Skip to content

Latest commit

 

History

History
191 lines (150 loc) · 11.6 KB

CHANGELOG.md

File metadata and controls

191 lines (150 loc) · 11.6 KB

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

For Helidon 1.x releases please see Helidon 1.x CHANGELOG.md

Notes

This is the first milestone release of Helidon 2.0. It contains significant new features, enhancements and fixes. It also contains backward incompatible changes (see section below ). This milestone release is provided for customers that want early access to Helidon 2.0. It should be considered unstable and is not intended for production use. APIs and features might not be fully tested and are subject to change. Documentation is incomplete. Those looking for a stable release should use a 1.4 release.

Notable changes:

  • New Helidon DB Client
  • Preliminary GraalVM native-image support for Helidon MP (in addition to existing support for Helidon SE)
  • Improved discovery and handling of JAX-RS applications
  • Dropped Java 8 support and moved to Java 11 APIs

Improvements

  • Helidon DB Client 657 1329
  • Native image: Helidon MP support 1328 1295 1259
  • Security: Basic auth and OIDC in MP native image 1330
  • Security: JWT and OIDC security providers now support groups claim. 1324
  • Support for Helidon Features 1240
  • Java 11: 1232 1187 1222 1346

Fixes

  • JAX-RS: Better recovery for invalid URLs and content types 1246
  • JAX-RS: Fix synthetic app creation + functional test. 1323
  • Config: replace reflection with service loader 1102
  • Config: now uses common media type module instead of FileTypeDetector. 1332
  • JPA: Permit non-XA DataSources to take part in JTA transactions 1316
  • JPA: Fixes an issue with multiple persistence units 1342
  • JPA: Address several rollback-related issues 1146
  • JPA: Relax requirements on container-managed persistence units which can now be resource-local 1243
  • OpenAPI: Support multiple jandex files on the classpath 1320
  • Security: Fixed issues with IDCS and OIDC provider. 1313
  • Security: Removed support for entity modification from security. 1263
  • Security: Allow usage of exceptions for security in Jersey. 1227
  • Security: Outbound with OIDC provider no longer causes an UnsupportedOperationE… 1226
  • gRPC: Minor changes 1299
  • Quickstart: Fix application jar class-path for SNAPSHOT versioned dependencies 1297
  • Use Helidon service loader. 1334
  • Fix optional files in bare archetypes. (#1250) 1321
  • Make Multi streams compatible with Reactive Streams 1260
  • Remove Valve 1279
  • IDE support: Missing requires of JAX-RS API 1271
  • Metrics: fix unable to find reusable metric with tags 1244
  • Support for lazy values and changed common modules to use it. 1228
  • Upgrade jacoco to version 0.8.5 to avoid jdk11 issue 1281
  • Upgrade tracing libraries 1230
  • Upgrade config libraries 1159
  • Upgrade Netty to 4.1.45 1309
  • Upgrade Google libraries for Google login provider. 1229
  • Upgrade H2, HikariCP, Jedis, OCI SDK versions 1198
  • Upgrade reactor to 3.3.1-RELEASE 1235
  • Upgrade to FT 2.0.2 and Failsafe 2.2.3 1204

Backward incompatible changes

In order to stay current with dependencies, and also refine our APIs we have introduced some backward incompatible changes in this release. Most of the changes are mechanical in nature: changing package names, changing GAV coordinates, etc. Here are the details:

Java Runtime

  • Java 8 support has been dropped. Java 11 or newer is now required.

Common

  • Removed io.helidon.reactive.Flow, please use java.util.concurrent.Flow
  • Removed io.helidon.common.CollectionsHelper, please use factory methods of Set, Map and List
  • Removed io.helidon.common.OptionalHelper, please use methods of java.util.Optional
  • Removed io.helidon.common.StackWalker, please use java.lang.StackWalker
  • Removed io.helidon.common.InputStreamHelper, please use java.io.InputStream methods

Tracing

  • We have upgraded to OpenTracing version 0.33.0 that is not backward compatible, the following breaking changes exist (these are OpenTracing changes, not Helidon changes):
    1. TextMapExtractAdapter and TextMapInjectAdapter are now TextMapAdapter
    2. module name changed from opentracing.api to io.opentracing.api (same for noop and util)
    3. SpanBuilder no longer has startActive method, you need to use Tracer.activateSpan(Span)
    4. ScopeManager.activate(Span, boolean) is replaced by ScopeManager.activate(Span) - second parameter is now always false
    5. Scope ScopeManager.active() is removed - replaced by Span Tracer.activeSpan()
  • If you use the TracerBuilder abstraction in Helidon and have no custom Spans, there is no change required

Config

Meta configuration has been refactored to be done through ServiceLoader services. If you created a custom ConfigSource, PollingStrategy or RetryPolicy, please have a look at the new documentation.

Config now implements MicroProfile config (not explicitly, you can cast between MP Config and Helidon Config). There is a very small behavior change between MP methods and SE methods of config related to system property handling:

The MP TCK require that system properties are fully mutable (e.g. as soon as the property is changed, it
must be used), so MP Config methods work in this manner (with a certain performance overhead).
Helidon Config treats System properties as a mutable config source, with a time based polling strategy. So
the change is reflected as well, though not immediately (this is only relevant if you use change notifications). 

Metrics

Helidon now supports only MicroProfile Metrics 2.x. Modules for Metrics 1.x were removed, and modules for 2.x were renamed from metrics2 to metrics.

Security

  • When OIDC provider is configured to use cookie (default configuration) to carry authentication information, the cookie Same-Site is now set to Lax (used to be Strict). This is to prevent infinite redirects, as browsers would refuse to set the cookie on redirected requests (due to this setting). Only in case the frontend host and identity host match, we leave Strict as the default

Microprofile Bundles

We have removed all versioned MP bundles (i.e. helidon-microprofile-x.x, and introduced unversioned core and full bundles:

  • io.helidon.microprofile.bundles:helidon-microprofile-core - contains only MP Server and Config. Allows you to add only the specifications needed by your application.
  • io.helidon.microprofile.bundles:helidon-microprofile - contains the latest full MicroProfile version implemented by Helidon

You can find more information in this blog post: New Maven bundles

Helidon CDI and MicroProfile Server

  • You cannot start CDI container yourself (this change is required so we can support GraalVM native-image)
    • You can only run a single instance of Server in a JVM
    • If you use SeContainerInitializer you would get an exception
      • this can be worked around by configuration property mp.initializer.allow=true, and warning can be removed using mp.initializer.no-warn=true
      • once SeContainerInitializer is used, you can no longer use MP with native-image
  • You can no longer provide a Context instance, root context is now built-in
  • MpService and MpServiceContext have been removed
    • methods from context have been moved to JaxRsCdiExtension and ServerCdiExtension that can be accessed from CDI extension through BeanManager.getExtension.
    • methods register can be used on current io.helidon.context.Context
    • MpService equivalent is a CDI extension. All Helidon services were refactored to CDI extension (you can use these for reference)
  • Server.cdiContainer is removed, use CDI.current() instead

Startup

New recommended option to start Helidon MP:

  1. Use class io.helidon.microprofile.cdi.Main
  2. Use meta configuration option when advanced configuration of config is required (e.g. meta-config.yaml)
  3. Put logging.properties on the classpath or in the current directory to be automatically picked up to configure Java util logging

io.helidon.microprofile.server.Main is still available, just calls io.helidon.microprofile.cdi.Main and is deprecated. io.helidon.microprofile.server.Server is still available, though the features are much reduced

MicroProfile JWT-Auth

If a JAX-RS application exists that is annotated with @LoginConfig with value MP-JWT, the correct authentication provider is added to security. The startup would fail if the provider is required yet not configured.

Security in MP

If there is no authentication provider configured, authentication will always fail. If there is no authorization provider configured, ABAC provider will be configured. (original behavior - these were configured if there was no provider configured overall)

Other Behavior changes

  • JAX-RS applications now work similar to how they work in application servers
    • if there is an Application subclass that returns anything from getClasses or getSingletons, it is used as is
    • if there is an Application subclass that returns empty sets from these methods, all available resource classes will be part of such an application
    • if there is no Application subclass, a synthetic application will be created with all available resource classes
    • Application subclasses MUST be annotated with @ApplicationScoped, otherwise they are ignored