04 +08:00
Duo Zhang 83d450d5b5 HBASE-27578 Addendum remove staging repo 2023-01-21 16:39:02 +08:00
Duo Zhang a0fdfa782b
HBASE-27578 Upgrade hbase-thirdparty to 4.1.4 (#4985)
Signed-off-by: Andrew Purtell <apurtell@apache.org>
Signed-off-by: Tak Lon (Stephen) Wu <taklwu@apache.org>
2023-01-20 09:08:31 -08:00
Dongjoon Hyun 5feb06bd69
HBASE-27562 Publish SBOM artifacts (#4953)
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-01-20 15:53:06 +08:00
dependabot[bot] bfc9fc9605
HBASE-27548 Bump jettison from 1.5.1 to 1.5.2 (#4943)
Bumps [jettison](https://github.com/jettison-json/jettison) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/jettison-json/jettison/releases)
- [Commits](https://github.com/jettison-json/jettison/compare/jettison-1.5.1...jettison-1.5.2)

---
updated-dependencies:
- dependency-name: org.codehaus.jettison:jettison
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Signed-off-by: Duo Zhang <zhangduo@apache.org>
2023-01-03 14:11:43 +08:00
Rushabh Shah 96e88144de Add developer details to pom.xml 2022-12-14 10:24:23 -08:00
LiangJun He 8120b6168e Add new committer heliangjun to pom.xml 2022-11-30 13:06:14 +08:00
Duo Zhang 3ffc0b5552
HBASE-27510 Should use 'org.apache.hbase.thirdparty.io.netty.tryReflectionSetAccessible' (#4898)
Signed-off-by: Wei-Chiu Chuang <weichiu@apache.org>
2022-11-29 20:40:13 +08:00
Duo Zhang 84749b054c
HBASE-27501 The .flattened-pom.xml for some modules are not installed (#4893)
Signed-off-by: Bryan Beaudreault <bbeaudreault@apache.org>
2022-11-23 20:17:28 +08:00
YiweiLi4 a2075f51a8
HBASE-27479 fix flaky test testClone in TestTaskMonitor (#4876)
Signed-off-by: Duo Zhang <zhangduo@apache.org>
2022-11-17 21:10:53 +08:00
Duo Zhang 07a3ffdd97
HBASE-27423 Upgrade hbase-thirdparty to 4.1.3 and upgrade Jackson for CVE-2022-42003/42004 (#4878)
Signed-off-by: Xin Sun <ddupgs@gmail.com>
2022-11-17 21:10:09 +08:00
Duo Zhang 5c6ff7dc47
HBASE-27443 Use java11 in the general check of our jenkins job (#4845)
Signed-off-by: Guanghao Zhang <zghao@apache.org>
2022-11-07 23:14:26 +08:00
Duo Zhang d80053641d
HBASE-27446 Spotbugs 4.7.2 report a lot of logging errors when generating report (#4848)
Signed-off-by: Guanghao Zhang <zghao@apache.org>
2022-10-28 18:40:40 +08:00
Duo Zhang 792f12b616
HBASE-25983 javadoc generation fails on openjdk-11.0.11+9 (#4837)
Signed-off-by: Nick Dimiduk <ndimiduk@apache.org>
2022-10-25 21:41:53 +08:00
Duo Zhang 2fc879e863
HBASE-27434 Use ${revision} as placeholder for maven version to make it easier to control the version from command line (#4836)
Signed-off-by: GeorryHuang <huangzhuoyue@apache.org>
2022-10-24 11:50:48 +08:00
Duo Zhang 0d260f5b22
HBASE-27421 Bump spotless plugin to 2.27.2 and reimplement the 'Remove unhelpful javadoc stubs' rule (#4824)
Signed-off-by: Xiaolin Ha <haxiaolin@apache.org>
2022-10-12 23:14:08 +08:00
Andrew Purtell f47a52b5f9
HBASE-27424 Upgrade Jettison for CVE-2022-40149/40150 (#4822)
Jettison versions <= 1.5.0 are subject to CVE-2022-40149 and CVE-2022-40150.

Move jettison.version to 1.5.1.

Signed-off-by: Duo Zhang <zhangduo@apache.org>
2022-10-11 10:11:12 -07:00
Duo Zhang 79f853ee7c
HBASE-27419 Update to hbase-thirdparty 4.1.2 (#4818)
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2022-10-11 09:50:30 +08:00
Andrew Purtell 8d2efc8aaa
HBASE-27411 Update and clean up bcprov-jdk15on dependency (#4817)
Signed-off-by: Duo Zhang <zhangduo@apache.org>
Signed-off-by: Nick Dimiduk <ndimiduk@apache.org>
2022-10-10 15:55:57 -07:00
Duo Zhang 6abc1aefd1
HBASE-27403 Remove 'Remove unhelpful javadoc stubs' spotless rule for now (#4809)
Signed-off-by: Nick Dimiduk <ndimiduk@apache.org>
2022-10-03 23:15:50 +08:00
Duo Zhang 00aba9ca74
HBASE-27371 Bump spotbugs version (#4783)
Signed-off-by: Peter Somogyi <psomogyi@apache.org>
2022-09-14 23:27:51 +08:00
Michael Stack 1b5403cf7d
HBASE-27340 Artifacts with resolved profiles (#4740) (#4761)
(Forward port from branch-2; simplified by the fact that there
is no hadoop-2.0 profile on master branch)

    Make it so our published poms carry the minimum needed to run
    an hbase; the published pom has no profiles -- the profiles
    specified at build time are resolved, their dependencies inlined,
    and then they are stripped -- and no build-time, or plugins
    dependencies or properties, etc. Resultant poms have explicit
    hadoop lib versions baked in -- no more being able to choose
    hbase with hadoop2 or haddop3 at downstream build time by setting
    a '-Dhadoop.profile=X.0'.

    Pattern is to add profiles when none in sub-modules when
    the flatten plugin complains it can't resolve an hadoop
    dependency's 'version' (e.g. hadoop-common, hadoop-hdfs).
    Adding the profile in the sub-module make it so the flatten
    plugin can figure 'hadoop.version' definitively.
    (In master there is only the hadoop-3.0 profile).

    Another spin on the above happens when profiles already exist
    in submodule but the flatten plugin is complaining it can't
    figure figure version on an hadoop dependency NOT under
    profiles. Below, we move the delinquent hadoop dependency under
    existing profiles (minikdc was the usual dependency outside
    profiles in sub-modules that flatten complained about).

    Sometimes, moving an hadoop dependency under a profile, there
    would be excludes on the local dependency. If the parent pom
    excludes section was missing the local excludes, we added them
    up to the parent module so all excluding is done up there in
    the parent profile dependencyManagement section.

Signed-off-by: Duo Zhang <zhangduo@apache.org>
2022-09-06 23:06:13 +08:00
Michael Stack f6b4eb791a
HBASE-27338 brotli compression lib tests fail on arm64 (#4735)
Up the brotli lib from 1.7.1 to 1.8.0

Signed-off-by: Bryan Beaudreault <bbeaudreault>
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2022-08-29 09:11:52 -07:00
Duo Zhang 9215066e2b
HBASE-27221 Bump spotless version to 2.24.1 (#4693)
Signed-off-by: Xin Sun <ddupgs@gmail.com>
2022-08-15 15:19:57 +08:00
dependabot[bot] 97fb5cc6d2
HBASE-27298 Bump hadoop version to 3.2.4 (#4696)
Bumps hadoop-common from 3.2.3 to 3.2.4.

---
updated-dependencies:
- dependency-name: org.apache.hadoop:hadoop-common
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Duo Zhang <zhangduo@apache.org>

Signed-off-by: Duo Zhang <zhangduo@apache.org>
2022-08-12 14:31:48 +08:00
Andor Molnár f8dcf07055
HBASE-26666 Add native TLS encryption support to RPC server/client (#4666)
Signed-off-by: Duo Zhang <zhangduo@apache.org>
Signed-off-by: Bryan Beaudreault <bbeaudreault@apache.org>
2022-08-06 19:09:54 -04:00
Ramón García Fernández e10c15d030
HBASE-27179 Issues building with OpenJDK 17 (#4594)
Fix test case failures in org.apache.hadoop.hbase.http.log.TestLogLevel under Openjdk 17 because of a missing export of java.security.jgss/sun.security.krb5.
Removed option --illegal-access=permit ignored since Openjdk 17.

Signed-off-by: Duo Zhang <zhangduo@apache.org>
2022-07-25 19:21:21 +08:00
Duo Zhang 7484a9163a
HBASE-27208 Use spotless to purge the missing summary warnings from error prone (#4628)
Signed-off-by: Andrew Purtell <apurtell@apache.org>
2022-07-19 09:45:06 +08:00