Upgrade to Java 17 and Spring Boot 3.2.5#560
Upgrade to Java 17 and Spring Boot 3.2.5#560devin-ai-integration[bot] wants to merge 11 commits intomasterfrom
Conversation
- Added a simple note confirming RealWorld API spec compliance - This is a test change to verify PR workflow functionality Co-Authored-By: Gardner Johnson <gardnerjohnson@gmail.com>
…st-dummy-change Test: Add testing verification note to README
- Modern React 18 frontend with TypeScript and Tailwind CSS - Complete RealWorld specification implementation - User authentication with JWT token management - Article management (create, view, edit, delete) - Article feed with pagination - User profiles and following functionality - Comments system for articles - Social features (favorites, following) - Tag-based article categorization - Responsive design with modern UI - Full API integration with Spring Boot backend - Development server on localhost:3000 - Production build support Features implemented: - User registration and login - Article creation and editing with markdown support - Global article feed - User profiles and social following - Comment system - Article favoriting - Tag filtering - JWT authentication integration - Error handling and validation - Modern responsive UI design The frontend successfully demonstrates all backend API functionality through a visual web interface, replacing raw JSON responses with a complete social blogging platform user experience. Co-Authored-By: Gardner Johnson <gardnerjohnson@gmail.com>
- Remove node_modules from git tracking and add to .gitignore - Configure environment variables for API base URL using VITE_API_BASE_URL - Add TypeScript definitions for Vite environment variables - Remove unused 'User' import to fix TypeScript error Addresses the 5 critical issues identified in PR review: 1. ✅ Remove node_modules from git (added to .gitignore) 2. 🔄 Test complete user journey (next step) 3. ✅ Configure environment variables (VITE_API_BASE_URL) 4. 🔄 Verify CORS configuration (next step) 5. 🔄 Test authentication flow thoroughly (next step) Co-Authored-By: Gardner Johnson <gardnerjohnson@gmail.com>
…d-react-frontend Add React Frontend Application for RealWorld API
- sourceCompatibility/targetCompatibility: 11 -> 17 - Spring Boot plugin: 2.6.3 -> 3.2.5 - spring-dependency-management: 1.0.11.RELEASE -> 1.1.5 - dgs-codegen: 5.0.6 -> 6.2.1 - spotless: 6.2.1 -> 6.25.0 - mybatis-spring-boot-starter: 2.2.2 -> 3.0.3 - graphql-dgs-spring-boot-starter: 4.9.21 -> 7.6.0 - jjwt: 0.11.2 -> 0.12.5 - sqlite-jdbc: 3.36.0.3 -> 3.45.3.0 - rest-assured: 4.5.1 -> 5.4.0 - mybatis-spring-boot-starter-test: 2.2.2 -> 3.0.3 - Gradle wrapper: 7.4 -> 8.7 Co-Authored-By: Scotty Andrade <scotty.andrade@cognition.ai>
Replaced all javax.validation, javax.servlet imports with their jakarta equivalents across 20 Java source files. javax.crypto imports in DefaultJwtService.java are left unchanged as they are JDK classes. Co-Authored-By: Scotty Andrade <scotty.andrade@cognition.ai>
Co-Authored-By: Scotty Andrade <scotty.andrade@cognition.ai>
…update CI workflow to Java 17 Co-Authored-By: Scotty Andrade <scotty.andrade@cognition.ai>
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
Co-Authored-By: Scotty Andrade <scotty.andrade@cognition.ai>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
| if (!slug) return; | ||
|
|
||
| await commentsApi.deleteComment(slug, commentId); | ||
| setComments(comments.filter(comment => comment.id !== commentId)); |
There was a problem hiding this comment.
🟡 Stale closure in comment state updates causes deleted comments to reappear
Both handleCommentDelete and handleCommentSubmit in ArticleView.tsx use comments directly from the render closure instead of the functional form of setComments. If a user deletes two comments in quick succession (before the API calls complete), the second setComments call uses the stale comments array from the original render, overwriting the first deletion. For example: if comments = [A, B, C] and the user deletes A then B, both handlers close over the same [A, B, C] array. When A's API call completes, setComments([B, C]) is correct. But when B's API call completes, setComments([A, C]) is called (from the stale closure), incorrectly bringing A back. The same issue applies to handleCommentSubmit at line 103 — setComments([newComment, ...comments]) can lose a previously added comment.
| setComments(comments.filter(comment => comment.id !== commentId)); | |
| setComments(prevComments => prevComments.filter(comment => comment.id !== commentId)); |
Was this helpful? React with 👍 or 👎 to provide feedback.
There was a problem hiding this comment.
This file (frontend/src/pages/ArticleView.tsx) is not part of the Java 17 / Spring Boot 3 upgrade changes in this PR — it's a pre-existing React frontend file that appears in the diff due to merge-base differences. The stale closure observation is valid but out of scope for this PR.
2 participants
Summary
Upgrades the project from Java 11 / Spring Boot 2.6.3 to Java 17 / Spring Boot 3.2.5. This touches build configuration, all Java source files using
javaxAPIs, the Spring Security configuration, and several libraries with breaking API changes.Build & tooling:
Dependency upgrades with API migration:
PageInfoswitched fromgraphql.relay.DefaultPageInfoto codegen-generatedio.spring.graphql.types.PageInfo;DataFetcherExceptionHandler.onException()→handleException()returningCompletableFutureparserBuilder()→parser().verifyWith(),setSubject/setExpiration→subject/expiration,parseClaimsJws→parseSignedClaims,getBody→getPayload, key construction viaKeys.hmacShaKeyFor()Namespace migration: All
javax.validation,javax.servlet,javax.annotationimports →jakarta.*(~20 files).javax.cryptocorrectly left as-is (JDK class).Spring Security 6: Removed
WebSecurityConfigurerAdapter, converted toSecurityFilterChainbean with lambda DSL,authorizeRequests→authorizeHttpRequests,antMatchers→requestMatchers.Spring Boot 3:
handleMethodArgumentNotValidsignature updated (HttpStatus→HttpStatusCode).Merge note
.github/workflows/gradle.ymlwas deleted onmasterbut this PR re-introduces it (updated for JDK 17 / actions v4). Reviewer should confirm whether CI via this workflow is still desired.Review & Testing Checklist for Human
gradle.ymlwas deleted onmaster. This PR keeps the file (updated for Java 17). Verify this is intentional — if CI has moved elsewhere, this file may need to be removed from the PR.Keys.hmacShaKeyFor(secret.getBytes())auto-selects HMAC algorithm by key length (≥32 bytes → HS256, ≥48 → HS384, ≥64 → HS512). The old code hardcoded HS512. Verifyjwt.secretin application properties is ≥64 bytes if HS512 is intended, otherwise existing tokens will be incompatible.WebSecurityConfigare functionally equivalent — especially thatGET /articles/feed(authenticated) is matched beforeGET /articles/**(permitAll). The rule ordering in the lambda DSL must match the old chain. Run a manual smoke test of authenticated and unauthenticated endpoints.buildArticlePageInfo/buildCommentPageInfonow usePageInfo.newBuilder()with.hasPreviousPage()/.hasNextPage(). Confirm these match the GraphQL schema field names and that pagination queries return correct cursor info../gradlew bootRunsmoke test: Unit tests pass locally, but verify the app starts and serves requests end-to-end (REST + GraphQL).Recommended test plan: Run
./gradlew bootRun, hit a few REST endpoints (GET /articles,POST /users,GET /articles/feedwith auth), and run a GraphQL query with pagination to confirm PageInfo fields are populated correctly.Notes
GraphQLCustomizeExceptionHandlernow returnsCompletableFuture<DataFetcherExceptionHandlerResult>(DGS 7.x async interface). The implementation wraps results withCompletableFuture.completedFuture()so behavior is effectively synchronous — this is the correct pattern for DGS 7.x.Link to Devin session: https://app.devin.ai/sessions/6b6e368662274e11802ca77645e8d6fb
Requested by: @scottyandrade99