diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index a8a002a..045b969 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -37,7 +37,7 @@ jobs: args: copyAllReports --output-dir=/tmp/test-reports - name: Archive test reports - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: test-reports path: /tmp/test-reports diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml index a931e5c..3c51e4c 100644 --- a/owasp-suppressions.xml +++ b/owasp-suppressions.xml @@ -1,11 +1,3 @@ - - - ^pkg:maven/org\.eclipse\.jetty/jetty\-.*@.*$ - CVE-2024-8184 - CVE-2024-6763 - diff --git a/platform-grpc-service-framework/build.gradle.kts b/platform-grpc-service-framework/build.gradle.kts index ca62b8c..d08787d 100644 --- a/platform-grpc-service-framework/build.gradle.kts +++ b/platform-grpc-service-framework/build.gradle.kts @@ -7,10 +7,10 @@ plugins { dependencies { api(project(":platform-service-framework")) - api(platform("io.grpc:grpc-bom:1.68.1")) + api(platform("io.grpc:grpc-bom:1.68.3")) api("io.grpc:grpc-api") api("io.grpc:grpc-services") - api("org.hypertrace.core.grpcutils:grpc-client-utils:0.13.7") + api("org.hypertrace.core.grpcutils:grpc-client-utils:0.13.10") api("com.typesafe:config:1.4.2") api("com.google.protobuf:protobuf-java:3.25.5") api(project(":service-framework-spi")) @@ -22,5 +22,5 @@ dependencies { implementation("io.grpc:grpc-inprocess") implementation("io.grpc:grpc-netty") implementation("org.slf4j:slf4j-api:1.7.36") - implementation("org.hypertrace.core.grpcutils:grpc-server-utils:0.13.7") + implementation("org.hypertrace.core.grpcutils:grpc-server-utils:0.13.10") } diff --git a/platform-http-service-framework/build.gradle.kts b/platform-http-service-framework/build.gradle.kts index a5ecb94..8f00b47 100644 --- a/platform-http-service-framework/build.gradle.kts +++ b/platform-http-service-framework/build.gradle.kts @@ -5,7 +5,7 @@ plugins { dependencies { api(project(":platform-service-framework")) - api("org.hypertrace.core.grpcutils:grpc-client-utils:0.13.7") + api("org.hypertrace.core.grpcutils:grpc-client-utils:0.13.10") api("com.typesafe:config:1.4.2") api("jakarta.servlet:jakarta.servlet-api:6.0.0") api("com.google.inject:guice:7.0.0") @@ -15,9 +15,9 @@ dependencies { implementation("org.slf4j:slf4j-api:1.7.36") implementation("com.google.inject.extensions:guice-servlet:7.0.0") implementation("com.google.guava:guava:31.1-jre") - implementation("org.eclipse.jetty:jetty-servlet:11.0.20") - implementation("org.eclipse.jetty:jetty-server:11.0.20") - implementation("org.eclipse.jetty:jetty-servlets:11.0.20") + implementation("org.eclipse.jetty:jetty-servlet:11.0.24") + implementation("org.eclipse.jetty:jetty-server:11.0.24") + implementation("org.eclipse.jetty:jetty-servlets:11.0.24") annotationProcessor("org.projectlombok:lombok:1.18.24") compileOnly("org.projectlombok:lombok:1.18.24") } diff --git a/platform-metrics/build.gradle.kts b/platform-metrics/build.gradle.kts index dcb56fa..81282c4 100644 --- a/platform-metrics/build.gradle.kts +++ b/platform-metrics/build.gradle.kts @@ -23,7 +23,7 @@ dependencies { implementation("io.prometheus:simpleclient_dropwizard:0.16.0") implementation("io.prometheus:simpleclient_servlet_jakarta:0.16.0") implementation("io.prometheus:simpleclient_pushgateway:0.16.0") - implementation("org.eclipse.jetty:jetty-servlet:11.0.20") + implementation("org.eclipse.jetty:jetty-servlet:11.0.24") implementation("com.google.guava:guava:32.0.1-jre") compileOnly("com.github.ben-manes.caffeine:caffeine:3.1.8") diff --git a/platform-service-framework/build.gradle.kts b/platform-service-framework/build.gradle.kts index e0acc68..1d62938 100644 --- a/platform-service-framework/build.gradle.kts +++ b/platform-service-framework/build.gradle.kts @@ -19,7 +19,7 @@ dependencies { // Use for thread dump servlet implementation("io.dropwizard.metrics:metrics-jakarta-servlets:4.2.25") - implementation("org.eclipse.jetty:jetty-servlet:11.0.20") + implementation("org.eclipse.jetty:jetty-servlet:11.0.24") // Use for metrics servlet implementation("io.prometheus:simpleclient_servlet_jakarta:0.16.0")