Proposing a sprint to Upgrade Libraries for Platform 2.3 Release

sprint-announcement
Tags: #<Tag:0x00007f73fc28c0e0>
(Moses Mutesasira) #1

Continuing the disscusion From Release process - Platform 2.3 ,The Remaining Key feature to work on for the platform 2.3 Release is Upgrading our Core Libraries. see Technical Road map. This would require some amount of work to be done and we would require to mobilize communuty Resources.

  • First we would need to have a discussion to conclude on which key Libraries would Require upgrading as far as the platform release 2.3 is concerned.

  • We propsed to have a sprint to have this work done as soon as posible as All works should be completed at the latest 24th May 2019.

@ruhanga manualy genarated a google doc that contains some libraries that need upgrade

and Am also going to share An auto generated maven report of all the libraries that may need upgrading.

cc @dkayiwa @k.joseph @burke @mogoodrich @darius @cintiadr @c.antwi

1 Like
(Herbert Yiga) #2

@mozzy @ruhanga well done here

1 Like
(CLIFF GITA) #3

thanks @mozzy for the updates and will be waiting for the report

1 Like
(Moses Mutesasira) #4

here is the detailed maven Report with detailed info on dependencies that need upgrade

2 Likes
(Cynthia Antwi) #5

Thanks @mozzy for putting this together . Could we choose from the doodle which time would suit us best?

1 Like
(Moses Mutesasira) #6

yes thats true. though for today we got a low response here.

do you mean to meet at UberConference?

(Moses Mutesasira) #7

I would suggest let the other first choose , i can adjust my program probably for any time that will be chosen.

(Daniel Kayiwa) #8

Could we also investigate what it would take to add support for versions of Java above 1.8 and also versions of MySQL above 5.7? These are some of the most reported problems on talk.

2 Likes
(Cynthia Antwi) #9

Hey Everyone

So we will be meeting on Wednesday 12-1pm UTC on https://www.uberconference.com/openmrs

The calendar reflects the same.

Thanks

1 Like
(CLIFF GITA) #10

i agree with that time

(Nathan Ruhanga) #11

Hi every one,

From the meeting we had today, this was the resolution towards upgrading libraries whose changes will be included in platform 2.3.0 . Already there exist libraries being upgraded as can be seen from the the project management page, this includes Apache velocity engine and Liquibase libraries.

Basing on the available time, most commonly used packages and the ease for backward compatibility, having the the following two packages upgraded was preferred for this release.

  • JDK/OpenJDK…8 to 11 or 12
  • MySQL…5.7 to 8.0

Looking at what it takes to upgrade the above and the following packages, we need more time and developer resources… This may stretch into the next release.

  1. ca.uhn.hapi:hapi-base … 2.0 -> 2.3

  2. ca.uhn.hapi:hapi-structures-v23 … 2.0 -> 2.3

  3. ca.uhn.hapi:hapi-structures-v24 … 2.0 -> 2.3

  4. ca.uhn.hapi:hapi-structures-v25 … 2.0 -> 2.3

  5. ca.uhn.hapi:hapi-structures-v26 … 2.0 -> 2.3

  6. com.fasterxml.jackson.core:jackson-annotations … 2.9.0 -> 2.9.8

  7. com.fasterxml.jackson.core:jackson-core … 2.9.0 -> 2.9.8

  8. com.fasterxml.jackson.core:jackson-databind … 2.9.0 -> 2.9.8

  9. com.h2database:h2 … 1.4.197 -> 1.4.199

  10. com.thoughtworks.xstream:xstream … 1.4.3 -> 1.4.11.1

  11. commons-collections:commons-collections … 3.2.2 -> 20040616

  12. commons-fileupload:commons-fileupload … 1.3.3 -> 1.4

  13. commons-io:commons-io … 2.5 -> 2.6

  14. commons-validator:commons-validator … 1.4.0 -> 1.6

  15. dom4j:dom4j … 1.6.1 -> 20040902.021138

  16. javax.mail:mail … 1.4.1 -> 1.5.0-b01

  17. javax.servlet:javax.servlet-api … 3.0.1 -> 4.0.1

  18. javax.servlet:jsp-api … 2.0 -> 2.0.public_draft

  19. javax.servlet:jstl … 1.1.2 -> 1.2

  20. javax.validation:validation-api … 1.0.0.GA -> 2.0.1.Final

  21. junit:junit … 4.12 -> 4.13-beta-3

  22. log4j:log4j … 1.2.15 -> 1.2.17-atlassian-1

  23. net.sf.ehcache:ehcache … 2.10.0 -> 2.10.6

  24. org.apache.commons:commons-lang3 … 3.6 -> 3.9

  25. org.apache.lucene:lucene-queries … 4.10.4 -> 8.0.0

  26. org.apache.lucene:lucene-queryparser … 4.10.4 -> 8.0.0

  27. org.apache.velocity:velocity … 1.6.2 -> 1.7

  28. org.azeckoski:reflectutils … 0.9.14 -> 0.9.20

  29. org.codehaus.jackson:jackson-core-asl … 1.9.13 -> 1.9.13-atlassian-2

  30. org.codehaus.jackson:jackson-mapper-asl … 1.9.13 -> 1.9.13-atlassian-2

  31. org.codehaus.sonar-plugins.java:sonar-jacoco-listeners … 3.1 -> 3.2

  32. org.dbunit:dbunit … 2.5.4 -> 2.6.0

  33. org.hamcrest:hamcrest-core … 1.3 -> 2.1

  34. org.hamcrest:hamcrest-library … 1.3 -> 2.1

  35. org.hibernate:hibernate-c3p0 … 4.3.9.Final -> 6.0.0.Alpha2

  36. org.hibernate:hibernate-core … 4.3.9.Final -> 6.0.0.Alpha2

  37. org.hibernate:hibernate-ehcache … 4.3.9.Final -> 5.4.2.Final

  38. org.hibernate:hibernate-search-orm … 5.1.2.Final -> 5.11.1.Final

  39. org.hibernate:hibernate-validator … 4.2.0.Final -> 6.1.0.Alpha4

  40. org.javassist:javassist … 3.22.0-GA -> 3.25.0-GA

  41. org.liquibase:liquibase-core … 2.0.5 -> 3.6.3

  42. org.mockito:mockito-core … 1.10.19 -> 2.27.0

  43. org.powermock:powermock-api-mockito … 1.6.6 -> 1.7.4

  44. org.powermock:powermock-module-junit4 … 1.6.6 -> 2.0.2

  45. org.slf4j:jcl-over-slf4j … 1.6.0 -> 1.8.0-beta4

  46. org.slf4j:slf4j-api … 1.6.0 -> 1.8.0-beta4

  47. org.slf4j:slf4j-log4j12 … 1.6.0 -> 1.8.0-beta4

  48. org.springframework:spring-aop … 4.1.4.RELEASE -> 5.1.6.RELEASE

  49. org.springframework:spring-beans … 4.1.4.RELEASE -> 5.1.6.RELEASE

  50. org.springframework:spring-context … 4.1.4.RELEASE -> 5.1.6.RELEASE

  51. org.springframework:spring-context-support …4.1.4.RELEASE -> 5.1.6.RELEASE

  52. org.springframework:spring-core … 4.1.4.RELEASE -> 5.1.6.RELEASE

  53. org.springframework:spring-jdbc … 4.1.4.RELEASE -> 5.1.6.RELEASE

  54. org.springframework:spring-orm … 4.1.4.RELEASE -> 5.1.6.RELEASE

  55. org.springframework:spring-oxm … 4.1.4.RELEASE -> 5.1.6.RELEASE

  56. org.springframework:spring-test … 4.1.4.RELEASE -> 5.1.6.RELEASE

  57. org.springframework:spring-tx … 4.1.4.RELEASE -> 5.1.6.RELEASE

  58. org.springframework:spring-web … 4.1.4.RELEASE -> 5.1.6.RELEASE

  59. org.springframework:spring-webmvc … 4.1.4.RELEASE -> 5.1.6.RELEASE

  60. postgresql:postgresql …9.0-801.jdbc4 -> 9.4.1208-jdbc42-atlassian-hosted

  61. xerces:xercesImpl … 2.8.0 -> 2.12.0

The release team is inviting community devs to contribute towards this cause. We would like the @dev5, and @dev4 to help guide the rest of the devs through the this upgrade process. They would be required to assist in breaking up the upgrading tasks into manageable and curated tickets and also approve them as well.

cc @burke, @mseaton, @dkayiwa, @mksd, @mogoodrich, @darius, @raff, @ssmusoke, @k.joseph, @wyclif, @ningosi,

Kind regards

Nathan

3 Likes
(Moses Mutesasira) #12

thanks @ruhanga for the work

1 Like
(tendo kiiza Martyn) #13

@mozzy have you come up with a backlog from the demands of the Tech Roadmap for the sprint ?

1 Like
(Moses Mutesasira) #14

@tendomart can you exactly enlighten on that . otherwise you guidance is highly welcome

Call for participation in the Upgrade Libraries Sprint
(Daniel Kayiwa) #15

Creating tickets for each of these can be done by any dev stage. Higher dev stages can look at the created tickets and provide more information where necessary. You could give these tickets the same label to identify them easily.

2 Likes
(tendo kiiza Martyn) #16

@mozzy I think @dkayiwa 's link above is the best place to start. Hope it was of help. By the way is the Sprint board ready ?

2 Likes
(Cynthia Antwi) #17

Could we also be clear on what we are asking the dev4 and 5 to do with regard to each of the libraries?

2 Likes
Upgrade Core Libraries Sprint Announcement
(Moses Mutesasira) #18

well ,i have created the board with a sprint, but i still wait to be granted privileges to start the sprint. thanks @tendomart

(Moses Mutesasira) #19

Oh yes, as @dkayiwa said above, we shall create the tickets and for some libraries that will cause significant code refactoring like spring and hibernate, the core devs will help us provide more information and guidance on the tickets

(Burke Mamlin) #20

I think it would help to break the dependencies into these categories:

  • Low hanging fruit (e.g., maintenance upgrades)
    • Hopefully we could get as many of these ticketed & done for this Platform release. Any remaining could be slated for the next release.
  • Security vulnerabilities
    • Discovering these will take extra work to review release notes for each dependency. Security updates should be prioritized by the community.
  • The “big” ones (e.g., Hibernate, Spring, MySQL)
    • Simply just starting a conversation for each on where we stand and to begin planning what it would take to upgrade would be helpful. I don’t expect we could get these upgraded for this release, but it would be nice to start planning as a community on a strategy to get them upgraded.
  • Everything else
    • Simply having a list (as you’ve started) and trying to iterate on process(es) to revisit them and start ticketing them and knocking them out would be great. Getting anything beyond the low hanging fruit into this release would be great, but not expected. But since we’re talking about dependencies, it would be nice to move the needle forward and begin creating tickets or thinking about how we could get these updated more regularly in future releases.
3 Likes
Upgrade Core Libraries Sprint Announcement