From 05ca23f7b0a6a020367aafe6462ea58c39579d0d Mon Sep 17 00:00:00 2001
From: SheetalAtre <sheetal.atre@opsmx.io>
Date: Thu, 14 Sep 2023 17:22:17 +0530
Subject: [PATCH 1/3] fix(build.gradle): update to fix some cve in 13sep23
 report

---
 build.gradle | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/build.gradle b/build.gradle
index 7fcdd7945..36b33cf8a 100644
--- a/build.gradle
+++ b/build.gradle
@@ -116,6 +116,8 @@ subprojects { project ->
       api "com.squareup.okhttp:okhttp-urlconnection:2.7.5"
       api "com.squareup.okhttp:okhttp-apache:2.7.5"
       api "org.jsoup:jsoup:1.15.3" //CVE-2022-36033:jinjava-2.6.0 > jsoup-1.14.2
+      implementation "org.apache.ivy:ivy:2.5.2"
+      implementation "com.google.guava:guava:32.1.1-jre"
 
 
       testImplementation "org.springframework.boot:spring-boot-starter-test"
@@ -123,9 +125,12 @@ subprojects { project ->
       testImplementation "org.spockframework:spock-spring"
       testImplementation "org.springframework:spring-test"
       testImplementation "org.hamcrest:hamcrest-core"
+      testImplementation "com.google.guava:guava:32.1.1-jre"
+
       //testImplementation "org.apache.groovy:groovy-all"
       testRuntimeOnly "cglib:cglib-nodep"
       testRuntimeOnly "org.objenesis:objenesis"
+
     }
   }
 

From 5082f6aa9587e5f1707b75300adb044f72ce5596 Mon Sep 17 00:00:00 2001
From: SheetalAtre <sheetal.atre@opsmx.io>
Date: Thu, 14 Sep 2023 18:06:42 +0530
Subject: [PATCH 2/3] fix(kayenta-signalfx): moved from build.gradle to
 kayenta-signalfx.gradle to fix com.google.guava:guava:31.1-jre

---
 build.gradle                             | 2 --
 kayenta-signalfx/kayenta-signalfx.gradle | 2 +-
 2 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/build.gradle b/build.gradle
index 36b33cf8a..51aa8fa7e 100644
--- a/build.gradle
+++ b/build.gradle
@@ -117,7 +117,6 @@ subprojects { project ->
       api "com.squareup.okhttp:okhttp-apache:2.7.5"
       api "org.jsoup:jsoup:1.15.3" //CVE-2022-36033:jinjava-2.6.0 > jsoup-1.14.2
       implementation "org.apache.ivy:ivy:2.5.2"
-      implementation "com.google.guava:guava:32.1.1-jre"
 
 
       testImplementation "org.springframework.boot:spring-boot-starter-test"
@@ -125,7 +124,6 @@ subprojects { project ->
       testImplementation "org.spockframework:spock-spring"
       testImplementation "org.springframework:spring-test"
       testImplementation "org.hamcrest:hamcrest-core"
-      testImplementation "com.google.guava:guava:32.1.1-jre"
 
       //testImplementation "org.apache.groovy:groovy-all"
       testRuntimeOnly "cglib:cglib-nodep"
diff --git a/kayenta-signalfx/kayenta-signalfx.gradle b/kayenta-signalfx/kayenta-signalfx.gradle
index 2622bfa07..180f2a513 100644
--- a/kayenta-signalfx/kayenta-signalfx.gradle
+++ b/kayenta-signalfx/kayenta-signalfx.gradle
@@ -109,7 +109,7 @@ integrationTest {
 dependencies {
   implementation project(":kayenta-core")
 
-  api 'com.signalfx.public:signalfx-java:1.0.31'
+  api 'com.signalfx.public:signalfx-java:1.0.34'
 
   testImplementation 'com.tngtech.java:junit-dataprovider:1.13.1'
   testImplementation project(":kayenta-standalone-canary-analysis")

From 6d89391c5411afae186f4317bef594f85a0a9fcd Mon Sep 17 00:00:00 2001
From: SheetalAtre <sheetal.atre@opsmx.io>
Date: Thu, 14 Sep 2023 18:08:26 +0530
Subject: [PATCH 3/3] fix(kayenta-standalone-canary-analysis): fix compilation
 error

---
 .../orca/stage/SetupAndExecuteCanariesStageTest.java       | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/kayenta-standalone-canary-analysis/src/test/java/com/netflix/kayenta/standalonecanaryanalysis/orca/stage/SetupAndExecuteCanariesStageTest.java b/kayenta-standalone-canary-analysis/src/test/java/com/netflix/kayenta/standalonecanaryanalysis/orca/stage/SetupAndExecuteCanariesStageTest.java
index b51282d34..b036aa960 100644
--- a/kayenta-standalone-canary-analysis/src/test/java/com/netflix/kayenta/standalonecanaryanalysis/orca/stage/SetupAndExecuteCanariesStageTest.java
+++ b/kayenta-standalone-canary-analysis/src/test/java/com/netflix/kayenta/standalonecanaryanalysis/orca/stage/SetupAndExecuteCanariesStageTest.java
@@ -28,6 +28,7 @@
 import java.time.Duration;
 import java.time.Instant;
 import java.time.temporal.ChronoUnit;
+import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.mockito.Mock;
@@ -77,11 +78,13 @@ public void test_that_calculateLifetime_uses_supplied_start_and_end_time_if_prov
     assertEquals("The duration should be 5 minutes", expected, actual);
   }
 
-  @Test(expected = IllegalArgumentException.class)
+  @Test
   public void
       test_that_calculateLifetime_throws_an_error_if_lifetime_and_start_and_endtime_not_provided() {
     Instant now = Instant.now();
-    stage.calculateLifetime(now, null, CanaryAnalysisExecutionRequest.builder().build());
+    Assertions.assertThrows(
+        IllegalArgumentException.class,
+        () -> stage.calculateLifetime(now, null, CanaryAnalysisExecutionRequest.builder().build()));
   }
 
   @Test