Proposing a sprint to Upgrade Libraries for Platform 2.3 Release

Development
1

Continuing the disscusion From Release process - Platform 2.3 ,The Remaining Key feature to work on for the platform 2.3 Release is Upgrading our Core Libraries. see Technical Road map. This would require some amount of work to be done and we would require to mobilize communuty Resources.

  • First we would need to have a discussion to conclude on which key Libraries would Require upgrading as far as the platform release 2.3 is concerned.

  • We propsed to have a sprint to have this work done as soon as posible as All works should be completed at the latest 24th May 2019.

@ruhanga manualy genarated a google doc that contains some libraries that need upgrade

and Am also going to share An auto generated maven report of all the libraries that may need upgrading.

cc @dkayiwa @k.joseph @burke @mogoodrich @darius @cintiadr @c.antwi

1 Like
2

@mozzy @ruhanga well done here

1 Like
3

thanks @mozzy for the updates and will be waiting for the report

1 Like
4

here is the detailed maven Report with detailed info on dependencies that need upgrade

2 Likes
5

Thanks @mozzy for putting this together . Could we choose from the doodle which time would suit us best?

1 Like
6

yes thats true. though for today we got a low response here.

do you mean to meet at UberConference?

7

I would suggest let the other first choose , i can adjust my program probably for any time that will be chosen.

8

Could we also investigate what it would take to add support for versions of Java above 1.8 and also versions of MySQL above 5.7? These are some of the most reported problems on talk.

2 Likes
9

Hey Everyone

So we will be meeting on Wednesday 12-1pm UTC on https://www.uberconference.com/openmrs

The calendar reflects the same.

Thanks

1 Like
10

i agree with that time

11

Hi every one,

From the meeting we had today, this was the resolution towards upgrading libraries whose changes will be included in platform 2.3.0 . Already there exist libraries being upgraded as can be seen from the the project management page, this includes Apache velocity engine and Liquibase libraries.

Basing on the available time, most commonly used packages and the ease for backward compatibility, having the the following two packages upgraded was preferred for this release.

  • JDK/OpenJDK…8 to 11 or 12
  • MySQL…5.7 to 8.0

Looking at what it takes to upgrade the above and the following packages, we need more time and developer resources… This may stretch into the next release.

  1. ca.uhn.hapi:hapi-base … 2.0 -> 2.3

  2. ca.uhn.hapi:hapi-structures-v23 … 2.0 -> 2.3

  3. ca.uhn.hapi:hapi-structures-v24 … 2.0 -> 2.3

  4. ca.uhn.hapi:hapi-structures-v25 … 2.0 -> 2.3

  5. ca.uhn.hapi:hapi-structures-v26 … 2.0 -> 2.3

  6. com.fasterxml.jackson.core:jackson-annotations … 2.9.0 -> 2.9.8

  7. com.fasterxml.jackson.core:jackson-core … 2.9.0 -> 2.9.8

  8. com.fasterxml.jackson.core:jackson-databind … 2.9.0 -> 2.9.8

  9. com.h2database:h2 … 1.4.197 -> 1.4.199

  10. com.thoughtworks.xstream:xstream … 1.4.3 -> 1.4.11.1

  11. commons-collections:commons-collections … 3.2.2 -> 20040616

  12. commons-fileupload:commons-fileupload … 1.3.3 -> 1.4

  13. commons-io:commons-io … 2.5 -> 2.6

  14. commons-validator:commons-validator … 1.4.0 -> 1.6

  15. dom4j:dom4j … 1.6.1 -> 20040902.021138

  16. javax.mail:mail … 1.4.1 -> 1.5.0-b01

  17. javax.servlet:javax.servlet-api … 3.0.1 -> 4.0.1

  18. javax.servlet:jsp-api … 2.0 -> 2.0.public_draft

  19. javax.servlet:jstl … 1.1.2 -> 1.2

  20. javax.validation:validation-api … 1.0.0.GA -> 2.0.1.Final

  21. junit:junit … 4.12 -> 4.13-beta-3

  22. log4j:log4j … 1.2.15 -> 1.2.17-atlassian-1

  23. net.sf.ehcache:ehcache … 2.10.0 -> 2.10.6

  24. org.apache.commons:commons-lang3 … 3.6 -> 3.9

  25. org.apache.lucene:lucene-queries … 4.10.4 -> 8.0.0

  26. org.apache.lucene:lucene-queryparser … 4.10.4 -> 8.0.0

  27. org.apache.velocity:velocity … 1.6.2 -> 1.7

  28. org.azeckoski:reflectutils … 0.9.14 -> 0.9.20

  29. org.codehaus.jackson:jackson-core-asl … 1.9.13 -> 1.9.13-atlassian-2

  30. org.codehaus.jackson:jackson-mapper-asl … 1.9.13 -> 1.9.13-atlassian-2

  31. org.codehaus.sonar-plugins.java:sonar-jacoco-listeners … 3.1 -> 3.2

  32. org.dbunit:dbunit … 2.5.4 -> 2.6.0

  33. org.hamcrest:hamcrest-core … 1.3 -> 2.1

  34. org.hamcrest:hamcrest-library … 1.3 -> 2.1

  35. org.hibernate:hibernate-c3p0 … 4.3.9.Final -> 6.0.0.Alpha2

  36. org.hibernate:hibernate-core … 4.3.9.Final -> 6.0.0.Alpha2

  37. org.hibernate:hibernate-ehcache … 4.3.9.Final -> 5.4.2.Final

  38. org.hibernate:hibernate-search-orm … 5.1.2.Final -> 5.11.1.Final

  39. org.hibernate:hibernate-validator … 4.2.0.Final -> 6.1.0.Alpha4

  40. org.javassist:javassist … 3.22.0-GA -> 3.25.0-GA

  41. org.liquibase:liquibase-core … 2.0.5 -> 3.6.3

  42. org.mockito:mockito-core … 1.10.19 -> 2.27.0

  43. org.powermock:powermock-api-mockito … 1.6.6 -> 1.7.4

  44. org.powermock:powermock-module-junit4 … 1.6.6 -> 2.0.2

  45. org.slf4j:jcl-over-slf4j … 1.6.0 -> 1.8.0-beta4

  46. org.slf4j:slf4j-api … 1.6.0 -> 1.8.0-beta4

  47. org.slf4j:slf4j-log4j12 … 1.6.0 -> 1.8.0-beta4

  48. org.springframework:spring-aop … 4.1.4.RELEASE -> 5.1.6.RELEASE

  49. org.springframework:spring-beans … 4.1.4.RELEASE -> 5.1.6.RELEASE

  50. org.springframework:spring-context … 4.1.4.RELEASE -> 5.1.6.RELEASE

  51. org.springframework:spring-context-support …4.1.4.RELEASE -> 5.1.6.RELEASE

  52. org.springframework:spring-core … 4.1.4.RELEASE -> 5.1.6.RELEASE

  53. org.springframework:spring-jdbc … 4.1.4.RELEASE -> 5.1.6.RELEASE

  54. org.springframework:spring-orm … 4.1.4.RELEASE -> 5.1.6.RELEASE

  55. org.springframework:spring-oxm … 4.1.4.RELEASE -> 5.1.6.RELEASE

  56. org.springframework:spring-test … 4.1.4.RELEASE -> 5.1.6.RELEASE

  57. org.springframework:spring-tx … 4.1.4.RELEASE -> 5.1.6.RELEASE

  58. org.springframework:spring-web … 4.1.4.RELEASE -> 5.1.6.RELEASE

  59. org.springframework:spring-webmvc … 4.1.4.RELEASE -> 5.1.6.RELEASE

  60. postgresql:postgresql …9.0-801.jdbc4 -> 9.4.1208-jdbc42-atlassian-hosted

  61. xerces:xercesImpl … 2.8.0 -> 2.12.0

The release team is inviting community devs to contribute towards this cause. We would like the @dev5, and @dev4 to help guide the rest of the devs through the this upgrade process. They would be required to assist in breaking up the upgrading tasks into manageable and curated tickets and also approve them as well.

cc @burke, @mseaton, @dkayiwa, @mksd, @mogoodrich, @darius, @raff, @ssmusoke, @k.joseph, @wyclif, @ningosi,

Kind regards

Nathan

3 Likes
12

thanks @ruhanga for the work

1 Like
13

@mozzy have you come up with a backlog from the demands of the Tech Roadmap for the sprint ?

1 Like
14

@tendomart can you exactly enlighten on that . otherwise you guidance is highly welcome

15

Creating tickets for each of these can be done by any dev stage. Higher dev stages can look at the created tickets and provide more information where necessary. You could give these tickets the same label to identify them easily.

2 Likes
16

@mozzy I think @dkayiwa 's link above is the best place to start. Hope it was of help. By the way is the Sprint board ready ?

2 Likes
17

Could we also be clear on what we are asking the dev4 and 5 to do with regard to each of the libraries?

2 Likes
18

well ,i have created the board with a sprint, but i still wait to be granted privileges to start the sprint. thanks @tendomart

19

Oh yes, as @dkayiwa said above, we shall create the tickets and for some libraries that will cause significant code refactoring like spring and hibernate, the core devs will help us provide more information and guidance on the tickets

20

I think it would help to break the dependencies into these categories:

  • Low hanging fruit (e.g., maintenance upgrades)
    • Hopefully we could get as many of these ticketed & done for this Platform release. Any remaining could be slated for the next release.
  • Security vulnerabilities
    • Discovering these will take extra work to review release notes for each dependency. Security updates should be prioritized by the community.
  • The “big” ones (e.g., Hibernate, Spring, MySQL)
    • Simply just starting a conversation for each on where we stand and to begin planning what it would take to upgrade would be helpful. I don’t expect we could get these upgraded for this release, but it would be nice to start planning as a community on a strategy to get them upgraded.
  • Everything else
    • Simply having a list (as you’ve started) and trying to iterate on process(es) to revisit them and start ticketing them and knocking them out would be great. Getting anything beyond the low hanging fruit into this release would be great, but not expected. But since we’re talking about dependencies, it would be nice to move the needle forward and begin creating tickets or thinking about how we could get these updated more regularly in future releases.
3 Likes