Update from upstream#22
Merged
Merged
Conversation
Add a new workflow (kafka-connect-cve-scan.yml) that scans bundled Kafka Connect jars for known CVEs using Trivy in rootfs mode. The scan runs as a separate, non-required check so that CVE findings are visible without blocking merges. On push to main/release branches, results are uploaded as SARIF to the GitHub Security tab. Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
…#16279) Co-authored-by: Cursor <cursoragent@cursor.com>
…e#16291) * scan all bundle and runtime modules * remove old workflow * thanks huaxin Co-authored-by: Copilot <copilot@github.com> --------- Co-authored-by: Copilot <copilot@github.com>
…16284) When executing queries on cloud storage, SerializableFileIOWithSize dropped the file length when intercepting FileIO.newInputFile(path, length) requests. This caused underlying IO modules like GCSFileIO to execute expensive and synchronous object metadata API calls to determine file sizes when reading columnar footers. This PR adds the missing newInputFile(String path, long length) override to SerializableFileIOWithSize across all affected Spark modules, preserving the length parameter and eliminating the unnecessary metadata lookups.
…erts (apache#16301) * Build: Allow versioned PR title prefixes Allow the PR title check workflow to accept module prefixes that include version tokens, such as Flink 2.1. Ignore PR title workflow-only changes in broad CI workflows so updates to the title checker do not trigger unrelated CI suites. Co-authored-by: Codex <codex@openai.com> * Update .github/workflows/pr-title-check.yml * Update .github/workflows/pr-title-check.yml --------- Co-authored-by: Codex <codex@openai.com> Co-authored-by: Kevin Liu <kevinjqliu@users.noreply.github.com>
* Build: Test out Parquet 1.17.1 * Update build.gradle --------- Co-authored-by: Kevin Liu <kevinjqliu@users.noreply.github.com>
…e#15973) * API: Remove unnecessary EOFException FileRange constructor. * Review comment
apache#16263) Co-authored-by: ChengJi <cheng.ji@databricks.com> Co-authored-by: Russell Spitzer <russell.spitzer@GMAIL.COM>
…er in parser chains (apache#16306) Backport of apache#14483 (and follow-up apache#14497) to spark/v3.4.
Backport of apache#15683 (and length fix apache#16284) to spark/v3.4. Note: BaseReader required an adaptation \u2014 v3.4 still used the legacy table.encryption().decrypt(...) path. Switched it to fileIO.bulkDecrypt(...) to match v3.5/4.0/4.1, since the broadcast FileIO is now an EncryptingFileIO (combined in the constructor). All other files match the v3.5 patch byte-for-byte (with paths translated).
…ark (apache#16308) Backport of apache#15832 to spark/v3.4. Adds the output-sort-order-id write option and threads the resolved sort-order id through SparkWrite and SparkPositionDeltaWrite so written data files record the sort order in their manifest entry. Adaptation: v3.4 SparkWrite still uses 'partitionedFanoutEnabled' (not renamed to 'useFanoutWriter' as in v3.5). Kept the v3.4 name and added the new 'sortOrderId' parameter alongside it.
Backport of apache#15992 to spark/v3.4. Stacked on PR apache#16307 (apache#15683 SerializableFileIOWithSize), which is itself a backport. Adaptations from the source PR: - SparkMicroBatchStream.java was replaced wholesale with the v3.5 post-apache#15992 version because v3.4 had structural drift; the refactor extracts the planning logic into the new planner classes and there are no v3.4-only features in this file. - TestStructuredStreamingRead3.java was likewise replaced with the v3.5 version (which adds parameterized sync/async coverage). The only non-mechanical change is using 'SparkCatalogConfig.SPARK' instead of 'SparkCatalogConfig.SPARK_SESSION', because v3.4 still uses the older enum name.
…xtractor for v2.0 (apache#16322)
…xtractor for 1.20 (apache#16323)
…ering (apache#16303) * Spark: Backport migrate SparkCopyOnWriteScan to SupportsRuntimeV2Filtering * trigger build * Update spark/v3.4/spark/src/main/java/org/apache/iceberg/spark/source/SparkCopyOnWriteScan.java * Update spark/v3.5/spark/src/main/java/org/apache/iceberg/spark/source/SparkCopyOnWriteScan.java * Update spark/v4.0/spark/src/main/java/org/apache/iceberg/spark/source/SparkCopyOnWriteScan.java * add back import * spark 3.4: SupportsRuntimeFiltering -> SupportsRuntimeV2Filtering --------- Co-authored-by: Kevin Liu <kevin.jq.liu@gmail.com> Co-authored-by: Kevin Liu <kevinjqliu@users.noreply.github.com>
…16328) Co-authored-by: Timothy Meehan <tim@timdmeehan.com>
…ance tasks to 2.0 and 1.20 (apache#16337) Backports apache#16329
Agent-Logs-Url: https://github.com/kevinjqliu/iceberg/sessions/682ce8b4-890f-41a9-a89a-b1f2873be44c Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: kevinjqliu <9057843+kevinjqliu@users.noreply.github.com>
…orders with dropped fields (apache#16519) (apache#16521)
…16555) Bumps software.amazon.awssdk:bom from 2.44.4 to 2.44.7. --- updated-dependencies: - dependency-name: software.amazon.awssdk:bom dependency-version: 2.44.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.4 to 4.35.5. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@68bde55...9e0d7b8) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless) from 8.4.0 to 8.5.1. - [Release notes](https://github.com/diffplug/spotless/releases) - [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md) - [Commits](diffplug/spotless@gradle/8.4.0...gradle/8.5.1) --- updated-dependencies: - dependency-name: com.diffplug.spotless:spotless-plugin-gradle dependency-version: 8.5.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps `slf4j` from 2.0.17 to 2.0.18. Updates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18 Updates `org.slf4j:slf4j-simple` from 2.0.17 to 2.0.18 --- updated-dependencies: - dependency-name: org.slf4j:slf4j-api dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: org.slf4j:slf4j-simple dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) from 0.5.3 to 0.5.6. - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](zizmorcore/zizmor-action@b1d7e1f...5f14fd0) --- updated-dependencies: - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…pache#16551) Bumps [com.google.cloud:libraries-bom](https://github.com/googleapis/java-cloud-bom) from 26.81.0 to 26.83.0. - [Release notes](https://github.com/googleapis/java-cloud-bom/releases) - [Commits](googleapis/java-cloud-bom@v26.81.0...v26.83.0) --- updated-dependencies: - dependency-name: com.google.cloud:libraries-bom dependency-version: 26.83.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
github-actions
Bot
added
BUILD
API
SPARK
CORE
PARQUET
DATA
FLINK
KAFKACONNECT
INFRA
DOCS
SPECIFICATION
ARROW
ORC
AWS
GCP
OPENAPI
AZURE
labels
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.