gviedma commented on code in PR #12571:
URL: https://github.com/apache/pinot/pull/12571#discussion_r1516914514
##########
pinot-plugins/pinot-file-system/pinot-adls/pom.xml:
##########
@@ -94,6 +95,21 @@
<artifactId>msal4j</artifactId>
<version>1.13.5</version>
</dependency>
+ <dependency>
+ <groupId>net.minidev</groupId>
+ <artifactId>json-smart</artifactId>
+ <version>${jsonsmart.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.wildfly.openssl</groupId>
+ <artifactId>wildfly-openssl</artifactId>
+ <version>${wildfly-openssl.version}</version>
Review Comment:
@xiangfu0 We have noticed that by overriding the version within this module,
this creates a discrepancy in versions relative to any shaded jars (1.0.7.Final
in the shaded jar vs 1.1.3.Final here), breaking our internal build. This
discrepancy is not ideal as it would be preferable to manage the dependencies
centrally from the root pom's dependency management section as suggested by
@gortiz This also opens up the door to folks that need to override dependency
versions in their builds for compliance reasons.
Given the above, would it be possible to move the version settings to
dependencyManagement in the root pom?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org
For additional commands, e-mail: commits-h...@pinot.apache.org
