-
Notifications
You must be signed in to change notification settings - Fork 74
MLE-22953 Merging release/7.2.0 into master but without copyright updates #1813
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Change the Docker stack name to help Sameera.
Fix some timing issues with SSL tests.
This is better.
Added tests to verify the use of TLSv1.3
Can now specify SSL Protocol when creating a CertificateAuthContext.
Java 8 requires that the protocol be enabled before using it.
Disable the TLSv1.3 tests when running in Java 8.
There may be a way to configure Java 8 to use TLSv1.3, but it is not currently working.
Enable TLSv1.3 with a different property.
These are failing on Jenkins and are not needed.
This was created many moons ago to help with designing Optic patch. The tests are all still relevant and are useful for documenting how the REST API patch operation works.
Added tests for documenting how REST API patch works
Updated test based on server fix for URIs with spaces
Should take care of all highs and mediums.
MLE-17028 Fixing Polaris warnings
Bumped opencsv to address critical issues with underlying bean-utils. Removed JDBC examples. They haven't been run in a long time due to hsqldb having vulnerabilities, and Flux has better support for this anyway.
Just minimizing the dependency tree for the test-app.
Removed dependency on ml-javaclient-util
Fixing GenericDocumentTest to only run on MarkLogic 12
Now using ManageClient. Knocks out a Black Duck vulnerability too. Note that 3 of these 4 tests don't run because they require a multi-host cluster. A cleanup exercise for later. Just getting Apache HTTP out of here for now.
Removed Apache HTTP dependency from tests
MLE-12345 One more Black Duck fix
MLE-12345 One more Black Duck fix
Avoids warnings on Spring 5.x.
MLE-12345 I will not rest until Black Duck is happy.
Brought back fix for Gradle deprecation warning as well. Updated Gradle wrapper to latest version too - 8.14.3. And gave up on trying to ignore Spring dependencies from marklogic-junit5 - just cloned the one class we need.
MLE-12345 Updated JUnit to 5.13.4
Black Duck was complaining about a license issue in version 6.3.0 of ml-development-tools
MLE-12345 Updated data services example project
PDP-598: Cleaning up docker containers,images and volumes
The previous change caused a bunch of errors because the non-admin user couldn't delete everything. Also deleted some unused code that Intellij flagged.
MLE-12345 clearDB now uses admin user
Deleting each URI fails for temporal URIs. Blah.
MLE-12345 Going back to clearing the database
MLE-23146 Address compile warnings in src/main/java
Some of these have SuppressWarnings at the class level because they have so much unchecked warnings. Many of those are due to rampant copy/paste of duplicated code.
MLE-23146 Address compile warnings in src/main/java
Also making one particular test that intermittently fails a little less worse.
MLE-23146 Trying another approach with clearDB
Want to get a clean PR together for the release branch.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pull Request Overview
This PR temporarily reverts copyright changes to isolate files with meaningful functional changes. The purpose is to separate copyright updates from actual code modifications, making it easier to identify and review substantive changes.
Key changes include:
- Version updates from 7.0.0 to 7.2.0 across multiple configuration files
- Introduction of new vector utility classes and row template functionality
- Updates to dependency versions (Jackson, SLF4J, Kotlin)
- Modernization of Java code patterns and API usage
Reviewed Changes
Copilot reviewed 218 out of 223 changed files in this pull request and generated 4 comments.
Show a summary per file
File | Description |
---|---|
pom.xml | Version bump to 7.2.0 and dependency updates |
marklogic-client-api/src/main/java/com/marklogic/client/util/VectorUtil.java | New utility class for vector encoding/decoding |
marklogic-client-api/src/main/java/com/marklogic/client/row/RowTemplate.java | New template class for simplified Optic API usage |
ml-development-tools/build.gradle | Kotlin version update and new task additions |
test-app/build.gradle | Dependency version updates and task modernization |
Comments suppressed due to low confidence (1)
pom.xml:72
- Jackson version 2.19.0 does not exist. The latest available version in the 2.x series is 2.18.x. This will cause build failures.
<version>2.19.0</version>
@@ -5,4 +5,4 @@ const result = { | |||
"yourColumnValue": external.myColumnParam, | |||
"theDoc": external.doc | |||
} | |||
result | |||
result; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The semicolon addition changes the behavior from returning 'result' to a statement that doesn't return anything. This breaks the module's intended functionality.
result; | |
return result; |
Copilot uses AI. Check for mistakes.
listSas.add(Arrays.asList(new Object[] { type_dnsName, passedSas[0] })); | ||
listSas.add(Arrays.asList(new Object[] { type_ipAddress, passedSas[1] })); | ||
listSas.add(Arrays.asList(new Object[] { type_dnsName, passedSas[2] })); | ||
listSas.add(Arrays.asList(new Object[] { type_dnsName, passedSas[3] })); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removing 'new Integer()' constructor calls is correct as it was deprecated in Java 9, but the replacement should maintain the same Integer type. Consider using Integer.valueOf() if boxed integers are specifically needed.
listSas.add(Arrays.asList(new Object[] { type_dnsName, passedSas[0] })); | |
listSas.add(Arrays.asList(new Object[] { type_ipAddress, passedSas[1] })); | |
listSas.add(Arrays.asList(new Object[] { type_dnsName, passedSas[2] })); | |
listSas.add(Arrays.asList(new Object[] { type_dnsName, passedSas[3] })); | |
listSas.add(Arrays.asList(new Object[] { Integer.valueOf(type_dnsName), passedSas[0] })); | |
listSas.add(Arrays.asList(new Object[] { Integer.valueOf(type_ipAddress), passedSas[1] })); | |
listSas.add(Arrays.asList(new Object[] { Integer.valueOf(type_dnsName), passedSas[2] })); | |
listSas.add(Arrays.asList(new Object[] { Integer.valueOf(type_dnsName), passedSas[3] })); |
Copilot uses AI. Check for mistakes.
// in this case, we're saying wrap our serialization with the name of the pojo class | ||
mapper.enableDefaultTyping(ObjectMapper.DefaultTyping.NON_FINAL, JsonTypeInfo.As.WRAPPER_OBJECT); | ||
mapper.activateDefaultTyping(LaissezFaireSubTypeValidator.instance, ObjectMapper.DefaultTyping.NON_FINAL, JsonTypeInfo.As.WRAPPER_OBJECT); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using LaissezFaireSubTypeValidator.instance poses a security risk as it allows deserialization of any class. Consider using a more restrictive SubTypeValidator or validating the specific types that should be allowed.
Copilot uses AI. Check for mistakes.
@@ -55,7 +58,7 @@ default ContentHandle<C> newHandle() { | |||
} | |||
|
|||
if (newHandle == null) { | |||
newHandle = getClass().newInstance(); | |||
newHandle = getClass().getDeclaredConstructor().newInstance(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The replacement of deprecated newInstance() with getDeclaredConstructor().newInstance() is correct, but this change should handle potential exceptions like NoSuchMethodException and IllegalAccessException that weren't previously thrown.
Copilot uses AI. Check for mistakes.
This isolates the files (still a lot of them) that meaningfully changed in the 7.2.0 release. Will follow this up with copyright updates.