Various Dependencies updates (#487)

* Gradle wrapper version 7.6 * signers 2.2.4, okhttp 4.10.0 * log4j 2.19.0 * web3j 4.9.4 * Besu 22.10.3 * protobuf 3.21.12, reactor-netty 1.0.26 * Fixing AT --tx-pool-limit-by-account-percentage=1
Consensys · Jan 23, 2023 · a9e6b1f · a9e6b1f
1 parent fb10982
commit a9e6b1f
Show file tree

Hide file tree

Showing 6 changed files with 21 additions and 10 deletions.
diff --git a/acceptance-tests/src/test/java/tech/pegasys/ethsigner/tests/AcceptanceTestBase.java b/acceptance-tests/src/test/java/tech/pegasys/ethsigner/tests/AcceptanceTestBase.java
@@ -25,6 +25,7 @@
 
 import java.io.IOException;
 import java.net.URL;
+import java.util.List;
 
 import com.google.common.io.Resources;
 import org.junit.jupiter.api.AfterAll;
@@ -67,7 +68,10 @@ private String readResource(final String resourceName) {
   public static void setUpBase() {
     Runtime.getRuntime().addShutdownHook(new Thread(AcceptanceTestBase::tearDownBase));
 
-    final BesuNodeConfig besuNodeConfig = BesuNodeConfigBuilder.aBesuNodeConfig().build();
+    final BesuNodeConfig besuNodeConfig =
+        BesuNodeConfigBuilder.aBesuNodeConfig()
+            .withAdditionalCommandLineArgs(List.of("--tx-pool-limit-by-account-percentage=1"))
+            .build();
     final SignerConfiguration signerConfig = new SignerConfigurationBuilder().build();
 
     ethNode = BesuNodeFactory.create(besuNodeConfig);

diff --git a/...ethsigner/core/requesthandler/sendtransaction/transaction/GoQuorumEthTransactionTest.java b/...ethsigner/core/requesthandler/sendtransaction/transaction/GoQuorumEthTransactionTest.java
@@ -44,7 +44,7 @@ public void setup() {
     params.receiver("0xd46e8dd67c5d32be8058bb8eb970870f07244567");
     params.gas("0x76c0");
     params.gasPrice("0x9184e72a000");
-    params.nonce("0x07");
+    params.nonce("0x7");
     params.value("0x0");
     params.data(
         "0xd46e8dd67c5d32be8d46e8dd67c5d32be8058bb8eb970870f072445675058bb8eb970870f072445675");

diff --git a/gradle.properties b/gradle.properties
@@ -1,4 +1,4 @@
-besuVersion=22.7.2
+besuVersion=22.10.3
 besuDistroUrl=https://hyperledger.jfrog.io/artifactory/besu-binaries/besu/${besuVersion}/besu-${besuVersion}.tar.gz
 hashicorpVaultVersion=1.9.2
 hashicorpVaultUrl=https://releases.hashicorp.com/vault

diff --git a/gradle/license-report-config/allowed-licenses.json b/gradle/license-report-config/allowed-licenses.json
@@ -73,6 +73,9 @@
     {
       "moduleName": "org.reactivestreams:reactive-streams",
       "moduleLicense": "MIT-0"
+    },
+    {
+      "moduleName": "com.squareup.okio:okio"
     }
   ],
   "overrideLicenses": [
@@ -131,6 +134,10 @@
     {
       "moduleName": "org.java-websocket:Java-WebSocket",
       "moduleLicense": "MIT License"
+    },
+    {
+      "moduleName": "com.squareup.okio:okio",
+      "moduleLicense": "Apache License, Version 2.0"
     }
   ]
 }
diff --git a/gradle/versions.gradle b/gradle/versions.gradle
@@ -22,7 +22,7 @@ dependencyManagement {
 
     dependency 'com.google.guava:guava:31.1-jre'
 
-    dependency 'com.squareup.okhttp3:okhttp:4.9.3'
+    dependency 'com.squareup.okhttp3:okhttp:4.10.0'
 
     dependency 'commons-io:commons-io:2.11.0'
 
@@ -40,7 +40,7 @@ dependencyManagement {
 
     dependency 'javax.activation:activation:1.1.1'
 
-    dependencySet(group: 'org.apache.logging.log4j', version: '2.17.2') {
+    dependencySet(group: 'org.apache.logging.log4j', version: '2.19.0') {
       entry 'log4j-api'
       entry 'log4j-core'
       entry 'log4j-slf4j-impl'
@@ -74,15 +74,15 @@ dependencyManagement {
       entry 'mockito-junit-jupiter'
     }
 
-    dependencySet(group: 'org.web3j', version: '4.9.1') {
+    dependencySet(group: 'org.web3j', version: '4.9.4') {
       entry 'besu'
       entry ('core') {
         exclude group: 'com.github.jnr', name: 'jnr-unixsocket'
       }
       entry 'crypto'
     }
 
-    dependencySet(group: 'tech.pegasys.signers.internal', version: '2.2.2') {
+    dependencySet(group: 'tech.pegasys.signers.internal', version: '2.2.4') {
       entry 'keystorage-hashicorp'
       entry 'signing-secp256k1-api'
       entry 'signing-secp256k1-impl'
@@ -95,7 +95,7 @@ dependencyManagement {
 
     // explicit declaring to override transitive dependencies with vulnerabilities
     dependency 'com.fasterxml.jackson.core:jackson-databind:2.14.0'
-    dependencySet(group: 'com.google.protobuf', version: '3.21.9') {
+    dependencySet(group: 'com.google.protobuf', version: '3.21.12') {
       /*
         com.google.protobuf:protobuf-java:3.11.4 -> 3.21.9 // CVE-2022-3509
         \--- io.jaegertracing:jaeger-proto:0.7.0
@@ -134,7 +134,7 @@ dependencyManagement {
           +--- com.azure:azure-security-keyvault-keys:4.3.8
             |    +--- tech.pegasys.signers.internal:signing-secp256k1-impl:2.2.2
     */
-    dependency 'io.projectreactor.netty:reactor-netty-http:1.0.24'
+    dependency 'io.projectreactor.netty:reactor-netty-http:1.0.26'
 
     // manual overriding of commons-net to avoid CVE-2021-37533
     /* commons-net:commons-net:3.8.0

diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,5 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.3-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.6-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists