JackieTien97 commented on code in PR #17859:
URL: https://github.com/apache/iotdb/pull/17859#discussion_r3392619135
##########
external-service-impl/rest/src/main/java/org/apache/iotdb/rest/RestService.java:
##########
@@ -96,7 +96,7 @@ private ServletContextHandler
constructServletContextHandler() {
holder.setInitOrder(1);
holder.setInitParameter(
"jersey.config.server.provider.packages",
- "io.swagger.jaxrs.listing, io.swagger.sample.resource,
org.apache.iotdb.rest.protocol");
+ "io.swagger.v3.jaxrs2.integration.resources,
org.apache.iotdb.rest.protocol");
Review Comment:
This switches the registered Swagger package to Swagger Core 2.x, whose
resources expose `/openapi` and `/openapi.{json|yaml}` rather than the old
`/swagger.json` path. The REST authorization filter still only special-cases
`swagger.json`, so `enable_swagger=true` no longer makes the generated spec
reachable without credentials, while `enable_swagger=false` also does not hide
the actual `/openapi.json` endpoint from authenticated callers. Please update
the filter/config/docs to control the new OpenAPI paths, or keep a compatible
`/swagger.json` route if that path is still expected by users.
##########
LICENSE-binary:
##########
@@ -224,12 +224,12 @@ com.fasterxml.jackson.core:jackson-databind:2.16.2
jakarta.inject:jakarta.inject:2.6.1
at.yawk.lz4:lz4-java:1.10.0
com.github.ben-manes.caffeine:caffeine:2.9.3
-org.eclipse.jetty:jetty-http:9.4.58.v20250814
-org.eclipse.jetty:jetty-io:9.4.58.v20250814
-org.eclipse.jetty:jetty-security:9.4.58.v20250814
-org.eclipse.jetty:jetty-server:9.4.58.v20250814
-org.eclipse.jetty:jetty-servlet:9.4.58.v20250814
-org.eclipse.jetty:jetty-util:9.4.58.v20250814
+org.eclipse.jetty:jetty-http:12.0.36
+org.eclipse.jetty:jetty-io:12.0.36
+org.eclipse.jetty:jetty-security:12.0.36
+org.eclipse.jetty:jetty-server:12.0.36
+org.eclipse.jetty.ee10:jetty-ee10-servlet:12.0.36
Review Comment:
The REST fat jar now bundles additional Jakarta/OpenAPI dependencies that
are not reflected here. For example, `mvn package -pl
external-service-impl/rest-openapi,external-service-impl/rest -DskipTests`
produces `rest-...-jar-with-dependencies.jar` containing
`org.eclipse.jetty:jetty-session:12.0.36`, the
`io.swagger.core.v3:swagger-*-jakarta:2.2.50` artifacts,
`io.github.classgraph:classgraph:4.8.184`,
`com.fasterxml.jackson.jakarta.rs:*`,
`jakarta.inject:jakarta.inject-api:2.0.1`, and
`jakarta.xml.bind:jakarta.xml.bind-api:3.0.1`. `dependencies.json` already
lists some of these, such as `jetty-session`, but `LICENSE-binary` still omits
them and still lists the old `jakarta.inject:jakarta.inject:2.6.1` coordinate.
Please regenerate/recheck `LICENSE-binary` against the packaged
external-service-impl artifact so the binary release license metadata matches
what is actually bundled.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
