[Snyk] Security upgrade org.apache.flink:flink-parquet from 1.19.1 to 2.2.0

[snyk-io]

Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• pom.xml

---

This major version upgrade from Flink 1.19.1 to 2.2.0 introduces significant breaking changes, including the removal of core APIs, a new unified runtime, and potential state incompatibility. This is a major migration effort that requires significant code and configuration updates.

Highlights:

• DataSet API Removed: The legacy DataSet API is completely removed. [1] All batch processing jobs must be migrated to the DataStream API.
• State Compatibility: Checkpoints and savepoints created with Flink 1.x are not guaranteed to be compatible with Flink 2.x, requiring careful migration planning for stateful applications. [4]
• Core API and Dependency Changes: Support for Java 8 is dropped, with Java 17 now being the recommended version. [5] Legacy connector APIs (SourceFunction, SinkFunction) have also been removed, necessitating updates to any custom connectors. [3, 5]

Source: Apache Flink documentation
Recommendation: Do not merge without a thorough migration plan. Developers must rewrite applications using removed APIs, validate all connector dependencies, and plan a strategy for state migration before upgrading.

Notice 🤖: This content was generated using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

---

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Stack-based Buffer Overflow SNYK-JAVA-COMGOOGLEPROTOBUF-8055227	114	org.apache.flink:flink-parquet: 1.19.1 -> 2.2.0 Major version upgrade No Path Found No Known Exploit

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.