[INTERNAL]: Fix bannedDependencies failure: bump scala-jackson.version to 2.18.7#49263
Merged
Conversation
The update_versions.py script's regex only matches <version> XML elements,
silently skipping custom property tags like <scala-jackson.version> despite
valid {x-version-update} comments. When PR #49180 bumped Jackson to 2.18.7,
these properties were left stale, causing the enforcer to ban the correct
2.18.7 dependency.
Bump scala-jackson.version from 2.18.6/2.18.4 to 2.18.7 in all four Spark
parent POMs. The underlying script limitation is tracked in PR #49262.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR unblocks Cosmos Spark builds by aligning the scala-jackson.version Maven property with the Jackson 2.18.7 bump, avoiding maven-enforcer-plugin bannedDependencies failures caused by a stale allowlist version.
Changes:
- Bump
scala-jackson.versionto2.18.7in Spark parent POMs for Spark 3.x, 3.5, 3.5 (2.12), and Spark 4.x. - Keep existing
{x-version-update}annotations on the property lines while updating the pinned version value.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.
| File | Description |
|---|---|
| sdk/cosmos/azure-cosmos-spark_3/pom.xml | Updates scala-jackson.version to 2.18.7 for Spark 3 parent. |
| sdk/cosmos/azure-cosmos-spark_3-5/pom.xml | Updates scala-jackson.version to 2.18.7 for Spark 3.5 parent. |
| sdk/cosmos/azure-cosmos-spark_3-5_2-12/pom.xml | Updates scala-jackson.version to 2.18.7 for Spark 3.5 (2.12) parent. |
| sdk/cosmos/azure-cosmos-spark_4/pom.xml | Updates scala-jackson.version to 2.18.7 for Spark 4 parent. |
6 tasks
jeet1995
changed the title
This was referenced May 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
After the Jackson 2.18.6 to 2.18.7 dependency bump in PR #49180, the maven-enforcer-plugin bannedDependencies rule in azure-cosmos-spark_3/pom.xml rejects jackson-module-scala 2.18.7 as banned. This blocks all PRs that trigger Cosmos Spark builds (e.g., #49095, #49258).
Root Cause
The
update_versions.pyscript's regex (external_dependency_version_regexineng/versioning/utils.py) only matches values inside<version>...</version>XML elements. Custom Maven property tags like<scala-jackson.version>are silently skipped despite having valid{x-version-update}comments.When PR #49180 ran update_versions.py:
<version>tags to 2.18.7{x-include-update}enforcer entries to [2.18.7]<scala-jackson.version>properties (left at 2.18.6 or 2.18.4)The enforcer allowlist (which uses
${scala-jackson.version}) then permits only the stale version, while Maven resolves 2.18.7 -- banned.Fix
Bump
<scala-jackson.version>to 2.18.7 in all four Spark parent POMs:azure-cosmos-spark_3/pom.xml(2.18.6 -> 2.18.7)azure-cosmos-spark_3-5/pom.xml(2.18.4 -> 2.18.7)azure-cosmos-spark_3-5_2-12/pom.xml(2.18.4 -> 2.18.7)azure-cosmos-spark_4/pom.xml(2.18.6 -> 2.18.7)The underlying script limitation is tracked in draft PR #49262.
Supersedes #49261 (closed due to branch update).