Skip to content

[Snyk] Security upgrade org.apache.spark:spark-sql_2.13 from 3.5.6 to 4.0.0 #378

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Security upgrade org.apache.spark:spark-sql_2.13 from 3.5.6 to 4.0.0 #378

wants to merge 1 commit into from

Conversation

msmygit
Copy link
Member

@msmygit msmygit commented Jul 17, 2025

snyk-top-banner

Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

  • pom.xml

Vulnerabilities that will be fixed with an upgrade:

Issue Score Upgrade
high severity Uncontrolled Recursion
SNYK-JAVA-ORGAPACHECOMMONS-10734078		   726   org.apache.spark:spark-sql_2.13:
3.5.6 -> 4.0.0
Major version upgrade No Known Exploit

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

@msmygit msmygit requested a review from a team as a code owner July 17, 2025 09:48
@msmygit msmygit added the do-not-merge Do not merge label Jul 17, 2025
@msmygit
Copy link
Member Author

msmygit commented Jul 17, 2025

We're not ready for this yet.

@msmygit msmygit force-pushed the snyk-fix-5e9a3675364bdbba4e95988f04ac68a4 branch from aba71fe to 0bb18d4 Compare September 2, 2025 11:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeromatron jeromatron Awaiting requested review from jeromatron jeromatron is a code owner automatically assigned from datastax/cdm-core

@pravinbhat pravinbhat Awaiting requested review from pravinbhat pravinbhat is a code owner automatically assigned from datastax/cdm-core

@mfmaher2 mfmaher2 Awaiting requested review from mfmaher2 mfmaher2 is a code owner automatically assigned from datastax/cdm-core

@faizalrub-datastax faizalrub-datastax Awaiting requested review from faizalrub-datastax faizalrub-datastax is a code owner automatically assigned from datastax/cdm-core

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
do-not-merge Do not merge
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@msmygit @snyk-bot