dependency updates for cve patches (part 3)

[bdoyle0182]

Description

For what's left, I'm overriding transitive dependencies where possible and give a description on the reason for the constraint

Related issue and scope

• [ ] I opened an issue to propose and discuss this change (#????)

My changes affect the following components

• [ ] API
• [ ] Controller
• [ ] Message Bus (e.g., Kafka)
• [ ] Loadbalancer
• [ ] Scheduler
• [ ] Invoker
• [ ] Intrinsic actions (e.g., sequences, conductors)
• [ ] Data stores (e.g., CouchDB)
• [X] Tests
• [ ] Deployment
• [ ] CLI
• [ ] General tooling
• [ ] Documentation

Types of changes

• [ ] Bug fix (generally a non-breaking change which closes an issue).
• [ ] Enhancement or new feature (adds new functionality).
• [ ] Breaking change (a bug fix or enhancement which changes existing behavior).

Checklist:

• [X] I signed an Apache CLA.
• [X] I reviewed the style guides and followed the recommendations (Travis CI will check :).
• [ ] I added tests to cover my changes.
• [ ] My changes require further changes to the documentation.
• [ ] I updated the documentation where necessary.

[codecov-commenter]

Codecov Report

Merging #5383 (95e6e5b) into master (f0e281e) will decrease coverage by 0.05%. The diff coverage is n/a.

:exclamation: Current head 95e6e5b differs from pull request most recent head 2bad0e7. Consider uploading reports for the commit 2bad0e7 to get more accurate results

@@            Coverage Diff             @@
##           master    #5383      +/-   ##
==========================================
- Coverage   76.50%   76.45%   -0.05%     
==========================================
  Files         240      240              
  Lines       14569    14569              
  Branches      647      647              
==========================================
- Hits        11146    11139       -7     
- Misses       3423     3430       +7     

Impacted Files	Coverage Δ
...rg/apache/openwhisk/common/ForcibleSemaphore.scala	88.46% <0.00%> (-3.85%)	:arrow_down:
.../openwhisk/core/loadBalancer/FPCPoolBalancer.scala	33.08% <0.00%> (-1.13%)	:arrow_down:
...e/openwhisk/core/scheduler/queue/MemoryQueue.scala	81.35% <0.00%> (-0.76%)	:arrow_down:
.../org/apache/openwhisk/common/NestedSemaphore.scala	87.87% <0.00%> (+3.03%)	:arrow_up:

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

[dgrove-oss]

No good deed goes unpunished...

The downstream runtime builds are now all failing with:

Execution failed for task ':tests:compileTestScala'.
[36](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:37)
> Could not resolve all files for configuration ':tests:testCompileClasspath'.
[37](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:38)
   > Could not find com.microsoft.azure:azure-cosmosdb:.
[38](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:39)
     Required by:
[39](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:40)
         project :tests > org.apache.openwhisk:openwhisk-common:1.0.1-SNAPSHOT
[40](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:41)
   > Could not find com.sksamuel.elastic4s:elastic4s-http_2.12:.
[41](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:42)
     Required by:
[42](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:43)
         project :tests > org.apache.openwhisk:openwhisk-common:1.0.1-SNAPSHOT
[43](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:44)
   > Could not find org.mongodb.scala:mongo-scala-driver_2.12:.
[44](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:45)
     Required by:
[45](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:46)
         project :tests > org.apache.openwhisk:openwhisk-common:1.0.1-SNAPSHOT
[46](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:47)

[bdoyle0182]

No good deed goes unpunished...

The downstream runtime builds are now all failing with:

Execution failed for task ':tests:compileTestScala'.
[36](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:37)
> Could not resolve all files for configuration ':tests:testCompileClasspath'.
[37](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:38)
   > Could not find com.microsoft.azure:azure-cosmosdb:.
[38](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:39)
     Required by:
[39](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:40)
         project :tests > org.apache.openwhisk:openwhisk-common:1.0.1-SNAPSHOT
[40](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:41)
   > Could not find com.sksamuel.elastic4s:elastic4s-http_2.12:.
[41](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:42)
     Required by:
[42](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:43)
         project :tests > org.apache.openwhisk:openwhisk-common:1.0.1-SNAPSHOT
[43](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:44)
   > Could not find org.mongodb.scala:mongo-scala-driver_2.12:.
[44](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:45)
     Required by:
[45](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:46)
         project :tests > org.apache.openwhisk:openwhisk-common:1.0.1-SNAPSHOT
[46](https://github.com/apache/openwhisk-runtime-rust/actions/runs/4258622845/jobs/7410050426#step:9:47)

not sure what's going on there since it seems like it's able to compile the core project in the previous task before this step. It seems like it's looking to load the dependency without any version? maybe a discrepancy in gradle version it doesn't know how to handle the constraints type properly for that compile classpath task? we can try this and if it doesn't work then we can just revert for now. https://github.com/apache/openwhisk/pull/5384