hypertrace · aaron-steinfeld · Jun 29, 2023 · Jun 28, 2023 · Jun 28, 2023 · Jun 28, 2023
@@ -3,11 +3,11 @@ import org.hypertrace.gradle.publishing.License
 
 plugins {
   id("org.hypertrace.repository-plugin") version "0.4.0"
-  id("org.hypertrace.ci-utils-plugin") version "0.3.0"
+  id("org.hypertrace.ci-utils-plugin") version "0.3.2"
   id("org.hypertrace.publish-plugin") version "1.0.2" apply false
-  id("org.hypertrace.jacoco-report-plugin") version "0.2.0" apply false
+  id("org.hypertrace.jacoco-report-plugin") version "0.2.1" apply false
   id("org.hypertrace.code-style-plugin") version "1.1.2" apply false
-  id("org.owasp.dependencycheck") version "8.2.1"
+  id("org.owasp.dependencycheck") version "8.3.1"
 }
 
 subprojects {

@@ -1,5 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.4.2-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.1.1-all.zip
+networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
@@ -55,7 +55,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -80,13 +80,10 @@ do
     esac
 done
 
-APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
-
-APP_NAME="Gradle"
+# This is normally unused
+# shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
@@ -143,12 +140,16 @@ fi
 if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
     case $MAX_FD in #(
       max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC3045
         MAX_FD=$( ulimit -H -n ) ||
             warn "Could not query maximum file descriptor limit"
     esac
     case $MAX_FD in  #(
       '' | soft) :;; #(
       *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC3045
         ulimit -n "$MAX_FD" ||
             warn "Could not set maximum file descriptor limit to $MAX_FD"
     esac
@@ -193,6 +194,10 @@ if "$cygwin" || "$msys" ; then
     done
 fi
 
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
 # Collect all arguments for the java command;
 #   * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
 #     shell script including quotes and variable substitutions, so put them in
@@ -205,6 +210,12 @@ set -- \
         org.gradle.wrapper.GradleWrapperMain \
         "$@"
 
+# Stop when "xargs" is not available.
+if ! command -v xargs >/dev/null 2>&1
+then
+    die "xargs is not available"
+fi
+
 # Use "xargs" to parse quoted args.
 #
 # With -n1 it outputs one arg per line, with the quotes and backslashes removed.

@@ -14,7 +14,7 @@
 @rem limitations under the License.
 @rem
 
-@if "%DEBUG%" == "" @echo off
+@if "%DEBUG%"=="" @echo off
 @rem ##########################################################################
 @rem
 @rem  Gradle startup script for Windows
@@ -25,7 +25,8 @@
 if "%OS%"=="Windows_NT" setlocal
 
 set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
+if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
 set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
@@ -40,7 +41,7 @@ if defined JAVA_HOME goto findJavaFromJavaHome
 
 set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto execute
+if %ERRORLEVEL% equ 0 goto execute
 
 echo.
 echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
@@ -75,13 +76,15 @@ set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
 
 :end
 @rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
+if %ERRORLEVEL% equ 0 goto mainEnd
 
 :fail
 rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
 rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
+set EXIT_CODE=%ERRORLEVEL%
+if %EXIT_CODE% equ 0 set EXIT_CODE=1
+if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
+exit /b %EXIT_CODE%
 
 :mainEnd
 if "%OS%"=="Windows_NT" endlocal

@@ -49,8 +49,9 @@ private static void startServices(Optional<String> testName, String[] services)
   }
 
   public static void shutdownServices() {
+    IntegrationTestServiceLauncher.shutdown();
+
     for (String service : services) {
-      IntegrationTestServiceLauncher.shutdown();
       Awaitility.await()
           .pollInterval(INTERVAL_CHECK_IN_MILLIS, TimeUnit.MILLISECONDS)
           .and()

@@ -1,8 +1,10 @@
 package org.hypertrace.core.serviceframework;
 
-import java.util.ArrayList;
-import java.util.List;
+import java.util.LinkedList;
+import java.util.Objects;
 import java.util.Optional;
+import java.util.Queue;
+import java.util.stream.Stream;
 import org.hypertrace.core.serviceframework.config.ConfigClient;
 import org.hypertrace.core.serviceframework.config.IntegrationTestConfigClientFactory;
 import org.slf4j.Logger;
@@ -19,7 +21,7 @@
 public class IntegrationTestServiceLauncher {
 
   private static final Logger LOGGER = LoggerFactory.getLogger(PlatformServiceLauncher.class);
-  private static final List<PlatformService> PLATFORM_SERVICES = new ArrayList<>();
+  private static final Queue<PlatformService> PLATFORM_SERVICES = new LinkedList<>();
 
   public static void launchService(Optional<String> testName, String serviceName) {
     try {
@@ -28,7 +30,6 @@ public static void launchService(Optional<String> testName, String serviceName)
           IntegrationTestConfigClientFactory.getConfigClientForService(testName, serviceName);
       PlatformService app = PlatformServiceFactory.get(configClient);
       app.initialize();
-      Runtime.getRuntime().addShutdownHook(new Thread(app::shutdown));
       PLATFORM_SERVICES.add(app);
       app.start();
     } catch (Exception e) {
@@ -37,6 +38,8 @@ public static void launchService(Optional<String> testName, String serviceName)
   }
 
   static void shutdown() {
-    PLATFORM_SERVICES.forEach(PlatformService::shutdown);
+    Stream.generate(PLATFORM_SERVICES::poll)
+        .takeWhile(Objects::nonNull)
+        .forEach(PlatformService::shutdown);
   }
 }
@@ -8,4 +8,11 @@
     <cpe>cpe:/a:grpc:grpc</cpe>
     <cpe>cpe:/a:utils_project:utils</cpe>
   </suppress>
+  <suppress>
+    <notes><![CDATA[
+   Not a real CVE.
+   ]]></notes>
+    <packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
+    <cve>CVE-2023-35116</cve>
+  </suppress>
 </suppressions> 
@@ -19,9 +19,7 @@ dependencies {
   // Use for thread dump servlet
   implementation("io.dropwizard.metrics:metrics-servlets:4.2.16")
   constraints {
-    implementation("com.fasterxml.jackson.core:jackson-databind:2.14.2") {
-      because("version 2.12.7.1 has a vulnerability https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424")
-    }
+    implementation("com.fasterxml.jackson.core:jackson-databind:2.15.2")
   }
   implementation("org.eclipse.jetty:jetty-servlet:9.4.51.v20230217")