Skip to main content

Old Dependencies Problem with JHipster

I've started working on a local project with JHipster, and as I generated the project, I noticed that the log output gave me many warnings like this:

WARN deprecated swagger-ui@2.2.10: No longer maintained, please upgrade to swagger-ui@3

Swagger itself is just another tool that lets us more easily access and describe REST APIs while testing, and it is not really meant for production use.  No big deal in and of itself.  The bigger deal is that it seems like even though I am using the latest version of JHipster, the dependencies being consumed by that version themselves are already going out of date.  I haven't dug into the documentation on JHipster yet to see whether there are issues or concerns about manually updating these dependencies myself -- examples might include dependency version requirements, dependency conflicts, etc.  Still, I pause a bit with this as a production tool because unlike a standard library, JHipster is more of a generator and bootstrapper/dependency-manager itself, and I would hope that it would keep track of dependencies it generates for me.  Perhaps given the massive number of tools and potential dependencies out there, this is asking too much.

In related news, I also notice after designing my data model in JDL (super fun!), when I try to import my new project into intelliJ and let it generate the project layout from the gradle build file, gradle fails with the following message:

assert['java.specification.version'] == '1.8'
              |         |                                                                  |
              |         10                                                              false

Unfortunately, this means I am bound to java 8 with this tool in some fashion (maybe just for gradle and not my actual application?), and I may not be able to use reactive streams and other cool features that show up in later JDK releases.

I am going to press forward with the tool for now to explore what it can do, and I'll see about updating dependencies and allowed JDK versions later.


Popular posts from this blog

JHipster, Liquibase, MySQL, and initializing data, including booleans!

When generating a data model from JHipster JDL, we will often declare entities with Boolean fields.  I have so far abandoned H2 as a database because of liquibase issues, and both my dev and production databases will be MySQL.  This is relevant to the Boolean field desire there is a long history in software development of how to store Boolean data types in a SQL database whose standards classically do not support Boolean. In the current JHipster/Liquibase incarnation, tables in MySQL are generated for us, which is really nice.  The Boolean data types are stored as BIT  (1).  This is not a problem so far -- most developers seem to agree now that as a best practice, we should store values in databases as false = 0 and true = 1, and a BIT(1) is a great, simple way to do that. An issue arises when we try to use liquibase to set/update our database to the desired starting state.  For my project, I've chosen gradle instead of maven as a build tool, and gradle has a plugin for liquiba

Spring Security - Authority vs Role

I have spent a lot of time recently trying to understand the difference between Authority and Role in Spring Security.  This is a brief review of what I found. When creating a UserDetailsService or overriding configure(AuthenticationManagerBuilder auth) in the security config class that extends WebSecurityConfigurerAdapter, I basically get complete control over what I populate inside of the UserDetails that is used/returned.  This is important because the UserDetails interface really only cares about how to return one thing: Collection<? extends GrantedAuthority> getAuthorities(); A GrantedAuthority just seems like a glorified String wrapper that names some thing.  The question is... what is that thing? This is where the subtle difference between Authority and Role comes into play. I think that Role is an older thought/construct that automatically gets plugged into Authority if we just create a user with a Role.  But completely forget about the code and classes for a mi

Gmail internal application, Two-Legged OAuth2, Server to Server authentication, and Google API versions

I am working on a little tool at home in my free time to put some skills into practice.  The general idea (nothing novel) is this: I have some financial alerts sent to a new email address I have spun up on my domain.  I am creating an AWS Lambda that will wake up on an hourly schedule, read those emails, and publish SNS messages with parsed financial transaction information.  I then will have an SQS queue listen to the SNS message topic that is consumed by a Step Function.  The Step Function will: store the financial transaction information into a database send an SMS to me if the transaction is above a certain threshold. I could later extend this to do some aggregation reporting, etc if I wanted, too.  This will only work for my own financial transactions, and the data being gathered/stored will be sufficiently vague, so I am not really concerned about financial security for this project. The biggest hurdle I have run into so far is connecting to Gmail securely.  I was ab