From 20d639d313bcbf4eaaa946e01148cc65da5d8468 Mon Sep 17 00:00:00 2001 From: Cheng Pan Date: Fri, 7 Jun 2024 17:17:06 +0800 Subject: [PATCH] [KYUUBI #6457] Strip dependencies from REST client MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit # :mag: Description This PR removes two dependencies from the `kyuubi-rest-client` module - `commons-collections` - has CVE Cx78f40514-81ff and is only used in one place, just rewrite to remove the dependency - `javax.servlet-api` - only used for UT, correct the scope from `compile` to `test` ## Types of changes :bookmark: - [ ] Bugfix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) ## Test Plan ๐Ÿงช Pass GHA --- # Checklist ๐Ÿ“ - [x] This patch was not authored or co-authored using [Generative Tooling](https://www.apache.org/legal/generative-tooling.html) **Be nice. Be informative.** Closes #6457 from pan3793/rest-client-dep. Closes #6457 c24af70ac [Cheng Pan] dep list 80969d0d3 [Cheng Pan] nit 950d4b730 [Cheng Pan] fix 169281903 [Cheng Pan] fix import c068ba10f [Cheng Pan] nit d46653d53 [Cheng Pan] fix ca7831732 [Cheng Pan] Strip dependencies from REST client Authored-by: Cheng Pan Signed-off-by: Cheng Pan (cherry picked from commit f7e8d69ac0595f2856b9204323dd37925caa472c) Signed-off-by: Cheng Pan --- dev/dependencyList | 1 - kyuubi-rest-client/pom.xml | 16 ++++++---------- .../org/apache/kyuubi/client/RestClient.java | 3 +-- 3 files changed, 7 insertions(+), 13 deletions(-) diff --git a/dev/dependencyList b/dev/dependencyList index 327d4ac15..348bf08b6 100644 --- a/dev/dependencyList +++ b/dev/dependencyList @@ -29,7 +29,6 @@ arrow-vector/12.0.0//arrow-vector-12.0.0.jar checker-qual/3.42.0//checker-qual-3.42.0.jar classgraph/4.8.138//classgraph-4.8.138.jar commons-codec/1.15//commons-codec-1.15.jar -commons-collections/3.2.2//commons-collections-3.2.2.jar commons-lang3/3.13.0//commons-lang3-3.13.0.jar commons-logging/1.1.3//commons-logging-1.1.3.jar error_prone_annotations/2.20.0//error_prone_annotations-2.20.0.jar diff --git a/kyuubi-rest-client/pom.xml b/kyuubi-rest-client/pom.xml index 24571ff9a..cf4b226c7 100644 --- a/kyuubi-rest-client/pom.xml +++ b/kyuubi-rest-client/pom.xml @@ -39,16 +39,6 @@ jackson-databind - - commons-collections - commons-collections - - - - javax.servlet - javax.servlet-api - - org.apache.commons commons-lang3 @@ -122,6 +112,12 @@ jetty-servlet test + + + javax.servlet + javax.servlet-api + test + diff --git a/kyuubi-rest-client/src/main/java/org/apache/kyuubi/client/RestClient.java b/kyuubi-rest-client/src/main/java/org/apache/kyuubi/client/RestClient.java index 86af2c759..86de74cf6 100644 --- a/kyuubi-rest-client/src/main/java/org/apache/kyuubi/client/RestClient.java +++ b/kyuubi-rest-client/src/main/java/org/apache/kyuubi/client/RestClient.java @@ -24,7 +24,6 @@ import java.net.URISyntaxException; import java.net.UnknownHostException; import java.nio.charset.StandardCharsets; import java.util.Map; -import org.apache.commons.collections.MapUtils; import org.apache.commons.lang3.StringUtils; import org.apache.http.HttpEntity; import org.apache.http.HttpHeaders; @@ -207,7 +206,7 @@ public class RestClient implements IRestClient { String url = StringUtils.isNotBlank(path) ? this.baseUrl + "/" + path : this.baseUrl; URIBuilder builder = new URIBuilder(url); - if (MapUtils.isNotEmpty(params)) { + if (params != null) { for (Map.Entry entry : params.entrySet()) { if (entry.getValue() != null) { builder.addParameter(entry.getKey(), entry.getValue().toString());