abhioncbr opened a new issue, #11118: URL: https://github.com/apache/pinot/issues/11118
Currently, pinot has the dependency both on [commons-httpclient](https://github.com/apache/pinot/blob/master/pom.xml#L523C18-L523C36) and [httpcomponents](https://github.com/apache/pinot/blob/master/pom.xml#L302). I think using the two versions of the same library doesn't make much sense. We should delete the use of the old version, i.e. `commons-httpclient`. Also, the removal of this dependency helps us get rid of some of the vulnerabilities because of the library. - `commons-httpclient` is getting used in a handful of classes, and to remove the dependency, we need to make the changes in the classes using it. I can work on it if this looks good. Thanks cc: @Jackie-Jiang labels: dependency -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org
