is possible remove Jhipster Dependencies in back? why is necessary or recommended???
IF I REMOVE OF POM.XML appears different compilation errors.
<dependencyManagement>
<dependencies>
<dependency>
<groupId>io.github.jhipster</groupId>
<artifactId>jhipster-dependencies</artifactId>
<version>${jhipster-dependencies.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<!-- jhipster-needle-maven-add-dependency-management -->
</dependencies>
</dependencyManagement>
Is it possible?
Yes but you have to import all the dependencies yourself although nothing very difficult because most of them are already provided as Spring Boot starters. Looking at effective pom with mvnw help:effective-pom could help.
Then you must import maven plugins configuration.
Finally, your project will still depend on jhipster-framework library unless you extract only the classes your project needs.
Is it recommended?
For long term, managing yourself your dependencies is a good thing because major libraries like Spring Boot, Hibernate, ... support old releases for quite a long time while JHipster team supports only current major release (currently 7.x) which usually means one year.
At the beginning of your project, you will probably want to be able to follow JHipster updates. Modifying the pom.xml will make updating generated code more difficult.
Once you have written much manual code, your project is probably already too difficult to update, so cutting the dependency with JHipster will be harmless.
I found it harder to remove dependency from JHipster frontend than from backend because for instance ng-jhipster has some dependencies on Bootstrap that require some effort to remove.
Related
I'm using avro-tools 1.9.2 in my project and due to some reason can't even update it. I see that avro-tools 1.9.2 using the old log4 1.x API natively (its not a transitive dependency instead its included natively in the jar itself), Is there any way to exclude package when using the jar file at runtime? I know its very unfair/weird questions. But I really need get going.
<dependency>
<groupId>org.apache.avro</groupId>
<artifactId>avro-tools</artifactId>
<version>1.9.2</version>
</dependency>
I am working on one project and we are using tool Whitesource for our project.
The system Whitesource tells me usually that I need to update some dependency. Now it just says
Whitesource shows a problem Security Vulnerability with the message:
An issue was found in io.springfox:springfox-swagger-ui. This vulnerability can lead to �Log injection�- whereas untrusted data gets written into log files/entries. It allows attackers to forge log entries or inject malicious content into the logs.
pom.xml
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-common</artifactId>
<version>3.0.0</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>3.0.0</version>
<scope>compile</scope>
</dependency>
Please help me solve the problem or tell me where to start solving the problem.
Unfortunately, SpringFox https://github.com/springfox/springfox is not maintained for last 2 years. Applications currently leveraging SpringFox should migrate to SpringDoc.
SprinDoc GitHub repo and here is migration guide
Unfortunately, there is currently no fix available from Springfox.
A little explanation: With this security issue, an attacker could write untrustworthy data in the log files and thus falsify log entries or inject malicious content into the logs.
I wrote a program with the following package
<dependency>
<groupId>com.datastax.cassandra</groupId>
<artifactId>cassandra-driver-core</artifactId>
<version>3.6.0</version>
</dependency>
But when I change it to 4.0.0 it doesn't have some critical classes.
I search and read in Datastax that I must use the following package:
<dependency>
<groupId>com.datastax.oss</groupId>
<artifactId>java-driver-core</artifactId>
<version>4.0.0</version>
</dependency>
So, it totally have different classes, So what is the right package from Datastax to use in java for connecting and working with Cassandra? Which one is better to use and what is the main difference?
This really depends on your requirements:
if you're developing completely new application, then you need to use 4.x versions of the driver, as 3.x won't get new functionality, only critical bug fixes. Latest version right now is 4.9.0 - check documentation for exact Maven definition - it should match your second snippet. Please take into account that this driver is quite different from the 3.x versions, so copy-pasting old examples won't work, but you can follow the upgrade guide to translate them to the new version.
if you have existing code, then you may stick to the latest 3.x version (3.10 right now) because porting to 4.x versions could lead to significant rewrite of application caused by architectural changes in new version. Consult upgrade guide for details of porting. Also, you can check following repository for examples of code ported to 4.x.
When I clean my project I get the following error:
[2011-10-05 13:47:53 - The Basics] Dx
trouble processing "java/nio/CharBuffer.class":
Ill-advised or mistaken usage of a core class (java.* or javax.*)
when not building a core library.
This is often due to inadvertently including a core library file
in your application's project, when using an IDE (such as
Eclipse). If you are sure you're not intentionally defining a
core class, then this is the most likely explanation of what's
going on.
However, you might actually be trying to define a class in a core
namespace, the source of which you may have taken, for example,
from a non-Android virtual machine project. This will most
assuredly not work. At a minimum, it jeopardizes the
compatibility of your app with future versions of the platform.
It is also often of questionable legality.
If you really intend to build a core library -- which is only
appropriate as part of creating a full virtual machine
distribution, as opposed to compiling an application -- then use
the "--core-library" option to suppress this error message.
If you go ahead and use "--core-library" but are in fact
building an application, then be forewarned that your application
will still fail to build or run, at some point. Please be
prepared for angry customers who find, for example, that your
application ceases to function once they upgrade their operating
system. You will be to blame for this problem.
If you are legitimately using some code that happens to be in a
core package, then the easiest safe alternative you have is to
repackage that code. That is, move the classes in question into
your own package namespace. This means that they will never be in
conflict with core system classes. JarJar is a tool that may help
you in this endeavor. If you find that you cannot do this, then
that is an indication that the path you are on will ultimately
lead to pain, suffering, grief, and lamentation.
[2011-10-05 13:47:53 - The Basics] Dx 1 error; aborting
[2011-10-05 13:47:53 - The Basics] Conversion to Dalvik format failed with error 1
I had this problem. I use Maven to build my android projects. My problem was caused by one of my dependencies depending on the android jars. I updated my pom to exclude android from that dependency and that solved it for me.
<dependency>
<groupId>org.reassembler</groupId>
<artifactId>synth-android</artifactId>
<version>2.5.8</version>
<exclusions>
<exclusion>
<artifactId>junit</artifactId>
<groupId>junit</groupId>
</exclusion>
<exclusion>
<artifactId>android</artifactId>
<groupId>android</groupId>
</exclusion>
</exclusions>
</dependency>
Hope this helps someone, it took me a while to figure out what was going on.
For the benefit of anyone who may have stumbled upon this, this problem can be caused by inclusion of an older library such as android.jar. Removing the .jar file from your buildpath will allow you to compile. Otherwise, you can use the "jarjar" mentioned in the error message to move the .jar file to another package.
Your IDE is misconfigured. Make sure that your scripts or IDE isn't passing rt.jar or android.jar to dx.
In Android Studio, I had included java and javax jar files in my lib folder and there were dependencies related to them (in build.gradle at the app level). I commented them out.
//compile files('libs/ K java-rt-jar-stubs-1.5.0.jar')
//compile 'javax.annotation:jsr250-api:1.0'
//compile files('libs/javax. annotation.jar')
Then i went to the Project View and deleted the jar files. There were some legacy instances of java.awt.geom which I had to purge, but rebuilt project and then i was fine.
I've been trying to get the gwt-maven-plugin to work for me. Hopefully someone can help me.
I'm using gwt-maven-plugin 1.2 and trying to get it to work with gwt 2.1.0.M3. We have a nexus repo at work and I've put the latest gwt jars there. The plugin fails when trying to download the gwt-dev jar.
The gwt-dev jar is located at 2.1.0.M3/gwt-dev-2.1.0.M3.jar
The plugin tries to download 2.1.0.M3/gwt-dev-2.1.0.M3-linux.jar.
I don't have a dependency anywhere on my pom for gwt-dev, the plugin takes care of that. How can I stop it from appending "-linux" to it? I'm aware that I could just change the name of the jar in my repo or set it up manually on my local machine, but I want to figure out how to get this working on nexus because we have several developers working on this at the same time.
Thanks!
You should upgrade your gwt-maven-plugin to version 1.2, which has some support for GWT-2.0.
As of GWT-2.0, the gwt-dev jars are no longer distributed separately per platform - a fact which the older versions of the gwt-maven-plugin are not aware.
I am having the same problem. Here's what worked for me, which I gleaned from this sample pom: http://code.google.com/p/google-web-toolkit/source/browse/trunk/samples/expenses/pom.xml
Add this to your plugin repos:
<pluginRepositories>
<pluginRepository>
<id>gwt-plugin-repo</id>
<url>http://google-web-toolkit.googlecode.com/svn/2.1.0.M3/gwt/maven</url>
<name>Google Web Toolkit Plugin Repository</name>
</pluginRepository>
</pluginRepositories>
Set your gwt-maven-plugin to 1.3.1.google
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>gwt-maven-plugin</artifactId>
<version>1.3.1.google</version>
i was trying to upgrade my project to gwt 2.1, and with the things that Bohemian said and with
<repository>
<id>googlecode</id>
<url>http://code.google.com/p/google-web-toolkit/source/browse/#svn/2.1.0/gwt/maven</url>
</repository>
i succeeded to do so.