ENG-58332:Upgrade Micrometer version

[harshit-kumar-v2]

Description

Please include a summary of the change, motivation and context.

Testing

Please describe the tests that you ran to verify your changes. Please summarize what did you test and what needs to be tested e.g. deployed and tested helm chart locally.

Checklist:

• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• Any dependent changes have been merged and published in downstream modules

Documentation

Make sure that you have documented corresponding changes in this repository or hypertrace docs repo if required.

[github-actions]

Test Results

32 tests  ±0   32 ✅ ±0   14s ⏱️ -1s
 9 suites ±0    0 💤 ±0 
 9 files   ±0    0 ❌ ±0 

Results for commit 3f04349. ± Comparison against base commit 0530d03.

♻️ This comment has been updated with latest results.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 68.21%. Comparing base (0530d03) to head (3f04349).
Report is 1 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff              @@
##               main     #115      +/-   ##
============================================
- Coverage     68.53%   68.21%   -0.33%     
  Complexity      107      107              
============================================
  Files            17       17              
  Lines           623      623              
  Branches         32       32              
============================================
- Hits            427      425       -2     
- Misses          177      179       +2     
  Partials         19       19              

Flag	Coverage Δ
unit	68.21% <ø> (-0.33%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[aaron-steinfeld]

This is a FP, please use a CPE suppression with no expiration and move it to the global suppression file. The vulnerability is in the prom server, not client.

[harshit-kumar-v2]

why do we need CPE suppression? what does it do?

made the changes

1. Add FP suppression micrometer client github-actions#74
2. http://github.com/hypertrace/service-framework/pull/116

[aaron-steinfeld]

By suppressing the CPE instead of the CVE we prevent future issues from popping up here too. The CVE suppression says "CVE-2019-3826 is not applicable to the micrometer prom client". The CPE suppression says "the micrometer prom client isn't the same thing as the prometheus server, and thus should not inherit prometheus server vulnerabilities".

Hope that helps.