[
https://issues.apache.org/jira/browse/GEODE-10534?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jinwoo Hwang reassigned GEODE-10534:
------------------------------------
Assignee: Jinwoo Hwang
> Fix Deprecated APIs in Support Modules (geode-management,
> geode-serialization, geode-deployment-legacy, geode-web-api)
> ----------------------------------------------------------------------------------------------------------------------
>
> Key: GEODE-10534
> URL: https://issues.apache.org/jira/browse/GEODE-10534
> Project: Geode
> Issue Type: Improvement
> Reporter: Jinwoo Hwang
> Assignee: Jinwoo Hwang
> Priority: Major
>
> h2. Summary
> Fix 13 deprecated API warnings across 4 support modules: geode-management (10
> warnings), geode-serialization (1 warning), geode-deployment-legacy (1
> warning), and geode-web-api (1 warning).
> h2. Description
> These support modules contain deprecated API usage across reflection APIs,
> HTTP client libraries, and string utilities. While none are marked for
> immediate removal, addressing these warnings improves code maintainability
> and prepares for future library migrations.
> *Total Warnings:* 13 [deprecation] warnings
> *Priority:* MEDIUM - Technical debt cleanup, no immediate upgrade blockers
> h2. Module Breakdown
> h3. Module 1: geode-management (10 warnings)
> *Owner:* Management/REST Team
> *Package:* {{{}org.apache.geode.management.api{}}},
> {{org.apache.geode.management.configuration}}
> *Total APIs:* 3 deprecated APIs
> *Effort:* 6-8 hours
> h4. Issue 1.1: Apache HttpClient 5 SSL APIs (9 warnings)
> *File:*
> {{geode-management/src/main/java/org/apache/geode/management/api/RestTemplateClusterManagementServiceTransport.java}}
> *Lines:* 167 (×2), 173, 181 (×2), 187
> *Deprecated APIs:*
> *API 1: SSLConnectionSocketFactory*
> {code:java}
> Package: org.apache.hc.client5.http.ssl
> Full Name: org.apache.hc.client5.http.ssl.SSLConnectionSocketFactory
> Deprecated: Apache HttpClient 5.0
> Removal Target: Future major version (likely 6.0)
> Replacement: org.apache.hc.client5.http.ssl.SSLConnectionSocketFactoryBuilder
> {code}
> *API 2: PoolingHttpClientConnectionManagerBuilder.setSSLSocketFactory()*
> {code:java}
> Package: org.apache.hc.client5.http.impl.io
> Full Name:
> org.apache.hc.client5.http.impl.io.PoolingHttpClientConnectionManagerBuilder.setSSLSocketFactory()
> Signature: public PoolingHttpClientConnectionManagerBuilder
> setSSLSocketFactory(LayeredConnectionSocketFactory)
> Deprecated: Apache HttpClient 5.0
> Removal Target: Future major version (likely 6.0)
> Replacement: setTlsSocketStrategy() or similar modern TLS approach
> {code}
> *Warnings:*
> {code:java}
> Line 167: warning: [deprecation] SSLConnectionSocketFactory in
> org.apache.hc.client5.http.ssl has been deprecated (×2)
> Line 173: warning: [deprecation]
> setSSLSocketFactory(LayeredConnectionSocketFactory) has been deprecated
> Line 181: warning: [deprecation] SSLConnectionSocketFactory in
> org.apache.hc.client5.http.ssl has been deprecated (×2)
> Line 187: warning: [deprecation]
> setSSLSocketFactory(LayeredConnectionSocketFactory) has been deprecated
> {code}
> *Action Required:*
> * Migrate to Apache HttpClient 5 recommended SSL configuration
> * Use {{SSLConnectionSocketFactoryBuilder}} for SSL socket factory creation
> * Replace {{setSSLSocketFactory()}} with {{setTlsSocketStrategy()}} or
> modern TLS approach
> * Test SSL/TLS connections thoroughly
> *Risk:* MEDIUM - Library migration, requires SSL connection testing
> h4. Issue 1.2: Apache Commons Lang StringUtils (1 warning)
> *File:*
> {{geode-management/src/main/java/org/apache/geode/management/configuration/Index.java:91}}
> *Deprecated API:*
> {code:java}
> Package: org.apache.commons.lang3
> Full Name: org.apache.commons.lang3.StringUtils.removeStart()
> Signature: public static String removeStart(String str, String remove)
> Deprecated: Commons Lang 3.x
> Removal Target: Not scheduled
> {code}
> *Migration Pattern:*
> {code:java}
> // Before:
> String result = StringUtils.removeStart(str, prefix);
> // After:
> String result = str.startsWith(prefix) ? str.substring(prefix.length()) : str;
> {code}
> *Risk:* LOW - Simple string manipulation
> —
> h3. Module 2: geode-serialization (1 warning)
> *Owner:* Serialization Team
> *Package:* {{org.apache.geode.internal.serialization.internal}}
> *Total APIs:* 1 deprecated API
> *Effort:* 2-3 hours
> *File:*
> {{geode-serialization/src/main/java/org/apache/geode/internal/serialization/internal/DSFIDSerializerImpl.java:343}}
> *Deprecated API:*
> {code:java}
> Package: java.lang.reflect
> Full Name: java.lang.reflect.AccessibleObject.isAccessible()
> Signature: public boolean isAccessible()
> Deprecated: Java 9
> Removal Target: Not scheduled
> Replacement: java.lang.reflect.AccessibleObject.canAccess(Object obj)
> {code}
> *Warning:*
> {code:java}
> warning: [deprecation] isAccessible() in AccessibleObject has been deprecated
> {code}
> *Migration Pattern:*
> {code:java}
> // Before:
> if (field.isAccessible()) {
> // do something
> }
> // After:
> if (field.canAccess(targetObject)) {
> // do something
> }
> // Note: canAccess() requires the target object instance
> {code}
> *Action Required:*
> * Replace {{isAccessible()}} with {{canAccess(Object obj)}}
> * Ensure target object instance is available for {{canAccess()}}
> * May require refactoring if target object is not readily available
> *Risk:* MEDIUM - Reflection API change, requires target object reference
> —
> h3. Module 3: geode-deployment-legacy (1 warning)
> *Owner:* Deployment Team
> *Package:* {{org.apache.geode.classloader.internal}}
> *Total APIs:* 1 deprecated API
> *Effort:* 2-3 hours
> *File:*
> {{geode-deployment/geode-deployment-legacy/src/main/java/org/apache/geode/classloader/internal/LegacyClasspathServiceImpl.java:235}}
> *Deprecated API:*
> {code:java}
> Package: java.lang.reflect
> Full Name: java.lang.reflect.Proxy.getProxyClass()
> Signature: public static Class<?> getProxyClass(ClassLoader loader,
> Class<?>... interfaces)
> Deprecated: Java 9
> Removal Target: Not scheduled
> Replacement: java.lang.reflect.Proxy.newProxyInstance(ClassLoader,
> Class<?>[], InvocationHandler)
> {code}
> *Warning:*
> {code:java}
> warning: [deprecation] getProxyClass(ClassLoader,Class<?>...) in Proxy has
> been deprecated
> {code}
> *Migration Pattern:*
> {code:java}
> // Before:
> Class<?> proxyClass = Proxy.getProxyClass(classLoader, interfaces);
> Object proxy =
> proxyClass.getConstructor(InvocationHandler.class).newInstance(handler);
> // After:
> Object proxy = Proxy.newProxyInstance(classLoader, interfaces, handler);
> {code}
> *Action Required:*
> * Use {{Proxy.newProxyInstance()}} directly
> * May require restructuring proxy creation logic
> * Ensure {{InvocationHandler}} is available at call site
> *Risk:* MEDIUM - Dynamic proxy generation, requires testing
> —
> h3. Module 4: geode-web-api (1 warning)
> *Owner:* Web/REST API Team
> *Package:* {{org.apache.geode.rest.internal.web.swagger.config}}
> *Total APIs:* 1 deprecated API
> *Effort:* 2-3 hours
> *File:*
> {{geode-web-api/src/main/java/org/apache/geode/rest/internal/web/swagger/config/SwaggerConfig.java:62}}
> *Deprecated API:*
> {code:java}
> Package: org.springframework.web.util.pattern
> Full Name:
> org.springframework.web.util.pattern.PathPatternParser.setMatchOptionalTrailingSeparator()
> Signature: public void setMatchOptionalTrailingSeparator(boolean
> matchOptionalTrailingSeparator)
> Deprecated: Spring Framework 6.x
> Removal Target: Not scheduled (likely Spring 7.x)
> {code}
> *Warning:*
> {code:java}
> warning: [deprecation] setMatchOptionalTrailingSeparator(boolean) in
> PathPatternParser has been deprecated
> {code}
> *Action Required:*
> * Consult Spring Framework 6.x migration guide for replacement configuration
> * Update path pattern matching configuration
> * Test Swagger/OpenAPI URL path matching
> * Verify trailing separator handling behavior
> *Risk:* LOW - Configuration change, verify Swagger/OpenAPI compatibility
> h2. How to Verify Warnings
> *Step 1:* Enable warnings in
> {{{}build-tools/scripts/src/main/groovy/warnings.gradle{}}}:
> {code:groovy}
> tasks.withType(JavaCompile) {
> options.compilerArgs << '-Xlint:unchecked' << '-Xlint:deprecation' <<
> '-Xlint:removal'
> options.deprecation = true
> }
> {code}
> *Step 2:* Build and check warnings for each module:
> {code:bash}
> # geode-management
> ./gradlew clean :geode-management:compileJava --no-build-cache 2>&1 | grep
> "warning:"
> # geode-serialization
> ./gradlew clean :geode-serialization:compileJava --no-build-cache 2>&1 | grep
> "warning:"
> # geode-deployment-legacy
> ./gradlew clean :geode-deployment:geode-deployment-legacy:compileJava
> --no-build-cache 2>&1 | grep "warning:"
> # geode-web-api
> ./gradlew clean :geode-web-api:compileJava --no-build-cache 2>&1 | grep
> "warning:"
> {code}
> *Step 3:* After fixing, restore original configuration:
> {code:bash}
> git checkout build-tools/scripts/src/main/groovy/warnings.gradle
> {code}
> h2. References
> * [Apache HttpClient 5 Migration
> Guide|https://hc.apache.org/httpcomponents-client-5.0.x/migration-guide/]
> * [Apache HttpClient 5 SSL
> Configuration|https://hc.apache.org/httpcomponents-client-5.0.x/examples.html]
> * [Java 9 Reflection API
> Changes|https://docs.oracle.com/javase/9/docs/api/java/lang/reflect/AccessibleObject.html]
> * [Proxy API
> Documentation|https://docs.oracle.com/javase/9/docs/api/java/lang/reflect/Proxy.html]
> * [Spring Framework 6.x Migration
> Guide|https://github.com/spring-projects/spring-framework/wiki/Upgrading-to-Spring-Framework-6.x]
> * [Apache Commons Lang 3
> Documentation|https://commons.apache.org/proper/commons-lang/]
> h2. Acceptance Criteria
> * All 13 [deprecation] warnings resolved across 4 modules
> * Code compiles without warnings in Java 17
> * All existing tests pass for each module
> * SSL/TLS connections verified in geode-management
> * Reflection operations tested in geode-serialization and
> geode-deployment-legacy
> * Swagger/OpenAPI path matching verified in geode-web-api
> * No changes to public API behavior
> h2. Testing Strategy
> h3. geode-management
> * Unit tests: Verify REST client SSL configuration
> * Integration tests: Test HTTPS connections to management API
> * Security tests: Verify SSL/TLS certificate validation
> h3. geode-serialization
> * Unit tests: Verify reflection-based serialization
> * Test various accessibility scenarios (public, private, protected fields)
> * Verify serialization/deserialization with different object types
> h3. geode-deployment-legacy
> * Unit tests: Verify dynamic proxy creation
> * Test proxy invocation with various interface combinations
> * Verify classloader isolation
> h3. geode-web-api
> * Unit tests: Verify Swagger configuration
> * Integration tests: Test OpenAPI path matching
> * Verify trailing separator handling in API endpoints
> h2. Impact
> *Risk:* MEDIUM - Does not block Java or Spring upgrades, but involves
> critical areas (SSL, serialization, dynamic proxies)
> *Scope:* 4 modules, 6 files, 13 warnings
> *Related Work:* Part of Java 17 warning cleanup effort (36 total warnings
> across 6 modules)
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
