hi Micakel I've backported PR 22053 <https://github.com/apache/kafka/pull/22053> to the 4.3 branch, as PoAn mentioned earlier.
Matthias J. Sax <[email protected]> 於 2026年4月15日週三 上午12:13寫道: > Hi, > > I just merged a small PR to fix some JavaDocs for KIP-1271 changes. Can > I cherry-pick it to 4.3 branch? > > https://github.com/apache/kafka/pull/22043 > > -Matthias > > On 4/14/26 5:03 AM, Mickael Maison wrote: > > Hi PoAn, > > > > Yes we'll want to address these if possible. > > Scanners will also spot the plexus-utils CVE in the binaries. Even > > though looking at the code it's not exploitable. > > > > Thanks, > > Mickael > > > > On Tue, Apr 14, 2026 at 1:18 PM PoAn Yang <[email protected]> wrote: > >> > >> Hi Mickael, > >> > >> I built image for 4.2.1-rc0 and found three CVE. Do we also want to add > this to 4.3.0? > >> > >> Failed Docker Build Test CI: > >> JVM: > https://github.com/apache/kafka/actions/runs/24325917628/job/71021064066 > >> Native: > https://github.com/apache/kafka/actions/runs/24333619117/job/71044984045 > >> > >> JVM image: https://issues.apache.org/jira/browse/KAFKA-20373 > >> > >> Native image: > >> https://issues.apache.org/jira/browse/KAFKA-20446 > >> https://issues.apache.org/jira/browse/KAFKA-20447 > >> > >> Thanks, > >> PoAn > >> > >>> On Apr 13, 2026, at 10:30 PM, Mickael Maison <[email protected]> > wrote: > >>> > >>> Hi PoAn, > >>> > >>> Yes having these changes in 4.3 would be useful. > >>> > >>> Thanks, > >>> Mickael > >>> > >>> On Mon, Apr 13, 2026 at 1:52 PM PoAn Yang <[email protected]> wrote: > >>>> > >>>> Hi Mickael, > >>>> > >>>> I have some PRs related to trivy action and release.py. Can I > backport them to 4.3 branch? > >>>> > >>>> 1. Change trivy action to approved one in > apache/infrastructure-actions. > >>>> > >>>> > https://github.com/apache/kafka/commit/eb6ce0e3d9c22ea1c34ecca293555f9fcad17981 > >>>> > https://github.com/apache/kafka/commit/acd37fc30c5fdbbae772144c73b4f2c7e1c21d27 > >>>> > >>>> 2. Update release.py to remove -SNAPSHOT in version.py, so we don’t > get error in StreamsUpgradeTest.test_app_upgrade e2e. > >>>> > >>>> https://github.com/apache/kafka/pull/22031 > >>>> > >>>> Thanks, > >>>> PoAn > >>>> > >>>>> On Apr 11, 2026, at 10:55 PM, Lianet Magrans <[email protected]> > wrote: > >>>>> > >>>>> Hi Mickael, > >>>>> > >>>>> I just merged the fix for the recent blocker > >>>>> https://issues.apache.org/jira/browse/KAFKA-20428 > >>>>> > >>>>> Thanks! > >>>>> Lianet > >>>>> > >>>>> On Fri, Apr 10, 2026 at 7:07 PM Matthias J. Sax <[email protected]> > wrote: > >>>>> > >>>>>> Thanks. PR got merged. > >>>>>> > >>>>>> > >>>>>> -Matthias > >>>>>> > >>>>>> On 4/10/26 12:32 PM, Mickael Maison wrote: > >>>>>>> Hi Matthias, > >>>>>>> > >>>>>>> Yes let's revert that commit. > >>>>>>> > >>>>>>> Thanks, > >>>>>>> Mickael > >>>>>>> > >>>>>>> On Fri, Apr 10, 2026 at 8:43 PM Matthias J. Sax <[email protected]> > >>>>>> wrote: > >>>>>>>> > >>>>>>>> Hey Mickael, > >>>>>>>> > >>>>>>>> I just realized that we did merge a PR to trunk (before 4.3 > branch cut) > >>>>>>>> to add a new config for KIP-1071, but we are still not using this > >>>>>>>> config. To avoid confusing users, I propose to revert this change > in > >>>>>>>> 4.3. Prepared a PR for its. Please let me know if that's ok to > merge. > >>>>>>>> > >>>>>>>> https://github.com/apache/kafka/pull/22020 > >>>>>>>> > >>>>>>>> > >>>>>>>> -Matthias > >>>>>>>> > >>>>>>>> > >>>>>>>> On 3/30/26 11:22 AM, Justine Olshan via dev wrote: > >>>>>>>>> I'll be picking a small bugfix to 4.3 -- KAFKA-20310, just > missed the > >>>>>>>>> branch cut and it's a bugfix. > >>>>>>>>> > >>>>>>>>> On Mon, Mar 30, 2026 at 9:58 AM Matthias J. Sax < > [email protected]> > >>>>>> wrote: > >>>>>>>>> > >>>>>>>>>> I took the liberty to update the release wiki page, adding > KIP-1271 as > >>>>>>>>>> "completed" -- it was incorrectly listed as postponed. > >>>>>>>>>> > >>>>>>>>>> The Jira ticket is still open, as we add more test etc, but the > KIP is > >>>>>>>>>> already completed. > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>>> -Matthias > >>>>>>>>>> > >>>>>>>>>> On 3/30/26 9:25 AM, Mickael Maison wrote: > >>>>>>>>>>> Hi Jose, > >>>>>>>>>>> > >>>>>>>>>>> Yes you can apply that to 4.3. > >>>>>>>>>>> > >>>>>>>>>>> Thanks, > >>>>>>>>>>> Mickael > >>>>>>>>>>> > >>>>>>>>>>> On Mon, Mar 30, 2026 at 6:08 PM José Armando García Sancio via > dev > >>>>>>>>>>> <[email protected]> wrote: > >>>>>>>>>>>> > >>>>>>>>>>>> Hi Mickael, > >>>>>>>>>>>> > >>>>>>>>>>>> I merged KAFKA-19541 to the 4.3 branch as discussed earlier. > >>>>>>>>>>>> > >>>>>>>>>>>> I also just merged a bug fix (1) to trunk for the issue > KAFKA-19851 > >>>>>>>>>>>> (2) introduced in the 4.0 release. Some users have > encountered this > >>>>>>>>>>>> issue. The workaround is to delete all configurations removed > by AK > >>>>>>>>>>>> 4.0. It would be nice to make this fix available in the 4.3 > release. > >>>>>>>>>>>> What do you think? > >>>>>>>>>>>> > >>>>>>>>>>>> (1) > >>>>>>>>>> > >>>>>> > https://github.com/apache/kafka/commit/a35d6492fbf8068cdb025419178434cbae3a991b > >>>>>>>>>>>> (2) https://issues.apache.org/jira/browse/KAFKA-19851 > >>>>>>>>>>>> > >>>>>>>>>>>> Thanks, > >>>>>>>>>>>> -- > >>>>>>>>>>>> -José > >>>>>>>>>> > >>>>>>>>>> > >>>>>>>>> > >>>>>>>> > >>>>>> > >>>>>> > >>>> > >> > >
