[bisq-network/bisq] Upgrade to Gradle 7.3 (PR #5824)

[chimp1984]

Where is `io.opencensus` (https://github.com/census-instrumentation) and `io.perfmark` (https://github.com/perfmark/perfmark) used? 
I did not find a reference in the source code, so I guess its a transient dependency from some lib (spring?) and should be excluded.

I think we should exclude the price node to an independent project as it has very little Bisq dependency which either could be added as gradle dependency there or just refactored away (I think it was just some utils for currency lists).
That way we would get rid of the spring framework dependencies and probably speed up the build (at least runing price node tests is slow due the real requests).

@ripcurlx Have you tested that update for building the binaries? 
Which java version is now required? Does it work already with Java 16? I guess binary build still does not work with that, right? So Java 11 -15 is likely the required version, right?


> `com.google.protobuf:protobuf-gradle-plugin`: 0.8.10 > 0.8.17
> `org.springframework.boot:spring-boot-gradle-plugin`: 1.5.10 > 2.5.6
> `grpcVersion`: 1.25.0 > 1.42.1
> `lombokVersion`: 1.18.12 > 1.18.22
> `mockitoVersion`: 3.5.15 > 4.0.0
> `protobufVersion`: 3.10.0 > 3.19.1

Is the grpcVersion, lombokVersion and protobufVersion required?
I prefer to be conservative as long not absolutely needed of if they fix a know bug we encounter. Supply chain attack is a real threat so better to minimize that surface. I doubt that a Google lib has big risks to become victim of that, but a lib like `lombok` has likely less security critical eyes on it.



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/pull/5824#issuecomment-970178637
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20211116/b552d81d/attachment.htm>