Coder Social home page Coder Social logo

parquet-io-java's Introduction

parquet-io-java

Build Status Maven Central โ€“ Parquet for Java

Quality Gate Status

Security Rating Reliability Rating Maintainability Rating Technical Debt

Code Smells Coverage Duplicated Lines (%) Lines of Code

This project provides a library that reads Parquet files into Java objects.

Installation

Add this library as a dependency to your project's pom.xml file.

<dependencies>
    <dependency>
        <groupId>com.exasol</groupId>
        <artifactId>parquet-io-java</artifactId>
        <version>LATEST VERSION</version>
    </dependency>
</dependencies>

Please use the latest version of the library.

Usage

Here is a small example code showing the usage of the library.

final Path path = new Path("/data/parquet/part-0000.parquet");
final Configuration conf = new Configuration();
try (final ParquetReader<Row> reader = RowParquetReader
        .builder(HadoopInputFile.fromPath(path, conf)).build()) {
    Row row = reader.read();
    while (row != null) {
        List<Object> values = row.getValues();
        System.out.println(values);
        row = reader.read();
    }
} catch (final IOException exception) {
    //
}

Data Type Mapping

The following table shows how each Parquet data type is mapped into Java data types.

Parquet Data Type Parquet Logical Type Java Data Type
boolean Boolean
int32 Integer
int32 date Date
int32 decimal(p, s) BigDecimal
int64 Long
int64 timestamp_millis Timestamp
int64 timestamp_micros Timestamp
int64 decimal(p, s) BigDecimal
float Float
double Double
binary String
binary utf8 String
binary decimal(p, s) BigDecimal
fixed_len_byte_array String
fixed_len_byte_array decimal(p, s) BigDecimal
fixed_len_byte_array uuid UUID
int96 Timestamp
group Map
group LIST List
group MAP Map
group REPEATED List

Parquet Repeated Types

Parquet data type can repeat a single field or the group of fields. The parquet-io-java (PIOJ) reads these data types into Java List type.

For example, given the following Parquet schemas:

message parquet_schema {
  repeated binary name (UTF8);
}

message parquet_schema {
  repeated group person {
    required binary name (UTF8);
  }
}

The PIOJ reads both of these Parquet types into Java list of ["John", "Jane"].

On the other hand, you can import a repeated group with multiple fields as a list of maps.

message parquet_schema {
  repeated group person {
    required binary name (UTF8);
    optional int32 age;
  }
}

The PIOJ reads it into a list of person maps:

[ Map("name" -> "John", "age" -> 24), Map("name" -> "Jane", "age" -> 22) ]

Information for Users

Information for Developers

parquet-io-java's People

Contributors

anastasiiasergienko avatar ckunki avatar jakobbraun avatar kaklakariada avatar morazow avatar pj-spoelders avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

rohankumardubey

parquet-io-java's Issues

Sort and merge chunks to be safe

Situation

Chunked Parquet can only move forward to read row groups. To be safe provided chunks should be sorted even merged if they overlap.

Acceptance Criteria

  • Sort and merge provided chunks

Upgrade hadoop client to fix vulnerability

Upgrade Hadoop as soon as a fixed version is available.
See https://ossindex.sonatype.org/vulnerability/sonatype-2022-5732

Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project parquet-io-java: Detected 1 vulnerable components:
Error:    org.apache.hadoop:hadoop-hdfs-client:jar:3.3.4:compile; https://ossindex.sonatype.org/component/pkg:maven/org.apache.hadoop/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * 1 vulnerability found (8.6); https://ossindex.sonatype.org/vulnerability/sonatype-2022-5732

Check https://search.maven.org/artifact/org.apache.hadoop/hadoop-hdfs-client for new Hadoop versions.

Support uuid type

Implement reading of the parquet uuid type.

Idea for destination format:
byte[] or ByteBuffer

Fix issues related to release sources and Javadoc

Situation

We are using reproducible jar plugin, that runs with install or package phase. But maven runs the commands for same phase in order, thus the reproducible plugin action should be the last one.

Acceptance Criteria

  • Moved reproducible plugin to the end of plugins
  • Removed statically specified Javadoc path parameter

parquet-io-java bundles all dependencies in a fat jar

The project bundles all dependencies into a fat jar and uploads it to maven central. This is a problem for downstream projects because it's not possible to override certain dependencies in case they have a vulnerability.

Transitive CVE-2021-27568

This project has a vulnerability cause by a transitive dependency to net.minidev:json-smart:jar:2.3 via use by this projects dependency org.apache.hadoop:hadoop-client:jar.

Fix vulnerabilities in transitive dependencies

Situation

There are several ZIP, TAR reading vulnerabilities in commons-compress dependency.

Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.1.0:audit (default-cli) on project parquet-io-java: Detected 1 vulnerable components:
Error:    org.apache.commons:commons-compress:jar:1.19:compile; https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * [CVE-2021-36090] When reading a specially crafted ZIP archive, Compress can be made to allocate l... (7.5); https://ossindex.sonatype.org/vulnerability/68232267-bb25-4b04-8dec-caf7c11c7293?component-type=maven&component-name=org.apache.commons.commons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * [CVE-2021-35517] When reading a specially crafted TAR archive, Compress can be made to allocate l... (7.5); https://ossindex.sonatype.org/vulnerability/69b8043a-3002-48fa-9762-8f6040d83de1?component-type=maven&component-name=org.apache.commons.commons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * [CVE-2021-35515] When reading a specially crafted 7Z archive, the construction of the list of cod... (7.5); https://ossindex.sonatype.org/vulnerability/7a6a9dd2-67de-4e2a-b406-7aa4a4ce29cc?component-type=maven&component-name=org.apache.commons.commons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:      * [CVE-2021-35516] When reading a specially crafted 7Z archive, Compress can be made to allocate la... (7.5); https://ossindex.sonatype.org/vulnerability/8ea14e38-e6cc-48d9-bfe4-ec89f93596e7?component-type=maven&component-name=org.apache.commons.commons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
Error:

Acceptance Criteria

  • Excluded older version of dependency
  • Added updated version

Add initial implementation

Extract initial implementation from cloud-storage-extension.

Provides Java api for Parquet reader and Row interface.

๐Ÿ” CVE-2024-25638: dnsjava:dnsjava:jar:3.4.0:compile

Summary

dnsjava is an implementation of DNS in Java. Records in DNS replies are not checked for their relevance to the query, allowing an attacker to respond with RRs from different zones. This vulnerability is fixed in 3.6.0.

CVE: CVE-2024-25638
CWE: CWE-345

References

ParquetReader does not exist

When trying to compile the example in the readme I get the following:

[ERROR] ~/testpar/App.java:[24,19] cannot find symbol
[ERROR] symbol: class ParquetReader

How can I fix this?

๐Ÿ” CVE-2024-29133: org.apache.commons:commons-configuration2:jar:2.8.0:compile

Summary

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1.

Users are recommended to upgrade to version 2.10.1, which fixes the issue.

CVE: CVE-2024-29133
CWE: CWE-787

References

Add chunked Parquet reader

Situation

Parquet files are organized into row groups. These chunks of a single parquet file then can be read instead of reading the whole file. The PIOJ should support reading specified row groups.

Acceptance Criteria

  • Chunked Parquet reader is implemented
  • In addition, Parquet file virtual splitter is provided
  • Tests are added

๐Ÿ” CVE-2024-29131: org.apache.commons:commons-configuration2:jar:2.8.0:compile

Summary

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1.

Users are recommended to upgrade to version 2.10.1, which fixes the issue.

CVE: CVE-2024-29131
CWE: CWE-787

References

Possible bug when reading LIST with another list type 

java.lang.ClassCastException: Expected instance of primitive converter but got "com.exasol.parquetio.reader.converter.RepeatedGroupConverter"
org.apache.parquet.io.api.Converter.asPrimitiveConverter(Converter.java:30)
org.apache.parquet.io.RecordReaderImplementation.<init>(RecordReaderImplementation.java:270)
org.apache.parquet.io.MessageColumnIO$1.visit(MessageColumnIO.java:147)
org.apache.parquet.io.MessageColumnIO$1.visit(MessageColumnIO.java:109)
org.apache.parquet.filter2.compat.FilterCompat$NoOpFilter.accept(FilterCompat.java:177)
org.apache.parquet.io.MessageColumnIO.getRecordReader(MessageColumnIO.java:109)
com.exasol.parquetio.reader.RowParquetChunkReader$RowIterator.loadNext(RowParquetChunkReader.java:199)
com.exasol.parquetio.reader.RowParquetChunkReader$RowIterator.<init>(RowParquetChunkReader.java:165)
com.exasol.parquetio.reader.RowParquetChunkReader.iterator(RowParquetChunkReader.java:109)
com.exasol.adapter.document.documentfetcher.files.parquet.ParquetDocumentFetcher.readDocuments(ParquetDocumentFetcher.java:38)
com.exasol.adapter.document.documentfetcher.files.FilesDocumentFetcher.readLoadedFile(FilesDocumentFetcher.java:61)
com.exasol.adapter.document.iterators.FlatMapIterator.loadNext(FlatMapIterator.java:45)
com.exasol.adapter.document.iterators.FlatMapIterator.<init>(FlatMapIterator.java:30)
com.exasol.adapter.document.documentfetcher.files.FilesDocumentFetcher.run(FilesDocumentFetcher.java:56)
com.exasol.adapter.document.DataProcessingPipeline.run(DataProcessingPipeline.java:36)
com.exasol.adapter.document.GenericUdfCallHandler.run(GenericUdfCallHandler.java:97)
com.exasol.adapter.document.UdfEntryPoint.run(UdfEntryPoint.java:29)
com.exasol.ExaWrapper.run(ExaWrapper.java:197)
 (Session: 1735602946942500864)

Add column names to Row

For the files-virtual-schemas, it's required to have access to the schema (names of the columns) of the Row.

Duplicate classes in dependencies

Duplicate finder maven plugin finds duplicate classes:

[INFO] --- duplicate-finder-maven-plugin:1.5.1:check (default-cli) @ parquet-io-java ---
[WARNING] Found duplicate (but equal) classes in [org.apache.parquet:parquet-column:1.12.3, org.apache.parquet:parquet-hadoop:1.12.3]:
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.Arrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.BidirectionalIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.BigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.BigSwapper
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.Hash
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.SafeMath
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.Stack
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.Swapper
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.booleans.BooleanArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.booleans.BooleanBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.booleans.BooleanComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.booleans.BooleanComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteConsumer
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.chars.CharArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.chars.CharBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.chars.CharComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.chars.CharComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.doubles.DoubleArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.doubles.DoubleBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.doubles.DoubleComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.doubles.DoubleComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.floats.FloatArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.floats.FloatBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.floats.FloatComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.floats.FloatComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.AbstractIntCollection
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.AbstractIntList
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntArrayList
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntBidirectionalIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntCollection
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntIterable
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntIterators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntList
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntListIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntStack
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.longs.LongArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.longs.LongBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.longs.LongComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.longs.LongComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.objects.ObjectArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.objects.ObjectBidirectionalIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.objects.ObjectBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.objects.ObjectIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortConsumer
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortIterator
[WARNING] Found duplicate (but equal) resources in [org.eclipse.jetty.websocket:websocket-api:9.4.43.v20210629, org.eclipse.jetty.websocket:websocket-client:9.4.43.v20210629, org.eclipse.jetty.websocket:websocket-common:9.4.43.v20210629, org.eclipse.jetty:jetty-security:9.4.43.v20210629, org.eclipse.jetty:jetty-servlet:9.4.43.v20210629, org.eclipse.jetty:jetty-util-ajax:9.4.43.v20210629, org.eclipse.jetty:jetty-util:9.4.43.v20210629, org.eclipse.jetty:jetty-webapp:9.4.43.v20210629, org.eclipse.jetty:jetty-xml:9.4.43.v20210629]:
[WARNING]   about.html
[WARNING] Found duplicate (but equal) resources in [org.apache.hadoop:hadoop-yarn-api:3.3.4, org.apache.hadoop:hadoop-yarn-common:3.3.4]:
[WARNING]   yarn-default.xml
[WARNING] Found duplicate and different classes in [jakarta.xml.bind:jakarta.xml.bind-api:2.3.2, javax.xml.bind:jaxb-api:2.2.11]:
[WARNING]   javax.xml.bind.Binder
[WARNING]   javax.xml.bind.ContextFinder
[WARNING]   javax.xml.bind.DataBindingException
[WARNING]   javax.xml.bind.DatatypeConverter
[WARNING]   javax.xml.bind.DatatypeConverterImpl
[WARNING]   javax.xml.bind.DatatypeConverterInterface
[WARNING]   javax.xml.bind.Element
[WARNING]   javax.xml.bind.GetPropertyAction
[WARNING]   javax.xml.bind.JAXB
[WARNING]   javax.xml.bind.JAXBContext
[WARNING]   javax.xml.bind.JAXBElement
[WARNING]   javax.xml.bind.JAXBException
[WARNING]   javax.xml.bind.JAXBIntrospector
[WARNING]   javax.xml.bind.JAXBPermission
[WARNING]   javax.xml.bind.MarshalException
[WARNING]   javax.xml.bind.Marshaller
[WARNING]   javax.xml.bind.Messages
[WARNING]   javax.xml.bind.NotIdentifiableEvent
[WARNING]   javax.xml.bind.ParseConversionEvent
[WARNING]   javax.xml.bind.PrintConversionEvent
[WARNING]   javax.xml.bind.PropertyException
[WARNING]   javax.xml.bind.SchemaOutputResolver
[WARNING]   javax.xml.bind.TypeConstraintException
[WARNING]   javax.xml.bind.UnmarshalException
[WARNING]   javax.xml.bind.Unmarshaller
[WARNING]   javax.xml.bind.UnmarshallerHandler
[WARNING]   javax.xml.bind.ValidationEvent
[WARNING]   javax.xml.bind.ValidationEventHandler
[WARNING]   javax.xml.bind.ValidationEventLocator
[WARNING]   javax.xml.bind.ValidationException
[WARNING]   javax.xml.bind.Validator
[WARNING]   javax.xml.bind.WhiteSpaceProcessor
[WARNING]   javax.xml.bind.annotation.DomHandler
[WARNING]   javax.xml.bind.annotation.W3CDomHandler
[WARNING]   javax.xml.bind.annotation.XmlAccessOrder
[WARNING]   javax.xml.bind.annotation.XmlAccessType
[WARNING]   javax.xml.bind.annotation.XmlAccessorOrder
[WARNING]   javax.xml.bind.annotation.XmlAccessorType
[WARNING]   javax.xml.bind.annotation.XmlAnyAttribute
[WARNING]   javax.xml.bind.annotation.XmlAnyElement
[WARNING]   javax.xml.bind.annotation.XmlAttachmentRef
[WARNING]   javax.xml.bind.annotation.XmlAttribute
[WARNING]   javax.xml.bind.annotation.XmlElement
[WARNING]   javax.xml.bind.annotation.XmlElementDecl
[WARNING]   javax.xml.bind.annotation.XmlElementRef
[WARNING]   javax.xml.bind.annotation.XmlElementRefs
[WARNING]   javax.xml.bind.annotation.XmlElementWrapper
[WARNING]   javax.xml.bind.annotation.XmlElements
[WARNING]   javax.xml.bind.annotation.XmlEnum
[WARNING]   javax.xml.bind.annotation.XmlEnumValue
[WARNING]   javax.xml.bind.annotation.XmlID
[WARNING]   javax.xml.bind.annotation.XmlIDREF
[WARNING]   javax.xml.bind.annotation.XmlInlineBinaryData
[WARNING]   javax.xml.bind.annotation.XmlList
[WARNING]   javax.xml.bind.annotation.XmlMimeType
[WARNING]   javax.xml.bind.annotation.XmlMixed
[WARNING]   javax.xml.bind.annotation.XmlNs
[WARNING]   javax.xml.bind.annotation.XmlNsForm
[WARNING]   javax.xml.bind.annotation.XmlRegistry
[WARNING]   javax.xml.bind.annotation.XmlRootElement
[WARNING]   javax.xml.bind.annotation.XmlSchema
[WARNING]   javax.xml.bind.annotation.XmlSchemaType
[WARNING]   javax.xml.bind.annotation.XmlSchemaTypes
[WARNING]   javax.xml.bind.annotation.XmlSeeAlso
[WARNING]   javax.xml.bind.annotation.XmlTransient
[WARNING]   javax.xml.bind.annotation.XmlType
[WARNING]   javax.xml.bind.annotation.XmlValue
[WARNING]   javax.xml.bind.annotation.adapters.CollapsedStringAdapter
[WARNING]   javax.xml.bind.annotation.adapters.HexBinaryAdapter
[WARNING]   javax.xml.bind.annotation.adapters.NormalizedStringAdapter
[WARNING]   javax.xml.bind.annotation.adapters.XmlAdapter
[WARNING]   javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter
[WARNING]   javax.xml.bind.annotation.adapters.XmlJavaTypeAdapters
[WARNING]   javax.xml.bind.attachment.AttachmentMarshaller
[WARNING]   javax.xml.bind.attachment.AttachmentUnmarshaller
[WARNING]   javax.xml.bind.helpers.AbstractMarshallerImpl
[WARNING]   javax.xml.bind.helpers.AbstractUnmarshallerImpl
[WARNING]   javax.xml.bind.helpers.DefaultValidationEventHandler
[WARNING]   javax.xml.bind.helpers.Messages
[WARNING]   javax.xml.bind.helpers.NotIdentifiableEventImpl
[WARNING]   javax.xml.bind.helpers.ParseConversionEventImpl
[WARNING]   javax.xml.bind.helpers.PrintConversionEventImpl
[WARNING]   javax.xml.bind.helpers.ValidationEventImpl
[WARNING]   javax.xml.bind.helpers.ValidationEventLocatorImpl
[WARNING]   javax.xml.bind.util.JAXBResult
[WARNING]   javax.xml.bind.util.JAXBSource
[WARNING]   javax.xml.bind.util.Messages
[WARNING]   javax.xml.bind.util.ValidationEventCollector
[WARNING] Found duplicate and different resources in [jakarta.xml.bind:jakarta.xml.bind-api:2.3.2, javax.xml.bind:jaxb-api:2.2.11]:
[WARNING]   javax/xml/bind/Messages.properties
[WARNING]   javax/xml/bind/helpers/Messages.properties
[WARNING]   javax/xml/bind/util/Messages.properties
[WARNING] Found duplicate classes/resources in compile classpath.
[WARNING] Found duplicate (but equal) classes in [org.apache.parquet:parquet-column:1.12.3, org.apache.parquet:parquet-hadoop:1.12.3]:
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.Arrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.BidirectionalIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.BigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.BigSwapper
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.Hash
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.SafeMath
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.Stack
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.Swapper
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.booleans.BooleanArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.booleans.BooleanBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.booleans.BooleanComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.booleans.BooleanComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteConsumer
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.bytes.ByteIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.chars.CharArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.chars.CharBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.chars.CharComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.chars.CharComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.doubles.DoubleArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.doubles.DoubleBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.doubles.DoubleComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.doubles.DoubleComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.floats.FloatArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.floats.FloatBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.floats.FloatComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.floats.FloatComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.AbstractIntCollection
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.AbstractIntList
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntArrayList
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntBidirectionalIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntCollection
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntIterable
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntIterators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntList
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntListIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.ints.IntStack
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.longs.LongArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.longs.LongBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.longs.LongComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.longs.LongComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.objects.ObjectArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.objects.ObjectBidirectionalIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.objects.ObjectBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.objects.ObjectIterator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortBigArrays
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortComparator
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortComparators
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortConsumer
[WARNING]   shaded.parquet.it.unimi.dsi.fastutil.shorts.ShortIterator
[WARNING] Found duplicate (but equal) resources in [org.eclipse.jetty.websocket:websocket-api:9.4.43.v20210629, org.eclipse.jetty.websocket:websocket-client:9.4.43.v20210629, org.eclipse.jetty.websocket:websocket-common:9.4.43.v20210629, org.eclipse.jetty:jetty-security:9.4.43.v20210629, org.eclipse.jetty:jetty-servlet:9.4.43.v20210629, org.eclipse.jetty:jetty-util-ajax:9.4.43.v20210629, org.eclipse.jetty:jetty-util:9.4.43.v20210629, org.eclipse.jetty:jetty-webapp:9.4.43.v20210629, org.eclipse.jetty:jetty-xml:9.4.43.v20210629]:
[WARNING]   about.html
[WARNING] Found duplicate (but equal) resources in [org.apache.hadoop:hadoop-yarn-api:3.3.4, org.apache.hadoop:hadoop-yarn-common:3.3.4]:
[WARNING]   yarn-default.xml
[WARNING] Found duplicate and different classes in [jakarta.xml.bind:jakarta.xml.bind-api:2.3.2, javax.xml.bind:jaxb-api:2.2.11]:
[WARNING]   javax.xml.bind.Binder
[WARNING]   javax.xml.bind.ContextFinder
[WARNING]   javax.xml.bind.DataBindingException
[WARNING]   javax.xml.bind.DatatypeConverter
[WARNING]   javax.xml.bind.DatatypeConverterImpl
[WARNING]   javax.xml.bind.DatatypeConverterInterface
[WARNING]   javax.xml.bind.Element
[WARNING]   javax.xml.bind.GetPropertyAction
[WARNING]   javax.xml.bind.JAXB
[WARNING]   javax.xml.bind.JAXBContext
[WARNING]   javax.xml.bind.JAXBElement
[WARNING]   javax.xml.bind.JAXBException
[WARNING]   javax.xml.bind.JAXBIntrospector
[WARNING]   javax.xml.bind.JAXBPermission
[WARNING]   javax.xml.bind.MarshalException
[WARNING]   javax.xml.bind.Marshaller
[WARNING]   javax.xml.bind.Messages
[WARNING]   javax.xml.bind.NotIdentifiableEvent
[WARNING]   javax.xml.bind.ParseConversionEvent
[WARNING]   javax.xml.bind.PrintConversionEvent
[WARNING]   javax.xml.bind.PropertyException
[WARNING]   javax.xml.bind.SchemaOutputResolver
[WARNING]   javax.xml.bind.TypeConstraintException
[WARNING]   javax.xml.bind.UnmarshalException
[WARNING]   javax.xml.bind.Unmarshaller
[WARNING]   javax.xml.bind.UnmarshallerHandler
[WARNING]   javax.xml.bind.ValidationEvent
[WARNING]   javax.xml.bind.ValidationEventHandler
[WARNING]   javax.xml.bind.ValidationEventLocator
[WARNING]   javax.xml.bind.ValidationException
[WARNING]   javax.xml.bind.Validator
[WARNING]   javax.xml.bind.WhiteSpaceProcessor
[WARNING]   javax.xml.bind.annotation.DomHandler
[WARNING]   javax.xml.bind.annotation.W3CDomHandler
[WARNING]   javax.xml.bind.annotation.XmlAccessOrder
[WARNING]   javax.xml.bind.annotation.XmlAccessType
[WARNING]   javax.xml.bind.annotation.XmlAccessorOrder
[WARNING]   javax.xml.bind.annotation.XmlAccessorType
[WARNING]   javax.xml.bind.annotation.XmlAnyAttribute
[WARNING]   javax.xml.bind.annotation.XmlAnyElement
[WARNING]   javax.xml.bind.annotation.XmlAttachmentRef
[WARNING]   javax.xml.bind.annotation.XmlAttribute
[WARNING]   javax.xml.bind.annotation.XmlElement
[WARNING]   javax.xml.bind.annotation.XmlElementDecl
[WARNING]   javax.xml.bind.annotation.XmlElementRef
[WARNING]   javax.xml.bind.annotation.XmlElementRefs
[WARNING]   javax.xml.bind.annotation.XmlElementWrapper
[WARNING]   javax.xml.bind.annotation.XmlElements
[WARNING]   javax.xml.bind.annotation.XmlEnum
[WARNING]   javax.xml.bind.annotation.XmlEnumValue
[WARNING]   javax.xml.bind.annotation.XmlID
[WARNING]   javax.xml.bind.annotation.XmlIDREF
[WARNING]   javax.xml.bind.annotation.XmlInlineBinaryData
[WARNING]   javax.xml.bind.annotation.XmlList
[WARNING]   javax.xml.bind.annotation.XmlMimeType
[WARNING]   javax.xml.bind.annotation.XmlMixed
[WARNING]   javax.xml.bind.annotation.XmlNs
[WARNING]   javax.xml.bind.annotation.XmlNsForm
[WARNING]   javax.xml.bind.annotation.XmlRegistry
[WARNING]   javax.xml.bind.annotation.XmlRootElement
[WARNING]   javax.xml.bind.annotation.XmlSchema
[WARNING]   javax.xml.bind.annotation.XmlSchemaType
[WARNING]   javax.xml.bind.annotation.XmlSchemaTypes
[WARNING]   javax.xml.bind.annotation.XmlSeeAlso
[WARNING]   javax.xml.bind.annotation.XmlTransient
[WARNING]   javax.xml.bind.annotation.XmlType
[WARNING]   javax.xml.bind.annotation.XmlValue
[WARNING]   javax.xml.bind.annotation.adapters.CollapsedStringAdapter
[WARNING]   javax.xml.bind.annotation.adapters.HexBinaryAdapter
[WARNING]   javax.xml.bind.annotation.adapters.NormalizedStringAdapter
[WARNING]   javax.xml.bind.annotation.adapters.XmlAdapter
[WARNING]   javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter
[WARNING]   javax.xml.bind.annotation.adapters.XmlJavaTypeAdapters
[WARNING]   javax.xml.bind.attachment.AttachmentMarshaller
[WARNING]   javax.xml.bind.attachment.AttachmentUnmarshaller
[WARNING]   javax.xml.bind.helpers.AbstractMarshallerImpl
[WARNING]   javax.xml.bind.helpers.AbstractUnmarshallerImpl
[WARNING]   javax.xml.bind.helpers.DefaultValidationEventHandler
[WARNING]   javax.xml.bind.helpers.Messages
[WARNING]   javax.xml.bind.helpers.NotIdentifiableEventImpl
[WARNING]   javax.xml.bind.helpers.ParseConversionEventImpl
[WARNING]   javax.xml.bind.helpers.PrintConversionEventImpl
[WARNING]   javax.xml.bind.helpers.ValidationEventImpl
[WARNING]   javax.xml.bind.helpers.ValidationEventLocatorImpl
[WARNING]   javax.xml.bind.util.JAXBResult
[WARNING]   javax.xml.bind.util.JAXBSource
[WARNING]   javax.xml.bind.util.Messages
[WARNING]   javax.xml.bind.util.ValidationEventCollector
[WARNING] Found duplicate and different resources in [jakarta.xml.bind:jakarta.xml.bind-api:2.3.2, javax.xml.bind:jaxb-api:2.2.11]:
[WARNING]   javax/xml/bind/Messages.properties
[WARNING]   javax/xml/bind/helpers/Messages.properties
[WARNING]   javax/xml/bind/util/Messages.properties
[WARNING] Found duplicate classes/resources in runtime classpath.

Issue with reading UINT32 and UINT64 columns

Hi, I am trying the Parquet reader with a parquet file having UNIT32 and UNIT 64 types
When I read a row - I am getting -1 for these two column types.

Dependency used:

<groupId>com.exasol</groupId>
<artifactId>parquet-io-java</artifactId>
 <version>2.0.3</version>

I am sharing the parquet file used:
int_types.parquet.zip

This is the output I am seeing from the reader
Row(values=[255,65535,-1,-1,-128,-32768])

But the file contents are this
Screenshot 2023-05-24 at 8 58 58 PM

Fix vulnerabilities in org.apache.commons:commons-compress:jar:1.24.0:compile & com.nimbusds:nimbus-jose-jwt:jar:9.8.1:compile 

 Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project parquet-io-java: Detected 2 vulnerable components:
Error:    org.apache.commons:commons-compress:jar:1.24.0:compile; https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2024-25710] CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') (8.1); https://ossindex.sonatype.org/vulnerability/CVE-2024-25710?component-type=maven&component-name=org.apache.commons%2Fcommons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2024-26308] CWE-770: Allocation of Resources Without Limits or Throttling (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2024-26308?component-type=maven&component-name=org.apache.commons%2Fcommons-compress&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:    com.nimbusds:nimbus-jose-jwt:jar:9.8.1:compile; https://ossindex.sonatype.org/component/pkg:maven/com.nimbusds/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2023-52428] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2023-52428?component-type=maven&component-name=com.nimbusds%2Fnimbus-jose-jwt&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1

๐Ÿ” CVE-2024-36114: io.airlift:aircompressor:jar:0.21:compile

Summary

Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. All decompressor implementations of Aircompressor (LZ4, LZO, Snappy, Zstandard) can crash the JVM for certain input, and in some cases also leak the content of other memory of the Java process (which could contain sensitive information). When decompressing certain data, the decompressors try to access memory outside the bounds of the given byte arrays or byte buffers. Because Aircompressor uses the JDK class sun.misc.Unsafe to speed up memory access, no additional bounds checks are performed and this has similar security consequences as out-of-bounds access in C or C++, namely it can lead to non-deterministic behavior or crash the JVM. Users should update to Aircompressor 0.27 or newer where these issues have been fixed. When decompressing data from untrusted users, this can be exploited for a denial-of-service attack by crashing the JVM, or to leak other sensitive information from the Java process. There are no known workarounds for this issue.

CVE: CVE-2024-36114
CWE: CWE-125

References

Fix vulnerabilites in dependencies

Ossindex reports many vulnerable dependencies:

[ERROR] Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.1.0:audit (default-cli) on project parquet-io-java: Detected 6 vulnerable components:
[ERROR]   com.squareup.okhttp:okhttp:jar:2.7.5:compile; https://ossindex.sonatype.org/component/pkg:maven/com.squareup.okhttp/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [CVE-2021-0341] CWE-295: Improper Certificate Validation (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2021-0341?component-type=maven&component-name=com.squareup.okhttp%2Fokhttp&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [sonatype-2018-0035] CWE-20: Improper Input Validation (5.9); https://ossindex.sonatype.org/vulnerability/sonatype-2018-0035?component-type=maven&component-name=com.squareup.okhttp%2Fokhttp&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]   org.apache.hadoop:hadoop-common:jar:3.3.1:compile; https://ossindex.sonatype.org/component/pkg:maven/org.apache.hadoop/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [CVE-2022-26612] CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (9.8); https://ossindex.sonatype.org/vulnerability/CVE-2022-26612?component-type=maven&component-name=org.apache.hadoop%2Fhadoop-common&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]   com.google.guava:guava:jar:31.0.1-jre:compile; https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [sonatype-2020-0926] CWE-379: Creation of Temporary File in Directory with Incorrect Permissions (6.2); https://ossindex.sonatype.org/vulnerability/sonatype-2020-0926?component-type=maven&component-name=com.google.guava%2Fguava&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]   com.google.protobuf:protobuf-java:jar:2.5.0:compile; https://ossindex.sonatype.org/component/pkg:maven/com.google.protobuf/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [CVE-2021-22569] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') (5.5); https://ossindex.sonatype.org/vulnerability/CVE-2021-22569?component-type=maven&component-name=com.google.protobuf%2Fprotobuf-java&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]   commons-codec:commons-codec:jar:1.11:compile; https://ossindex.sonatype.org/component/pkg:maven/commons-codec/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
[ERROR]     * [sonatype-2012-0050] CWE-20: Improper Input Validation (5.3); https://ossindex.sonatype.org/vulnerability/sonatype-2012-0050?component-type=maven&component-name=commons-codec%2Fcommons-codec&utm_source=ossindex-client&utm_medium=integration&utm_content=1.1.1
[ERROR]   com.google.code.gson:gson:jar:2.2.4:compile; https://ossindex.sonatype.org/component/pkg:maven/com.google.code.gson/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
[ERROR]     * [sonatype-2021-1694] CWE-502: Deserialization of Untrusted Data (7.5); https://ossindex.sonatype.org/vulnerability/sonatype-2021-1694?component-type=maven&component-name=com.google.code.gson%2Fgson&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1

Fix CVE-2023-43642 in `org.xerial.snappy:snappy-java` 

Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project parquet-io-java: Detected 1 vulnerable components:
Error:    org.xerial.snappy:snappy-java:jar:1.1.10.1:compile; https://ossindex.sonatype.org/component/pkg:maven/org.xerial.snappy/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2023-43642] CWE-770: Allocation of Resources Without Limits or Throttling (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2023-43642?component-type=maven&component-name=org.xerial.snappy%2Fsnappy-java&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1

Add polling interface to RowParquetChunkReader

Currently, the RowParquetChunkReader reads as fast as it can a publishes the results to a Comsumer.
In some cases this is not suitable. Instead a polling approach is required here.

Suggestion: Implement as Iterator and map the current implementation on the new one.

Fix failing dependency check build 

Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project parquet-io-java: Detected 3 vulnerable components:
Error:    com.fasterxml.woodstox:woodstox-core:jar:5.3.0:compile; https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.woodstox/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2022-40152] CWE-787: Out-of-bounds Write (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2022-40152?component-type=maven&component-name=com.fasterxml.woodstox%2Fwoodstox-core&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:    com.fasterxml.jackson.core:jackson-core:jar:2.12.7:compile; https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * 1 vulnerability found (7.5); https://ossindex.sonatype.org/vulnerability/sonatype-2022-6438
Error:    commons-net:commons-net:jar:3.6:compile; https://ossindex.sonatype.org/component/pkg:maven/commons-net/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2021-37533] CWE-20: Improper Input Validation (6.5); https://ossindex.sonatype.org/vulnerability/CVE-2021-37533?component-type=maven&component-name=commons-net%2Fcommons-net&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1

Replace foreach clauses in Parquet readers with loops

Situation

There are couple of foreach iterations when reading Parquet values. We should replace them with loops, since foreach add more overhead than necessary.

Acceptance Criteria

  • Replaced foreach iterations with loops

Add project-keeper

Version 0.7.3 of prject-keeper fixed an issued that made it impossioble to use it here

Dependency check build fails 

Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project parquet-io-java: Detected 1 vulnerable components:
Error:    ch.qos.reload4j:reload4j:jar:1.2.18.3:compile; https://ossindex.sonatype.org/component/pkg:maven/ch.qos.reload4j/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * 1 vulnerability found (8.6); https://ossindex.sonatype.org/vulnerability/sonatype-2022-5401

Update to scala version 2.12.x

Situation

The library should be released with earlier versions of the Scala version. This allows users to integrate the library with 2.12.x and 2.13.x projects.

Acceptance Criteria

  • Scala library is updated to 2.12.x version

Vulnerabilitiy in transitive dependency org.eclipse.jetty:jetty-util

Dependency check fails:

 Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project parquet-io-java: Detected 1 vulnerable components:
Error:    org.eclipse.jetty:jetty-util:jar:9.4.48.v20220622:compile; https://ossindex.sonatype.org/component/pkg:maven/org.eclipse.jetty/[email protected]?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2023-26048] CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion') (5.3); https://ossindex.sonatype.org/vulnerability/CVE-2023-26048?component-type=maven&component-name=org.eclipse.jetty%2Fjetty-util&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:  
Error:  Excluded vulnerabilities:
Error:    - 1 vulnerability found (8.6); https://ossindex.sonatype.org/vulnerability/sonatype-2022-5732
Error:  -> [Help 1]

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.