From 4ab5cd89723eb25a01e59ee0c2816b7737a9f9fd Mon Sep 17 00:00:00 2001
From: Ravi Singal <ravi.singal@traceable.ai>
Date: Thu, 26 May 2022 11:42:03 +0530
Subject: [PATCH 1/3] add codeql analysis action

---
 .github/workflows/codeql-analysis.yml | 45 +++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 .github/workflows/codeql-analysis.yml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 000000000..6562f56c3
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,45 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+  schedule:
+    - cron: '18 22 * * 6'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'java' ]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: create checksum file
+        uses: hypertrace/github-actions/checksum@main
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

From 97561797964b78d4b0d681465ab9a8c725fead1b Mon Sep 17 00:00:00 2001
From: Ravi Singal <ravi.singal@traceable.ai>
Date: Thu, 26 May 2022 11:51:01 +0530
Subject: [PATCH 2/3] add cache packages step

---
 .github/workflows/codeql-analysis.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 6562f56c3..c93b5a274 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -31,6 +31,18 @@ jobs:
       - name: create checksum file
         uses: hypertrace/github-actions/checksum@main
 
+      - name: create checksum file
+        uses: hypertrace/github-actions/checksum@main
+
+      - name: Cache packages
+        uses: actions/cache@v2
+        with:
+          path: ~/.gradle
+          key: gradle-packages-${{ runner.os }}-${{ github.job }}-${{ hashFiles('**/checksum.txt') }}
+          restore-keys: |
+            gradle-packages-${{ runner.os }}-${{ github.job }}
+            gradle-packages-${{ runner.os }}
+
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2

From ca11539987c5cad9afac3cf7f943e3ea7e7360fd Mon Sep 17 00:00:00 2001
From: Ravi Singal <ravi.singal@traceable.ai>
Date: Thu, 26 May 2022 15:42:57 +0530
Subject: [PATCH 3/3] fix synk failure

---
 .../enriched-span-constants/build.gradle.kts           |  2 +-
 .../hypertrace-trace-enricher-impl/build.gradle.kts    |  6 +++---
 .../hypertrace-trace-enricher/build.gradle.kts         |  6 +++---
 .../trace-reader/build.gradle.kts                      |  4 ++--
 span-normalizer/raw-span-constants/build.gradle.kts    |  2 +-
 span-normalizer/span-normalizer-api/build.gradle.kts   |  2 +-
 span-normalizer/span-normalizer/build.gradle.kts       | 10 +++++-----
 7 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/hypertrace-trace-enricher/enriched-span-constants/build.gradle.kts b/hypertrace-trace-enricher/enriched-span-constants/build.gradle.kts
index 2cb1bc956..5e1345411 100644
--- a/hypertrace-trace-enricher/enriched-span-constants/build.gradle.kts
+++ b/hypertrace-trace-enricher/enriched-span-constants/build.gradle.kts
@@ -21,7 +21,7 @@ protobuf {
   }
   plugins {
     id("grpc_java") {
-      artifact = "io.grpc:protoc-gen-grpc-java:1.42.0"
+      artifact = "io.grpc:protoc-gen-grpc-java:1.45.1"
     }
 
     if (generateLocalGoGrpcFiles) {
diff --git a/hypertrace-trace-enricher/hypertrace-trace-enricher-impl/build.gradle.kts b/hypertrace-trace-enricher/hypertrace-trace-enricher-impl/build.gradle.kts
index 53e19aee3..738b31c97 100644
--- a/hypertrace-trace-enricher/hypertrace-trace-enricher-impl/build.gradle.kts
+++ b/hypertrace-trace-enricher/hypertrace-trace-enricher-impl/build.gradle.kts
@@ -19,9 +19,9 @@ dependencies {
   implementation("org.hypertrace.core.datamodel:data-model:0.1.22")
   implementation("org.hypertrace.entity.service:entity-service-client:0.8.5")
   implementation("org.hypertrace.core.serviceframework:platform-metrics:0.1.33")
-  implementation("org.hypertrace.core.grpcutils:grpc-client-utils:0.6.2")
+  implementation("org.hypertrace.core.grpcutils:grpc-client-utils:0.7.3")
   implementation("org.hypertrace.config.service:spaces-config-service-api:0.1.0")
-  implementation("org.hypertrace.core.grpcutils:grpc-context-utils:0.6.2")
+  implementation("org.hypertrace.core.grpcutils:grpc-context-utils:0.7.3")
 
   implementation("com.typesafe:config:1.4.1")
   implementation("org.apache.httpcomponents:httpclient:4.5.13")
@@ -33,5 +33,5 @@ dependencies {
   testImplementation("org.junit.jupiter:junit-jupiter:5.7.1")
   testImplementation("org.mockito:mockito-core:3.8.0")
   testImplementation("org.mockito:mockito-junit-jupiter:3.8.0")
-  testImplementation("io.grpc:grpc-core:1.42.0")
+  testImplementation("io.grpc:grpc-core:1.45.1")
 }
diff --git a/hypertrace-trace-enricher/hypertrace-trace-enricher/build.gradle.kts b/hypertrace-trace-enricher/hypertrace-trace-enricher/build.gradle.kts
index 8f599529b..8a6b40e14 100644
--- a/hypertrace-trace-enricher/hypertrace-trace-enricher/build.gradle.kts
+++ b/hypertrace-trace-enricher/hypertrace-trace-enricher/build.gradle.kts
@@ -39,15 +39,15 @@ dependencies {
   implementation("com.typesafe:config:1.4.1")
   implementation("org.hypertrace.core.kafkastreams.framework:kafka-streams-framework:0.1.25")
   constraints {
-    runtimeOnly("io.netty:netty-codec-http2:4.1.71.Final")
-    runtimeOnly("io.netty:netty-handler-proxy:4.1.71.Final")
+    runtimeOnly("io.netty:netty-codec-http2:4.1.77.Final")
+    runtimeOnly("io.netty:netty-handler-proxy:4.1.77.Final")
     implementation("org.glassfish.jersey.core:jersey-common:2.34") {
       because("https://snyk.io/vuln/SNYK-JAVA-ORGGLASSFISHJERSEYCORE-1255637")
     }
   }
 
   // Required for the GRPC clients.
-  runtimeOnly("io.grpc:grpc-netty:1.42.0")
+  runtimeOnly("io.grpc:grpc-netty:1.45.1")
 
   // Logging
   implementation("org.slf4j:slf4j-api:1.7.30")
diff --git a/hypertrace-trace-enricher/trace-reader/build.gradle.kts b/hypertrace-trace-enricher/trace-reader/build.gradle.kts
index 25fb5a785..fd789ad66 100644
--- a/hypertrace-trace-enricher/trace-reader/build.gradle.kts
+++ b/hypertrace-trace-enricher/trace-reader/build.gradle.kts
@@ -12,8 +12,8 @@ dependencies {
   api("org.hypertrace.entity.service:entity-data-service-rx-client:0.8.5")
   api("org.hypertrace.core.datamodel:data-model:0.1.22")
   implementation("org.hypertrace.core.attribute.service:attribute-projection-registry:0.12.3")
-  implementation("org.hypertrace.core.grpcutils:grpc-client-rx-utils:0.6.2")
-  implementation("org.hypertrace.core.grpcutils:grpc-context-utils:0.6.2")
+  implementation("org.hypertrace.core.grpcutils:grpc-client-rx-utils:0.7.3")
+  implementation("org.hypertrace.core.grpcutils:grpc-context-utils:0.7.3")
   implementation("io.reactivex.rxjava3:rxjava:3.0.11")
 
   annotationProcessor("org.projectlombok:lombok:1.18.20")
diff --git a/span-normalizer/raw-span-constants/build.gradle.kts b/span-normalizer/raw-span-constants/build.gradle.kts
index c1a49d1fc..be770c917 100644
--- a/span-normalizer/raw-span-constants/build.gradle.kts
+++ b/span-normalizer/raw-span-constants/build.gradle.kts
@@ -19,7 +19,7 @@ protobuf {
   }
   plugins {
     id("grpc_java") {
-      artifact = "io.grpc:protoc-gen-grpc-java:1.42.0"
+      artifact = "io.grpc:protoc-gen-grpc-java:1.45.1"
     }
 
     if (generateLocalGoGrpcFiles) {
diff --git a/span-normalizer/span-normalizer-api/build.gradle.kts b/span-normalizer/span-normalizer-api/build.gradle.kts
index af81b5f31..5b5676377 100644
--- a/span-normalizer/span-normalizer-api/build.gradle.kts
+++ b/span-normalizer/span-normalizer-api/build.gradle.kts
@@ -20,7 +20,7 @@ protobuf {
   }
   plugins {
     id("grpc_java") {
-      artifact = "io.grpc:protoc-gen-grpc-java:1.42.0"
+      artifact = "io.grpc:protoc-gen-grpc-java:1.45.1"
     }
 
     if (generateLocalGoGrpcFiles) {
diff --git a/span-normalizer/span-normalizer/build.gradle.kts b/span-normalizer/span-normalizer/build.gradle.kts
index 243e5f611..4163aad79 100644
--- a/span-normalizer/span-normalizer/build.gradle.kts
+++ b/span-normalizer/span-normalizer/build.gradle.kts
@@ -40,14 +40,14 @@ dependencies {
   implementation("org.hypertrace.core.kafkastreams.framework:kafka-streams-framework:0.1.25")
   implementation("org.hypertrace.config.service:span-processing-config-service-api:0.1.27")
   implementation("org.hypertrace.config.service:config-utils:0.1.32")
-  implementation("org.hypertrace.core.grpcutils:grpc-client-utils:0.7.1")
-  implementation("org.hypertrace.core.grpcutils:grpc-context-utils:0.7.1")
+  implementation("org.hypertrace.core.grpcutils:grpc-client-utils:0.7.3")
+  implementation("org.hypertrace.core.grpcutils:grpc-context-utils:0.7.3")
 
   // Required for the GRPC clients.
-  runtimeOnly("io.grpc:grpc-netty:1.42.0")
+  runtimeOnly("io.grpc:grpc-netty:1.45.1")
   constraints {
-    runtimeOnly("io.netty:netty-codec-http2:4.1.71.Final")
-    runtimeOnly("io.netty:netty-handler-proxy:4.1.71.Final")
+    runtimeOnly("io.netty:netty-codec-http2:4.1.77.Final")
+    runtimeOnly("io.netty:netty-handler-proxy:4.1.77.Final")
     implementation("org.glassfish.jersey.core:jersey-common:2.34") {
       because("https://snyk.io/vuln/SNYK-JAVA-ORGGLASSFISHJERSEYCORE-1255637")
     }