kafka upgrade (#48)

Author: laxmanchekka

build.gradle.kts

@@ -2,10 +2,10 @@ import org.hypertrace.gradle.publishing.HypertracePublishExtension
 import org.hypertrace.gradle.publishing.License
 
 plugins {
-  id("org.hypertrace.repository-plugin") version "0.4.0"
+  id("org.hypertrace.repository-plugin") version "0.4.1"
   id("org.hypertrace.ci-utils-plugin") version "0.3.0"
-  id("org.hypertrace.avro-plugin") version "0.3.1" apply false
-  id("org.hypertrace.publish-plugin") version "1.0.2" apply false
+  id("org.hypertrace.avro-plugin") version "0.4.0" apply false
+  id("org.hypertrace.publish-plugin") version "1.0.4" apply false
   id("org.hypertrace.jacoco-report-plugin") version "0.2.0" apply false
 }
 

kafka-streams-framework/build.gradle.kts

@@ -15,33 +15,19 @@ dependencies {
   compileOnly("org.projectlombok:lombok:1.18.24")
 
   api(project(":kafka-streams-serdes"))
-  api("com.typesafe:config:1.4.2")
-  api("org.apache.kafka:kafka-streams:6.0.1-ccs")
-  api("io.confluent:kafka-streams-avro-serde:6.0.1")
+  api("org.apache.kafka:kafka-streams:7.2.1-ccs")
+  api("io.confluent:kafka-streams-avro-serde:7.2.1")
 
   implementation("com.google.guava:guava:31.1-jre")
-  implementation("org.apache.avro:avro:1.10.2")
-  implementation("org.apache.kafka:kafka-clients:6.0.1-ccs")
+  implementation("org.apache.avro:avro:1.11.1")
+  implementation("org.apache.kafka:kafka-clients:7.2.1-ccs")
   implementation("org.hypertrace.core.serviceframework:platform-metrics:0.1.39")
   implementation("org.hypertrace.core.serviceframework:platform-service-framework:0.1.39")
   implementation("org.apache.commons:commons-lang3:3.12.0")
 
-
-  constraints {
-    api("org.glassfish.jersey.core:jersey-common:2.34") {
-      because("https://snyk.io/vuln/SNYK-JAVA-ORGGLASSFISHJERSEYCORE-1255637")
-    }
-
-    implementation("com.fasterxml.jackson.core:jackson-databind:2.13.2.1") {
-      because("Denial of Service (DoS) [High Severity]" +
-              "[https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244] " +
-              "in com.fasterxml.jackson.core:jackson-databind@2.13.1")
-    }
-  }
-
-  testImplementation("org.apache.kafka:kafka-streams-test-utils:6.0.1-ccs")
-  testImplementation("org.junit.jupiter:junit-jupiter:5.8.2")
-  testImplementation("org.junit-pioneer:junit-pioneer:1.7.0")
+  testImplementation("org.apache.kafka:kafka-streams-test-utils:7.2.1-ccs")
+  testImplementation("org.junit.jupiter:junit-jupiter:5.9.0")
+  testImplementation("org.junit-pioneer:junit-pioneer:1.7.1")
   testImplementation("org.mockito:mockito-core:4.5.1")
   testImplementation("org.hamcrest:hamcrest-core:2.2")
   testRuntimeOnly("org.apache.logging.log4j:log4j-slf4j-impl:2.17.2")

kafka-streams-serdes/build.gradle.kts

@@ -11,19 +11,10 @@ tasks.test {
 }
 
 dependencies {
-  api("org.apache.kafka:kafka-streams:6.0.1-ccs")
-  api("org.apache.avro:avro:1.10.2")
-  implementation("org.apache.kafka:kafka-clients:6.0.1-ccs")
+  api("org.apache.kafka:kafka-clients:7.2.1-ccs")
+  api("org.apache.avro:avro:1.11.1")
+
   testImplementation("org.junit.jupiter:junit-jupiter:5.8.2")
-  constraints {
-    api("com.fasterxml.jackson.core:jackson-databind:2.13.2.1") {
-      because("Denial of Service (DoS) [Medium Severity][https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2326698] in com.fasterxml.jackson.core:jackson-databind@2.12.2\n" +
-              "    introduced by org.apache.avro:avro@1.10.2 > com.fasterxml.jackson.core:jackson-databind@2.12.2 and 2 other path(s)")
-    }
-    api("org.apache.commons:commons-compress:1.21") {
-      because("Multiple Vulnerabilities [https://nvd.nist.gov/vuln/detail/CVE-2021-35515] [https://nvd.nist.gov/vuln/detail/CVE-2021-35516] [https://nvd.nist.gov/vuln/detail/CVE-2021-35517] [https://nvd.nist.gov/vuln/detail/CVE-2021-36090] in org.apache.commons:commons-compress@1.20")
-    }
-  }
 }
 
 // Disabling compatibility check for the test avro definitions.