Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update ci workflows and deps #170

Merged
merged 5 commits into from
Jun 22, 2023
Merged

chore: update ci workflows and deps #170

merged 5 commits into from
Jun 22, 2023

Conversation

SrikarMannepalli
Copy link
Contributor

No description provided.

@SrikarMannepalli SrikarMannepalli changed the title update ci worklows and deps chore: update ci workflows and deps Jun 21, 2023
@github-actions
Copy link

github-actions bot commented Jun 21, 2023
edited
Loading

Test Results

113 tests   113 ✔️  1m 13s ⏱️
  28 suites      0 💤
  28 files        0

Results for commit 3398fd4.

♻️ This comment has been updated with latest results.

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@codecov
Copy link

codecov bot commented Jun 21, 2023
edited
Loading

Codecov Report

Merging #170 (3398fd4) into main (53a8290) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main     #170   +/-   ##
=========================================
  Coverage     79.76%   79.76%           
  Complexity      465      465           
=========================================
  Files            54       54           
  Lines          2333     2333           
  Branches         92       92           
=========================================
  Hits           1861     1861           
  Misses          419      419           
  Partials         53       53
Flag Coverage Δ
integration 79.76% <ø> (ø)
unit 78.11% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@SrikarMannepalli
Copy link
Contributor Author

Waiting for hypertrace/event-store#7

@SrikarMannepalli SrikarMannepalli marked this pull request as ready for review June 21, 2023 17:55
aaron-steinfeld
aaron-steinfeld reviewed Jun 21, 2023
View reviewed changes
.github/workflows/pr-build.yml Outdated Show resolved Hide resolved
gradle/libs.versions.toml Outdated Show resolved Hide resolved
@aaron-steinfeld
Copy link
Contributor

lgtm code wise, looks like some vulns remaining though

@SrikarMannepalli
Copy link
Contributor Author

SrikarMannepalli commented Jun 21, 2023
edited
Loading

lgtm code wise, looks like some vulns remaining though

netty-handler-4.1.87.Final.jar (pkg:maven/io.netty/netty-handler@4.1.87.Final, cpe:2.3:a:netty:netty:4.1.87:*:*:*:*:*:*:*) : CVE-2023-34462 is coming up after the latest commit(kafka bom introduction commit). Doesn't come up on local dependency check run though.

@aaron-steinfeld
Copy link
Contributor

aaron-steinfeld commented Jun 21, 2023
edited
Loading

Brand new, bad luck. Let me go update upstream. Looks like you've also got

guava-31.1-android.jar (pkg:maven/com.google.guava/guava@31.1-android, cpe:2.3:a:google:guava:31.1:*:*:*:*:*:*:*) : CVE-2023-2976, CVE-2020-8908

which can be fixed in the meantime.

@aaron-steinfeld
Copy link
Contributor

hypertrace/java-grpc-utils#47

@SrikarMannepalli SrikarMannepalli requested a review from a team as a code owner June 22, 2023 11:54
@SrikarMannepalli SrikarMannepalli mentioned this pull request Jun 22, 2023
Closed
3 tasks
aaron-steinfeld
aaron-steinfeld reviewed Jun 22, 2023
View reviewed changes
Copy link
Contributor

@aaron-steinfeld aaron-steinfeld left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should consolidate the workflows and add scheduling too, but can happen in separate PR. Example: hypertrace/attribute-service#170

@SrikarMannepalli SrikarMannepalli merged commit 93f14a5 into main Jun 22, 2023
@SrikarMannepalli SrikarMannepalli deleted the cleanup-deps branch June 22, 2023 17:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aaron-steinfeld aaron-steinfeld aaron-steinfeld approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@SrikarMannepalli @aaron-steinfeld