tool
/
starrocks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
22,203 Commits 506 Branches 0 Tags 934 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
yan zhang 7b39acd554
[Enhancement] upgrade hudi-common and fix CVEs (#59501) 
Upgrade hudi-common package so we can keep fixing latest CVEs.

Signed-off-by: yan zhang <dirtysalt1987@gmail.com>
 2025-05-30 09:34:33 -07:00
gengjun-git b9b20d530e
[Enhancement] Fix CVE-2024-13009 (#59034) 
1. Remove the `hbase-shaded-jetty` from `org.apache.hudi:hudi-common`

2. ignore spark-core: Because the jetty-server code is copied in the spark-core package, the jetty-server code version is 9.4.56.v20240826, which has a vulnerability risk: CVE-2024-13009. However, the latest version of spark-core does not update the jetty-server version, so we can only ignore it.

Signed-off-by: gengjun-git <gengjun@starrocks.com>
 2025-05-20 11:12:50 +08:00
RyanZ d1429f63f3
[Enhancement] upgrade to spark 3.5 to fix CVE (#56922) 
Signed-off-by: yanz <dirtysalt1987@gmail.com>
 2025-03-14 22:14:03 +08:00
RyanZ 0d96aceafc
[Enhancement] fix CVEs and refactor fe pom.xml (#56725) 
Signed-off-by: yanz <dirtysalt1987@gmail.com>
 2025-03-13 13:00:00 -07:00
Jiao Mingye a8aeca0b67
[Enhancement] Upgrade paimon sdk to 1.0 version (#54796) 
Signed-off-by: Jiao Mingye <mxdzs0612@gmail.com>
 2025-02-02 09:16:28 +08:00
RyanZ c7a75094a2
[Enhancement] fix for cve warning by upgrading to 4.1.115 (#52964) 2024-11-18 14:23:55 +08:00
Smith Cruise 37ccfca6a8
[Enhancement] Ignore apache-hdfs-broker cve in trivy (#49824) 
Signed-off-by: Smith Cruise <chendingchao1@126.com>
 2024-08-15 11:12:31 +08:00
Smith Cruise 6629665b2f
[Enhancement] Introduce trivy to detect cve problems (#49757) 
Signed-off-by: Smith Cruise <chendingchao1@126.com>
 2024-08-13 19:03:38 +08:00