Feature/lrangine master (#6)

* Snyk scan vulnerability fixes.

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* Reverting the grpc version so hoping that it will fix the java integration tests.

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* Upgrading the grpc version as it didn't fix the problem

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* adding grpc-api libraries as dependency to solve some of the class not found exceptions with the grpc upgrades.

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>
Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* [Snyk] Fix for 2 vulnerabilities (#3)

* chore: Update quickstart.md

* fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898
- https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
- https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044
- https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
- https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047

* fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* fix: java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* Updating the requirements files.

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* Updating the requirements files.

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* Changing the python httpx package to 0.27.2 because after 0.28.0 version is giving errors related to proxies which is removed.

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* [Snyk] Security upgrade io.grpc:grpc-services from 1.53.0 to 1.63.0 (#4)

* chore: Update quickstart.md

* fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898
- https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
- https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044
- https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
- https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047

* fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* fix: java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>
---------

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>
Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* [Snyk] Fix for 1 vulnerabilities (#5)

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* chore: Update quickstart.md

* fix: java/serving/pom.xml & java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-2807808
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055227
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-8055228
- https://snyk.io/vuln/SNYK-JAVA-ORGYAML-3152153
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3167772
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETHRIFT-1074898
- https://snyk.io/vuln/SNYK-JAVA-IONETTY-6483812
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLECODEGSON-1730327
- https://snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044
- https://snyk.io/vuln/SNYK-JAVA-IOGRPC-571957
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEPROTOBUF-3040284
- https://snyk.io/vuln/SNYK-JAVA-JUNIT-1017047

* fix: sdk/python/feast/ui/package.json & sdk/python/feast/ui/yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TRIM-1017038

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* fix: java/pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEGUAVA-5710356

---------

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>
Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

* trying to fix some vulnerabilities in the requirements.txt files.

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

---------

Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Francisco Arceo <arceofrancisco@gmail.com>
Signed-off-by: lrangine <19699092+lokeshrangineni@users.noreply.github.com>

Author: 3 people

java/datatypes/pom.xml

@@ -118,6 +118,11 @@
             <artifactId>grpc-stub</artifactId>
             <version>${grpc.version}</version>
         </dependency>
+        <dependency>
+            <groupId>io.grpc</groupId>
+            <artifactId>grpc-api</artifactId>
+            <version>${grpc.version}</version> <!-- Use a version compatible with Feast -->
+        </dependency>
         <dependency>
             <groupId>javax.annotation</groupId>
             <artifactId>javax.annotation-api</artifactId>

java/pom.xml

@@ -41,7 +41,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
 
-        <grpc.version>1.53.0</grpc.version>
+        <grpc.version>1.63.0</grpc.version>
         <protoc.version>3.12.2</protoc.version>
         <protobuf.version>3.25.5</protobuf.version>
         <com.google.cloud.version>1.111.1</com.google.cloud.version>
@@ -67,7 +67,7 @@
         <javax.validation.version>2.0.1.Final</javax.validation.version>
         <google.auth.library.oauth2.http.version>0.21.0</google.auth.library.oauth2.http.version>
         <auto.value.version>1.6.6</auto.value.version>
-        <guava.version>30.1-jre</guava.version>
+        <guava.version>32.0.0-jre</guava.version>
         <reactor.version>3.4.34</reactor.version>
         <netty.version>4.1.101.Final</netty.version>
 

java/serving-client/pom.xml

@@ -50,6 +50,11 @@
       <artifactId>grpc-testing</artifactId>
       <version>${grpc.version}</version>
     </dependency>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-api</artifactId>
+      <version>${grpc.version}</version> <!-- Use a version compatible with Feast -->
+    </dependency>
     <dependency>
       <groupId>com.google.protobuf</groupId>
       <artifactId>protobuf-java-util</artifactId>

java/serving/pom.xml

@@ -164,6 +164,11 @@
       <artifactId>grpc-stub</artifactId>
       <version>${grpc.version}</version>
     </dependency>
+    <dependency>
+      <groupId>io.grpc</groupId>
+      <artifactId>grpc-api</artifactId>
+      <version>${grpc.version}</version> <!-- Use a version compatible with Feast -->
+    </dependency>
     <dependency>
       <groupId>io.grpc</groupId>
       <artifactId>grpc-netty-shaded</artifactId>