tez
tez copied to clipboard
apache
Could org.apache.tez:hadoop-shim:0.10.1-SNAPSHOT drop off redundant dependencies to loose weight?
@abstractdog Hi, I am a user of project org.apache.tez:hadoop-shim:0.10.1-SNAPSHOT. I found that its pom file introduced 82 dependencies. However, among them, 9 libraries (10%) have not been used by your project (the redundant dependencies are listed below). Reduce these useless dependencies can help prevent conflicts between library versions. MeanWhile, it can minimize the total added size to projects. It can also help enable advanced scenarios for users of your package. This PR helps org.apache.tez:hadoop-shim:0.10.1-SNAPSHOT lose weight :) I have tested the revised configuration in my local environment. It is safe to remove the unused libraries.
Best regards
Redundant dependencies----
javax.xml.bind:jaxb-api:jar:2.2.11:compile
javax.servlet:javax.servlet-api:jar:3.1.0:compile
com.sun.jersey:jersey-servlet:jar:1.19:compile
com.sun.jersey:jersey-json:jar:1.19:compile
org.codehaus.jettison:jettison:jar:1.3.4:compile
com.sun.xml.bind:jaxb-impl:jar:2.2.3-1:compile
org.codehaus.jackson:jackson-jaxrs:jar:1.9.2:compile
org.codehaus.jackson:jackson-xc:jar:1.9.2:compile
org.apache.kerby:kerby-xdr:jar:1.0.1:compile
Vulnerable libraries
org.codehaus.jettison:jettison:1.3.4 (CVE-2022-45693)
Outdated dependencies
com.sun.jersey:jersey-json:1.19 (3090 days without maintenance) javax.servlet:javax.servlet-api:3.1.0 (3746 days without maintenance) javax.xml.bind:jaxb-api:2.2.11 (3613 days without maintenance) org.codehaus.jackson:jackson-jaxrs:1.9.2 (4284 days without maintenance) org.apache.kerby:kerby-xdr:1.0.1 (2159 days without maintenance)
:broken_heart: -1 overall
| Vote | Subsystem | Runtime | Comment |
|---|---|---|---|
| +0 :ok: | reexec | 14m 10s | Docker mode activated. |
| _ Prechecks _ | |||
| +1 :green_heart: | dupname | 0m 0s | No case conflicting files found. |
| +1 :green_heart: | @author | 0m 0s | The patch does not contain any @author tags. |
| -1 :x: | test4tests | 0m 0s | The patch doesn't appear to include any new or modified tests. Please justify why no new tests are needed for this patch. Also please list what manual steps were performed to verify this patch. |
| _ master Compile Tests _ | |||
| +1 :green_heart: | mvninstall | 13m 5s | master passed |
| +1 :green_heart: | compile | 0m 22s | master passed with JDK Ubuntu-11.0.11+9-Ubuntu-0ubuntu2.20.04 |
| +1 :green_heart: | compile | 0m 22s | master passed with JDK Private Build-1.8.0_292-8u292-b10-0ubuntu1~20.04-b10 |
| +1 :green_heart: | javadoc | 0m 47s | master passed with JDK Ubuntu-11.0.11+9-Ubuntu-0ubuntu2.20.04 |
| +1 :green_heart: | javadoc | 0m 23s | master passed with JDK Private Build-1.8.0_292-8u292-b10-0ubuntu1~20.04-b10 |
| _ Patch Compile Tests _ | |||
| +1 :green_heart: | mvninstall | 0m 15s | the patch passed |
| +1 :green_heart: | compile | 0m 13s | the patch passed with JDK Ubuntu-11.0.11+9-Ubuntu-0ubuntu2.20.04 |
| +1 :green_heart: | javac | 0m 13s | the patch passed |
| +1 :green_heart: | compile | 0m 11s | the patch passed with JDK Private Build-1.8.0_292-8u292-b10-0ubuntu1~20.04-b10 |
| +1 :green_heart: | javac | 0m 11s | the patch passed |
| -1 :x: | whitespace | 0m 0s | The patch 1 line(s) with tabs. |
| +1 :green_heart: | xml | 0m 1s | The patch has no ill-formed XML file. |
| +1 :green_heart: | javadoc | 0m 12s | the patch passed with JDK Ubuntu-11.0.11+9-Ubuntu-0ubuntu2.20.04 |
| +1 :green_heart: | javadoc | 0m 10s | the patch passed with JDK Private Build-1.8.0_292-8u292-b10-0ubuntu1~20.04-b10 |
| _ Other Tests _ | |||
| +1 :green_heart: | unit | 0m 19s | hadoop-shim in the patch passed. |
| +1 :green_heart: | asflicense | 0m 16s | The patch does not generate ASF License warnings. |
| 31m 33s |
| Subsystem | Report/Notes |
|---|---|
| Docker | ClientAPI=1.41 ServerAPI=1.41 base: https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-127/1/artifact/out/Dockerfile |
| GITHUB PR | https://github.com/apache/tez/pull/127 |
| Optional Tests | dupname asflicense javac javadoc unit xml compile |
| uname | Linux 99d5bb331936 4.15.0-58-generic #64-Ubuntu SMP Tue Aug 6 11:12:41 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux |
| Build tool | maven |
| Personality | personality/tez.sh |
| git revision | master / 0af54dfa5 |
| Default Java | Private Build-1.8.0_292-8u292-b10-0ubuntu1~20.04-b10 |
| Multi-JDK versions | /usr/lib/jvm/java-11-openjdk-amd64:Ubuntu-11.0.11+9-Ubuntu-0ubuntu2.20.04 /usr/lib/jvm/java-8-openjdk-amd64:Private Build-1.8.0_292-8u292-b10-0ubuntu1~20.04-b10 |
| whitespace | https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-127/1/artifact/out/whitespace-tabs.txt |
| Test Results | https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-127/1/testReport/ |
| Max. process+thread count | 99 (vs. ulimit of 5500) |
| modules | C: hadoop-shim U: hadoop-shim |
| Console output | https://ci-hadoop.apache.org/job/tez-multibranch/job/PR-127/1/console |
| versions | git=2.25.1 maven=3.6.3 |
| Powered by | Apache Yetus 0.12.0 https://yetus.apache.org |
This message was automatically generated.
thanks for the patch @Celebrate-future in general, there is a good idea to exclude not used transitive dependencies could you please create a Jira for this PR?
thanks for the patch @Celebrate-future in general, there is a good idea to exclude not used transitive dependencies could you please create a Jira for this PR?
Thanks for your feedback. I will finish it.