stocator
stocator copied to clipboard
CODAIT
Stocator is high performing connector to object storage for Apache Spark, achieving performance by leveraging object storage semantics.
Upgrade commons-validator library (to get latest commons-beanutils) to fix twistlock issue findings
Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection. Path to vulnerable library: /home/wss-scanner/.ivy2/cache/commons-beanutils/commons-beanutils/jars/commons-beanutils-1.9.2.jar Dependency Hierarchy: stocator-1.1.5.jar (Root Library) commons-validator-1.6.jar ❌ commons-beanutils-1.9.2.jar (Vulnerable Library) Found in...
Bumps hadoop-common from 3.2.3 to 3.2.4. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps hadoop-common from 3.2.3 to 3.2.4. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands...
Package | Version | Type | CVE | CVSS | Severity | Status | HasFix -- | -- | -- | -- | -- | -- | -- | --...
Bumps [snappy-java](https://github.com/xerial/snappy-java) from 1.1.2 to 1.1.10.1. Release notes Sourced from snappy-java's releases. v1.1.10.1 What's Changed 🐛 Bug Fixes Fixed several vulnerabilities by @aidanchiu1112: CVE-2023-34453 Integer overflow in shuffle CVE-2023-34454 Integer...
Bumps [guava](https://github.com/google/guava) from 30.0-jre to 32.0.0-jre. Release notes Sourced from guava's releases. 32.0.0 Maven <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>32.0.0-jre</version> <!-- or, for Android: --> <version>32.0.0-android</version> </dependency> Jar files 32.0.0-jre.jar 32.0.0-android.jar Guava...
Hi, I would need to read the credentials directly from kubernetes secret as KV. with one kube secret for access key and a different kube secret for secret key. Regards
The parquet files are failing during rename operation because of double slash (//) in the path. This has occurred after merging https://github.com/CODAIT/stocator/issues/318 Solution: The rename for spark-events flow should be...
When Spark History Server (SHS) is configured to use **stocator** to read rolling files it fails. Below are the following configurations done (SHS read configurations from spark-default.conf) > Non-Working Configuration...
Twistlock issue is reported to upgrade jackson-databind of stocator jar ``` CVE-2022-42003 | high | jackson-databind | 2.13.3 | 2.13.4.1 | /opt/ibm/connectors/stocator/stocator-1.1.5-IBM-SDK.jar | In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion...
