This is an automated email from the ASF dual-hosted git repository.
xxyu pushed a commit to branch kylin5
in repository https://gitbox.apache.org/repos/asf/kylin.git
commit 5506681519dd5da6c06a8e98667680e39989a9d5
Author: huangsheng <huangshen...@163.com>
AuthorDate: Thu Nov 17 17:43:19 2022 +0800
KYLIN-5408 fix snyk vulnerabilities, upgrade ivy from 2.5.0 to 2.5.1 in
spark and exclusion from hive-exec
---
pom.xml | 4 ++++
src/spark-project/spark-common/pom.xml | 6 ++++++
2 files changed, 10 insertions(+)
diff --git a/pom.xml b/pom.xml
index 049c330a51..4a5951e70f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1348,6 +1348,10 @@
<artifactId>hive-exec</artifactId>
<version>${hive.version}</version>
<exclusions>
+ <exclusion>
+ <groupId>org.apache.ivy</groupId>
+ <artifactId>ivy</artifactId>
+ </exclusion>
<exclusion>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-1.2-api</artifactId>
diff --git a/src/spark-project/spark-common/pom.xml
b/src/spark-project/spark-common/pom.xml
index 9556bd21d1..c765396b4c 100644
--- a/src/spark-project/spark-common/pom.xml
+++ b/src/spark-project/spark-common/pom.xml
@@ -74,6 +74,12 @@
<dependency>
<groupId>org.apache.hive</groupId>
<artifactId>hive-exec</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.apache.ivy</groupId>
+ <artifactId>ivy</artifactId>
+ </exclusion>
+ </exclusions>
<classifier>core</classifier>
</dependency>
<dependency>
