for quite some time I wanted to go through all openmrs-core dependencies and update them as a lot of them are outdated/vulnerable. I now visualized our dependencies and their state in the openmrs-core readme using http://versioneye.com/ and a badge that leads you to a dashboard.
Seeing this more clearly might help in finding volunteers to step up and update some of them.
I created the OpenMRS organization on versioneye.com, we are using the free plan. Which allows us to add 4 public repositories. I asked their support if there is a way to get more repositories if the repos are open source and coming from a non-profit. Will get back to you once I have an answer.
If anyone has some more ideas on how we could improve our dependency management please tell us or if you just want to team up with me on updating some dependencies just say so there are already a few tickets on jira about updating some dependencies so you can also look for them there.
@televio ,this is timely ,i’ve actually come across and had several blockers on some tickets due to outdated dependencies,and created tickets out of them…But that causes a really perpetual chain of problems also…
I think we should investigate all dependencies. Can they be removed since java 8 has added some features (like Base64 encoding which we did using xerces), or because we moved the UI into its legacy module some things might still be floating around which we dont need.
I am testing a JSON almost-REST resource. However because this is not a proper REST resource as in REST WS (=it does not extend DataDelegatingCrudResource<?>), I could not directly leverage the test framework shipped with REST WS and I had to do this:
Which is fine except that I needed Spring’s AnnotationMethodHandlerAdapter and DefaultAnnotationHandlerMapping that are both being deprecated in Spring 3.0.x.