Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-18224

Upgrade maven compiler plugin to 3.10.1

    XMLWordPrintableJSON

Details

    • Reviewed

    Description

      Currently we are using maven-compiler-plugin 3.1 version, which is quite old (2013) and it's also pulling in vulnerable log4j dependency:

      [INFO]    org.apache.maven.plugins:maven-compiler-plugin:maven-plugin:3.1:runtime
[INFO]       org.apache.maven.plugins:maven-compiler-plugin:jar:3.1
[INFO]       org.apache.maven:maven-plugin-api:jar:2.0.9
[INFO]       org.apache.maven:maven-artifact:jar:2.0.9
[INFO]       org.codehaus.plexus:plexus-utils:jar:1.5.1
[INFO]       org.apache.maven:maven-core:jar:2.0.9
[INFO]       org.apache.maven:maven-settings:jar:2.0.9
[INFO]       org.apache.maven:maven-plugin-parameter-documenter:jar:2.0.9
...
...
...
[INFO]       log4j:log4j:jar:1.2.12
[INFO]       commons-logging:commons-logging-api:jar:1.1
[INFO]       com.google.collections:google-collections:jar:1.0
[INFO]       junit:junit:jar:3.8.2

       

      We should upgrade to 3.10.1 (latest Mar, 2022) version of maven-compiler-plugin.

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #4267

          Activity

            People

              vjasani Viraj Jasani
              vjasani Viraj Jasani
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 6h 50m
                  6h 50m