You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
org.apache.curator:curator-framework: 2.7.1 -> 2.9.0 org.apache.curator:curator-recipes: 2.7.1 -> 2.9.0 org.apache.hive:hive-exec: 2.3.4 -> 3.0.0 Major version upgradeNo Path FoundNo Known Exploit
Breaking Change Risk
Notice: This assessment is enhanced by AI.
Vulnerabilities that could not be fixed
Upgrade:
Could not upgrade org.apache.hudi:hudi-common@1.0.0-SNAPSHOT to org.apache.hudi:hudi-common@1.1.0; Reason could not apply upgrade, dependency is managed externally ; Location: provenance does not contain location
Important
Check the changes in this PR to ensure they won't cause issues with your project.
Max score is 1000. Note that the real score may have changed since the PR was raised.
This PR was automatically created by Snyk using the credentials of a real user.
Note:You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
This set of upgrades includes a HIGH risk major version upgrade for org.apache.hive:hive-exec from 2.3.4 to 3.0.0, which requires manual intervention and environment changes.
org.apache.hive:hive-exec (2.3.4 → 3.0.0)
Risk: HIGH
This is a major upgrade with significant breaking changes. Careful planning and execution are required to prevent data corruption and ensure compatibility.
Key Breaking Changes:
Hadoop 3.x Required: Hive 3.0.0 must be run with Hadoop 3.x. [7]
ACID Table Migration: The on-disk format for ACID tables has changed. You must run a MAJOR compaction on any ACID table that has had UPDATE, DELETE, or MERGE operations before upgrading. Failure to do so may lead to data corruption. [7]
Metastore Schema Upgrade: The underlying database schema for the Hive Metastore must be upgraded. [11, 12]
Default Warehouse Directory Change: The default location for managed tables has moved to /app/hive/warehouse. Existing table data may need to be moved, or tables converted to EXTERNAL. [14]
Recommendation: Review the official Hive 3.0.0 release notes and create a detailed migration plan before applying this upgrade. The pre-upgrade compaction of ACID tables is a critical step.
Other Upgrades
org.apache.curator:curator-framework & curator-recipes (2.7.1 → 2.9.0): LOW risk. This is a minor version update with no documented breaking API changes in this range.
org.apache.hudi:hudi-common (1.0.0-SNAPSHOT → 1.1.0): LOW risk. This minor release focuses on performance improvements and new features. The release notes state that existing tables and configurations will continue to work without changes. [5]
Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.
Snyk changed the following file(s):
pom.xmlVulnerabilities that will be fixed with an upgrade:
SNYK-JAVA-ORGAPACHEZOOKEEPER-15443353
2.7.1->2.9.0org.apache.curator:curator-recipes:
2.7.1->2.9.0org.apache.hive:hive-exec:
2.3.4->3.0.0Major version upgradeNo Path FoundNo Known ExploitBreaking Change Risk
Vulnerabilities that could not be fixed
org.apache.hudi:hudi-common@1.0.0-SNAPSHOTtoorg.apache.hudi:hudi-common@1.1.0; Reasoncould not apply upgrade, dependency is managed externally; Location:provenance does not contain locationImportant
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Insertion of Sensitive Information into Log File