|author||Lari Hotari <firstname.lastname@example.org>||Mon Jun 28 00:58:39 2021 +0300|
|committer||GitHub <email@example.com>||Sun Jun 27 14:58:39 2021 -0700|
[Build/Security] Upgrade Freebuilder version and fix the dependency Fixes #2732 ### Motivation - Freebuilder 1.14.9 contains an outdate jquery js file which causes the library to be flagged as vulnerable with the highest threat level in Sonatype IQ vulnerability scanner. This also flags Bookkeeper and Pulsar as vulnerable with the highest threat level although it is a false positive and not an actual threat. - Freebuilder shouldn't be exposed as a transitive dependency - it's an annotation processor which should be defined - [optional in maven](https://github.com/inferred/FreeBuilder#maven) - [compileOnly in gradle](https://github.com/inferred/FreeBuilder#gradle) ### Changes - upgrade [Freebuilder](https://github.com/inferred/FreeBuilder) from 1.14.9 to 2.7.0 - make dependency optional in maven pom.xml - use `compileOnly` instead of `implementation` in gradle build Reviewers: Sijie Guo <None> This closes #2734 from lhotari/lh-fix-freebuilder-dependency-issue
Apache BookKeeper is a scalable, fault tolerant and low latency storage service optimized for append-only workloads.
It is suitable for being used in following scenarios:
Please visit the Documentation from the project website for more information.
Join us on Slack - This is the most immediate way to connect with Apache BookKeeper committers and contributors.
We feel that a welcoming open community is important and welcome contributions.
See Developer Setup to get your local environment setup.
Make your changes according to our contribution guide.