New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SPARK-28713][BUILD] Bump checkstyle from 8.14 to 8.23 #25432
Conversation
ok to test |
Test build #109041 has finished for PR 25432 at commit
|
Test build #109042 has finished for PR 25432 at commit
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1, LGTM. Merged to master.
The last Jenkins already passes the checkstyle and it's running python tests. I also verified this locally with dev/lint-java
.
Thank you, @Fokko and @HyukjinKwon !
Could you make a backport PR to |
I've ran |
Fixes a vulnerability from the GitHub Security Advisory Database: _Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle_ Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information. checkstyle/checkstyle#6474 Affected versions: < 8.18 Ran checkstyle locally. Closes apache#25432 from Fokko/SPARK-28713. Authored-by: Fokko Driesprong <fokko@apache.org> Signed-off-by: Dongjoon Hyun <dhyun@apple.com> (cherry picked from commit d8dd571)
@dongjoon-hyun Backport in #25437 |
Test build #109048 has finished for PR 25432 at commit
|
## What changes were proposed in this pull request? Backport to `branch-2.4` of #25432 Fixes a vulnerability from the GitHub Security Advisory Database: _Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle_ Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information. checkstyle/checkstyle#6474 Affected versions: < 8.18 ## How was this patch tested? Ran checkstyle locally. Closes #25437 from Fokko/branch-2.4. Authored-by: Fokko Driesprong <fokko@apache.org> Signed-off-by: Dongjoon Hyun <dhyun@apple.com>
LGTM too! |
## What changes were proposed in this pull request? Backport to `branch-2.4` of apache#25432 Fixes a vulnerability from the GitHub Security Advisory Database: _Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle_ Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information. checkstyle/checkstyle#6474 Affected versions: < 8.18 ## How was this patch tested? Ran checkstyle locally. Closes apache#25437 from Fokko/branch-2.4. Authored-by: Fokko Driesprong <fokko@apache.org> Signed-off-by: Dongjoon Hyun <dhyun@apple.com>
## What changes were proposed in this pull request? Backport to `branch-2.4` of apache#25432 Fixes a vulnerability from the GitHub Security Advisory Database: _Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle_ Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information. checkstyle/checkstyle#6474 Affected versions: < 8.18 ## How was this patch tested? Ran checkstyle locally. Closes apache#25437 from Fokko/branch-2.4. Authored-by: Fokko Driesprong <fokko@apache.org> Signed-off-by: Dongjoon Hyun <dhyun@apple.com>
What changes were proposed in this pull request?
Fixes a vulnerability from the GitHub Security Advisory Database:
Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle
Checkstyle prior to 8.18 loads external DTDs by default, which can potentially lead to denial of service attacks or the leaking of confidential information.
checkstyle/checkstyle#6474
Affected versions: < 8.18
How was this patch tested?
Ran checkstyle locally.