Commit Graph

247 Commits

Author SHA1 Message Date
dependabot[bot] 4fef5a3e8c
Bump commons-cli from 1.2 to 1.5.0 in /plugins/repository-hdfs (#3125)
* Bump commons-cli from 1.2 to 1.5.0 in /plugins/repository-hdfs

Bumps commons-cli from 1.2 to 1.5.0.

---
updated-dependencies:
- dependency-name: commons-cli:commons-cli
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
2022-05-02 10:22:57 -07:00
dependabot[bot] f3404fdeec
Bump protobuf-java from 3.20.0 to 3.20.1 in /plugins/repository-hdfs (#3062)
* Bump protobuf-java from 3.20.0 to 3.20.1 in /plugins/repository-hdfs

Bumps [protobuf-java](https://github.com/protocolbuffers/protobuf) from 3.20.0 to 3.20.1.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py)
- [Commits](https://github.com/protocolbuffers/protobuf/compare/v3.20.0...v3.20.1)

---
updated-dependencies:
- dependency-name: com.google.protobuf:protobuf-java
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>
2022-04-25 11:45:43 -05:00
Andriy Redko 3b7e654757
Remove JavaVersion, use builtin Runtime.Version to deal with runtime versions (#3006)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-04-20 17:14:02 -04:00
dependabot[bot] bb19f627f0
Bump guava from 30.1.1-jre to 31.1-jre in /plugins/repository-hdfs (#2948)
* Bump guava from 30.1.1-jre to 31.1-jre in /plugins/repository-hdfs

Bumps [guava](https://github.com/google/guava) from 30.1.1-jre to 31.1-jre.
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
2022-04-18 11:30:36 -07:00
Owais Kazi 3c5d997a76
Added a new line linter (#2875)
* Added linter to add new line

Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>

* Fixed new lines

Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>

* Ignore empty files

Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>

* Updated DEVELOPER GUIDE

Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>

* Renamed workflow file

Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>

* Fixed failing tests

Signed-off-by: Owais Kazi <owaiskazi19@gmail.com>
2022-04-13 14:14:18 -04:00
dependabot[bot] 00ae764752
Bump protobuf-java from 3.19.3 to 3.20.0 in /plugins/repository-hdfs (#2836)
* Bump protobuf-java from 3.19.3 to 3.20.0 in /plugins/repository-hdfs

Bumps [protobuf-java](https://github.com/protocolbuffers/protobuf) from 3.19.3 to 3.20.0.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/generate_changelog.py)
- [Commits](https://github.com/protocolbuffers/protobuf/compare/v3.19.3...v3.20.0)

---
updated-dependencies:
- dependency-name: com.google.protobuf:protobuf-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
2022-04-11 11:48:21 -04:00
Yoann Rodière b5d5616d44
Update commons-logging to 1.2 (#2806)
* Upgrade to Apache Commons Logging 1.2

Signed-off-by: Yoann Rodière <yoann@hibernate.org>

* Clarify that Apache HTTP/commons-* dependencies are not just for tests

Signed-off-by: Yoann Rodière <yoann@hibernate.org>
2022-04-08 16:43:51 -04:00
Wenjun Ruan 0b1f4a2069
Rename `file` to `dir` in Environment (#2730)
* Rename `file` to `dir` in Environment

Signed-off-by: ruanwenjun <wenjun@apache.org>

* Fix compile error

Signed-off-by: ruanwenjun <wenjun@apache.org>

* fix compile error

Signed-off-by: ruanwenjun <wenjun@apache.org>
2022-04-05 09:23:08 -04:00
dependabot[bot] baaab58ccc
Bump json-smart from 2.4.7 to 2.4.8 in /plugins/repository-hdfs (#2735)
* Bump json-smart from 2.4.7 to 2.4.8 in /plugins/repository-hdfs

Bumps [json-smart](https://github.com/netplex/json-smart-v2) from 2.4.7 to 2.4.8.
- [Release notes](https://github.com/netplex/json-smart-v2/releases)
- [Commits](https://github.com/netplex/json-smart-v2/commits/2.4.8)

---
updated-dependencies:
- dependency-name: net.minidev:json-smart
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
2022-04-04 11:18:28 -07:00
Andriy Redko d8a1ba6912
[CVE-2020-36518] Update jackson-databind to 2.13.2.2 (#2599)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-03-29 12:24:37 -04:00
dependabot[bot] 2425f64baa
Bump htrace-core4 from 4.1.0-incubating to 4.2.0-incubating in /plugins/repository-hdfs (#2618)
* Bump htrace-core4 in /plugins/repository-hdfs

Bumps htrace-core4 from 4.1.0-incubating to 4.2.0-incubating.

---
updated-dependencies:
- dependency-name: org.apache.htrace:htrace-core4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
2022-03-28 15:02:44 -04:00
dependabot[bot] d2bdcdec33
Bump commons-lang3 from 3.7 to 3.12.0 in /plugins/repository-hdfs (#2552)
Bumps commons-lang3 from 3.7 to 3.12.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-lang3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-03-21 22:44:46 -05:00
Sarat Vemulapalli 5311844f3b
Updating repository commons logging version (#2541)
Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>
2022-03-21 17:30:00 -07:00
Peter Nied d43235c5cf
Move Jackson-databind to 2.13.2 (#2548)
Resolves CVE-2020-36518

Signed-off-by: Peter Nied <petern@amazon.com>
2022-03-21 18:44:13 -05:00
Nick Knize 05a5819243
[Upgrade] Lucene 9.1.0-snapshot-ea989fe8f30 (#2487)
* [Upgrade] Lucene 9.1.0-snapshot-ea989fe8f30

Upgrades from Lucene 9.0.0 to 9.1.0-snapshot-ea989fe8f30 in preparation for
9.1.0 GA.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>

* Add spanishplural token filter

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>

* fix KNOWN_TOKENIZERS

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2022-03-16 15:47:25 -04:00
dependabot[bot] 1b8181cb50
Bump gson from 2.8.9 to 2.9.0 in /plugins/repository-hdfs (#2279)
* Bump gson from 2.8.9 to 2.9.0 in /plugins/repository-hdfs

Bumps [gson](https://github.com/google/gson) from 2.8.9 to 2.9.0.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.8.9...gson-parent-2.9.0)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
2022-02-28 12:17:16 -08:00
Nick Knize 0bd7850bed
[Remove] remaining type usage in Client and AbstractClient (#2258)
Removes type parameter from remaining prepareIndex in Client and AbstractClient.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2022-02-25 13:35:48 -06:00
Nick Knize 8b48207540
[Remove] Type from Client.prepare(Index,Delete,Update) (#2253)
Removes the type parameter from Client.prepare(Index,Delete,Update) and
everywhere it's used throughout the codebase except for prepareIndex(index,
type, id) which is removed in a follow up.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2022-02-24 21:20:03 -06:00
dependabot[bot] 1cd009567c
Bump woodstox-core from 6.1.1 to 6.2.8 in /plugins/repository-hdfs (#2187)
* Bump woodstox-core from 6.1.1 to 6.2.8 in /plugins/repository-hdfs

Bumps [woodstox-core](https://github.com/FasterXML/woodstox) from 6.1.1 to 6.2.8.
- [Release notes](https://github.com/FasterXML/woodstox/releases)
- [Commits](https://github.com/FasterXML/woodstox/compare/woodstox-core-6.1.1...woodstox-core-6.2.8)

---
updated-dependencies:
- dependency-name: com.fasterxml.woodstox:woodstox-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
2022-02-21 11:53:15 -08:00
dependabot[bot] 3ce6c025c4
Bump commons-io from 2.7 to 2.11.0 in /plugins/repository-hdfs (#2140)
* Bump commons-io from 2.7 to 2.11.0 in /plugins/repository-hdfs

Bumps commons-io from 2.7 to 2.11.0.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Updating SHAs

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <dependabot[bot]@users.noreply.github.com>
2022-02-17 16:00:49 -08:00
Rishikesh Pasham 1568407c36
Upgrading Jackson-Databind version (#1982)
* Upgrading Jackson-Databind version

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>

* Adding jackson-databind version using getProperty method

Signed-off-by: Rishikesh1159 <rishireddy1159@gmail.com>
2022-01-26 20:44:22 -08:00
Tianli Feng 8b8d04173c
Update protobuf-java to 3.19.3 (#1945)
* Update protobuf-java to 3.19.3

Signed-off-by: Tianli Feng <ftl94@live.com>

* Exclude some API usage violations in the package com.google.protobuf for thirdPartyAudit task to pass

Signed-off-by: Tianli Feng <ftl94@live.com>
2022-01-20 11:05:28 -08:00
Andriy Redko 32f2189686
Update Netty to 4.1.73.Final (#1936)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2022-01-18 16:30:18 -08:00
Sarat Vemulapalli 7a97018a92
Updatting Netty to 4.1.72.Final (#1831) 2022-01-03 07:30:52 -05:00
Andriy Redko 65804d25a6
Update to log4j 2.17.1 (#1820)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2021-12-28 17:06:42 -05:00
Andriy Redko ca27c8fd4f
Update to log4j 2.17.0 (#1771) 2021-12-18 09:36:59 -08:00
Andriy Redko 6db435412b
Upgrade to log4j 2.16.0 (#1721)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2021-12-14 07:34:45 -05:00
Andrew Ross 309649ce8a
Upgrade to logj4 2.15.0 (#1698)
Signed-off-by: Andrew Ross <andrross@amazon.com>
2021-12-10 13:03:41 -08:00
Sarat Vemulapalli e0e6995c4a
Updating Log4j to 2.11.2 (#1696)
Signed-off-by: Sarat Vemulapalli <vemulapallisarat@gmail.com>
2021-12-10 08:03:45 -08:00
Andriy Redko 8bf6fa6b4f
Support Gradle 7 (#1609)
Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2021-11-29 14:34:06 -05:00
Vacha fd87f3a2d7
Upgrading commons-codec in hdfs-fixture and cleaning up dependencies in repository-hdfs (#1603)
Signed-off-by: Vacha <vachshah@amazon.com>
2021-11-23 13:32:33 -05:00
Vacha bcfb57c06a
Upgrade dependency (#1571)
* Upgrading guava, commons-io and apache-ant dependencies

Signed-off-by: Vacha <vachshah@amazon.com>

* Adding failureaccess since guava needs it

Signed-off-by: Vacha <vachshah@amazon.com>
2021-11-18 13:38:49 -05:00
Vacha c6dd484ce3
Upgrading gson to 2.8.9 (#1541)
Signed-off-by: Vacha <vachshah@amazon.com>
2021-11-15 14:10:29 -05:00
Ryan Bogan 01d1cb0ce6
Updated links for linkchecker (#1539)
Signed-off-by: Ryan Bogan <rbogan@amazon.com>
2021-11-11 18:24:26 -05:00
Vacha af6ae752b4
Upgrading dependencies (#1491)
Signed-off-by: Vacha <vachshah@amazon.com>
2021-11-02 13:47:54 -07:00
Himanshu Setia 681e5548c1
Enabling spotless, disabling checkstyle check on plugins (#1488)
* Enabling spotless, disabling checkstyle on below modules

:plugins:mapper-annotated-text
:plugins:mapper-murmur3
:plugins:mapper-size
:plugins:repository-azure
:plugins:repository-gcs
:plugins:repository-hdfs
:plugins:repository-s3
:plugins:store-smb
:plugins:transport-nio
:qa:die-with-dignity

Signed-off-by: Himanshu Setia <setiah@amazon.com>

* Enabling spotless for more plugins

Signed-off-by: Himanshu Setia <setiah@amazon.com>

* Fixing error in merge conflict

Signed-off-by: Himanshu Setia <setiah@amazon.com>
2021-11-01 17:40:06 -07:00
Vacha 389b7dfa18
Upgrading dependencies in hdfs plugin (#1466)
Signed-off-by: Vacha <vachshah@amazon.com>
2021-11-01 12:58:07 -07:00
Vacha d151082832
Upgrade hadoop dependencies for hdfs plugin (#1335)
* Upgrade hadoop dependencies for hdfs plugin

Signed-off-by: Vacha <vachshah@amazon.com>

* Fixing gradle check failures

Signed-off-by: Vacha <vachshah@amazon.com>

* Upgrading htrace-core4 to 4.1.0

Signed-off-by: Vacha <vachshah@amazon.com>
2021-10-14 14:43:49 -04:00
Andriy Redko 3779576c51
Modernize and consolidate JDKs usage across all stages of the build. Use JDK-17 as bundled JDK distribution to run tests (#1358)
* Modernize and consolidate JDKs usage across all stages of the build. Use JDK-17 as bundled JDK distribution to run tests

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>

* Using -Djava.security.egd=file:/dev/urandom explicitly for cli tests

Signed-off-by: Andriy Redko <andriy.redko@aiven.io>
2021-10-13 17:25:48 -04:00
Rabi Panda 50abf6d066
[CVE] Upgrade dependencies to mitigate CVEs (#657)
This PR upgrade the following dependencies to fix CVEs.

- commons-codec:1.12 (->1.13) apache/commons-codec@48b6157
- ant:1.10.8 (->1.10.9) https://ant.apache.org/security.html
- jackson-databind:2.10.4 (->2.11.0) FasterXML/jackson-databind#2589
- jackson-dataformat-cbor:2.10.4 (->2.11.0) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28491
- apache-httpclient:4.5.10 (->4.5.13) https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-13956
- checkstyle:8.20 (->8.29) https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10782
- junit:4.12 (->4.13.1) https://github.com/junit-team/junit4/security/advisories/GHSA-269g-pwp5-87pp
- netty:4.1.49.Final (->4.1.59) https://github.com/netty/netty/security/advisories/GHSA-5mcr-gq6c-3hq2

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-18 11:37:24 -07:00
Rabi Panda 943c778a7f
[CVE-2018-11765] Upgrade hadoop dependencies for hdfs plugin (#654)
Hadoop 2.8.5 has been reported to have CVEs (https://bugzilla.redhat.com/show_bug.cgi?id=1883549). We need to upgrade this to 2.10.1. This also updates the hadoop-minicluster version to 2.10.1 as well. This upgrade also brings in two additional dependencies, woodstox-core and stax2-api that are added along with the sha1s, licenses and notices.

Also upgrade guava to the latest as per the CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8908

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-05-13 14:56:47 -07:00
Nick Knize ee6d15e26a
[License] Add SPDX License Header to security policies (#531)
This commit adds the SPDX license header and modifications copyright to security
policy files.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2021-04-12 22:59:36 -05:00
Rabi Panda 8727afbcd3
Use the correct domain to fix failing integration tests. (#519)
This commit fixes a renaming issue (opensearch.co -> opensearch.org) which was causing few integration test failures.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-04-10 09:42:39 -07:00
Rabi Panda 2a3ce0bb75
Fix rename issues and failing repository-hdfs tests. (#518)
This commit fixes some partial rename issues and as a result fixes the failing secure repository-hdfs tests.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-04-09 17:51:27 -07:00
Nick Knize 9168f1fb43
[License] Add SPDX and OpenSearch Modification license header (#509)
This commit adds the SPDX Apache-2.0 license header along with an additional
copyright header for all modifications.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2021-04-09 14:28:18 -05:00
Rabi Panda 2dca3462f2
Fix stragglers from renaming to OpenSearch work. (#483)
This commit fixes more instances where we missed renaming to OpenSearch.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-04-05 11:51:20 -07:00
Rabi Panda df11cc9de4 [Rename] Fix gradle build as part of the renaming process. (#397)
This commit fixes the currently broken gradle build resulted from the renaming work. It reverts a few dependencies and comments out the `opensearch_distibutions` task which is currently failing for some builds. We will address these separately in the future once we have a working build.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-03-21 20:56:34 -05:00
Nick Knize 5b46a05702 [Rename] remaining packages and resources in test/fixture (#364)
This commit refactors the remaining o.e.index and o.e.test packages in the
test/fixtures module. References throughout the codebase are also refactored.

Signed-off-by: Nicholas Walter Knize <nknize@apache.org>
2021-03-21 20:56:34 -05:00
Harold Wang 82f9ff93cb [Rename] plugins (#193)
* [Rename] plugins (#193)

This PR refactors files under "plugins" folders part of the Elasticsearch to OpenSearch renaming effort.

Signed-off-by: Harold Wang <harowang@amazon.com>
2021-03-21 20:56:34 -05:00
Rabi Panda 991b3650b6 [Rename] refactor server/snapshots package. (#251)
Refactor `server/snapshots` to rename the package names from `org.elasticsearch.snapshots` to `org.opensearch.snapshots` as part of the rename to OpenSearch work.

Signed-off-by: Rabi Panda <adnapibar@gmail.com>
2021-03-21 20:56:34 -05:00