Skip to content

Commit

Permalink
Force upgrade the vulnerable dependencies of hadoop-minicluster (open…
Browse files Browse the repository at this point in the history
…search-project#9252)

* Force upgrade the vulnerable dependencies of hadoop-minicluster

Signed-off-by: Thomas Farr <[email protected]>

* Add changelog entry

Signed-off-by: Thomas Farr <[email protected]>

---------

Signed-off-by: Thomas Farr <[email protected]>
  • Loading branch information
Xtansia authored Aug 11, 2023
1 parent d352f2c commit a1fc31c
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 1 deletion.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -108,6 +108,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
- Bump `org.apache.maven:maven-model` from 3.9.3 to 3.9.4 ([#9148](https://github.com/opensearch-project/OpenSearch/pull/9148))
- Bump `com.azure:azure-storage-blob` from 12.22.3 to 12.23.0 ([#9231](https://github.com/opensearch-project/OpenSearch/pull/9231))
- Bump `com.diffplug.spotless` from 6.19.0 to 6.20.0 ([#9227](https://github.com/opensearch-project/OpenSearch/pull/9227))
- Bump `org.xerial.snappy:snappy-java` from 1.1.8.2 to 1.1.10.3 ([#9252](https://github.com/opensearch-project/OpenSearch/pull/9252))
- Bump `com.squareup.okhttp3:okhttp` from 4.9.3 to 4.11.0 ([#9252](https://github.com/opensearch-project/OpenSearch/pull/9252))
- Bump `com.squareup.okio:okio` from 2.8.0 to 3.5.0 ([#9252](https://github.com/opensearch-project/OpenSearch/pull/9252))

### Changed
- Perform aggregation postCollection in ContextIndexSearcher after searching leaves ([#8303](https://github.com/opensearch-project/OpenSearch/pull/8303))
Expand Down
9 changes: 8 additions & 1 deletion test/fixtures/hdfs-fixture/build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ dependencies {
exclude module: 'protobuf-java'
exclude group: 'org.codehaus.jackson'
exclude group: "org.bouncycastle"
exclude group: "com.squareup.okhttp3"
exclude group: "org.xerial.snappy"
exclude module: "json-io"
}
api "org.codehaus.jettison:jettison:${versions.jettison}"
api "org.apache.commons:commons-compress:1.23.0"
Expand All @@ -65,5 +68,9 @@ dependencies {
api "org.apache.commons:commons-text:1.10.0"
api "commons-net:commons-net:3.9.0"
runtimeOnly "com.google.guava:guava:${versions.guava}"

runtimeOnly("com.squareup.okhttp3:okhttp:4.11.0") {
exclude group: "com.squareup.okio"
}
runtimeOnly "com.squareup.okio:okio:3.5.0"
runtimeOnly "org.xerial.snappy:snappy-java:1.1.10.3"
}

0 comments on commit a1fc31c

Please sign in to comment.