Skip to content

Update fasterxml #3227

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
malliaridis merged 5 commits into from
Sep 13, 2025
Merged

Update fasterxml #3227

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
c530fc9
Update fasterxml
solrbot Sep 10, 2025
7bb5a53
Fix version mismatch for jackson core annotations
malliaridis Sep 10, 2025
f4d488e
Fix version drift in lockfiles
malliaridis Sep 10, 2025
fc6f94a
Add fasterxml BOM as platform dependency to remove dependency version…
malliaridis Sep 11, 2025
db6541c
Update expected bytes length in test
malliaridis Sep 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions gradle/libs.versions.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ eclipse-jettytoolchain = "5.0.2"
# @keep jgit version used by git-status.gradle
eclipse-jgit = "7.3.0.202506031305-r"
essenty = "2.5.0"
fasterxml = "2.18.2"
fasterxml = "2.20.0"
fasterxml-woodstox = "7.0.0"
# @keep Flexmark used in classpath
flexmark = "0.64.8"
Expand Down Expand Up @@ -353,11 +353,11 @@ eclipse-jetty-xml = { module = "org.eclipse.jetty:jetty-xml", version.ref = "ecl
eclipse-jgit-jgit = { module = "org.eclipse.jgit:org.eclipse.jgit", version.ref = "eclipse-jgit" }
essenty-lifecycle = { module = "com.arkivanov.essenty:lifecycle", version.ref = "essenty" }
fasterxml-jackson-bom = { module = "com.fasterxml.jackson:jackson-bom", version.ref = "fasterxml" }
fasterxml-jackson-core-annotations = { module = "com.fasterxml.jackson.core:jackson-annotations", version.ref = "fasterxml" }
fasterxml-jackson-core-core = { module = "com.fasterxml.jackson.core:jackson-core", version.ref = "fasterxml" }
fasterxml-jackson-core-databind = { module = "com.fasterxml.jackson.core:jackson-databind", version.ref = "fasterxml" }
fasterxml-jackson-dataformat-cbor = { module = "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor", version.ref = "fasterxml" }
fasterxml-jackson-dataformat-smile = { module = "com.fasterxml.jackson.dataformat:jackson-dataformat-smile", version.ref = "fasterxml" }
fasterxml-jackson-core-annotations = { module = "com.fasterxml.jackson.core:jackson-annotations" }
fasterxml-jackson-core-core = { module = "com.fasterxml.jackson.core:jackson-core" }
fasterxml-jackson-core-databind = { module = "com.fasterxml.jackson.core:jackson-databind" }
fasterxml-jackson-dataformat-cbor = { module = "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor" }
fasterxml-jackson-dataformat-smile = { module = "com.fasterxml.jackson.dataformat:jackson-dataformat-smile" }
fasterxml-woodstox-core = { module = "com.fasterxml.woodstox:woodstox-core", version.ref = "fasterxml-woodstox" }
flexmark-extensions-abbreviation = { module = "com.vladsch.flexmark:flexmark-ext-abbreviation", version.ref = "flexmark" }
flexmark-extensions-attributes = { module = "com.vladsch.flexmark:flexmark-ext-attributes", version.ref = "flexmark" }
Expand Down
5 changes: 4 additions & 1 deletion solr/api/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,8 +61,11 @@ resolve {

dependencies {
api platform(project(":platform"))
swaggerDeps platform(project(":platform"))
api platform(libs.fasterxml.jackson.bom)
Copy link
Copy Markdown
Contributor

@dsmiley dsmiley Dec 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm surprised to see jackson here, as I expect that our platform's role is to be all encompassing (to include jackson).

Copy link
Copy Markdown
Contributor

@malliaridis malliaridis Dec 27, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If I remember correct, the issue comes from the way BOMs have to be added to resolve dependency versions. Our platform module goes through our libs.versions.toml file and adds all dependencies via api [dependency]. Later, the module is added as [configuration] platform(project(":platform")) to resolve dependencies.

However, in order for BOMs to take effect in dependency resolution, they have to be added via platform([bom-dependency]). Since we cannot reliably distinguish BOMs from other dependencies in our current setup, we have to manually add them.

We might be able to enlist the BOM dependencies in a seperate toml file and iterate over it in our platform module, so that we can run a different logic in platform/build.gradle, something like:

// platform/build.gradle

plugins {
    id("java-platform")
}

dependencies {
    constraints {
        // Current logic
        def versionCatalog = rootProject.extensions
                .getByType(VersionCatalogsExtension).named("libs")
        versionCatalog.libraryAliases.forEach { alias ->
            def library = versionCatalog.findLibrary(alias)
            api library.get()
        }
        
        // Additional new logic
        def bomCatalog = rootProject.extensions
                .getByType(VersionCatalogsExtension).named("bom") // <-- reference different toml file
        bomCatalog.libraryAliases.forEach { alias ->
            def library = bomCatalog.findLibrary(alias)
            api platform(library.get()) // <-- this line makes the difference
        }
    }
}

And then add only BOM dependencies to gradle/bom.versions.toml:

[versions]
amazon-awssdk = "2.32.31"
fasterxml = "2.20.0"
google-cloud-bom = "0.224.0"
grpc = "1.65.1"
netty = "4.2.6.Final"
opentelemetry = "1.56.0"

[libraries]
amazon-awssdk-bom = { module = "software.amazon.awssdk:bom", version.ref = "amazon-awssdk" }
fasterxml-jackson-bom = { module = "com.fasterxml.jackson:jackson-bom", version.ref = "fasterxml" }
google-cloud-bom = { module = "com.google.cloud:google-cloud-bom", version.ref = "google-cloud-bom" }
grpc-bom = { module = "io.grpc:grpc-bom", version.ref = "grpc" }
netty-bom = { module = "io.netty:netty-bom", version.ref = "netty" }
opentelemetry-bom = { module = "io.opentelemetry:opentelemetry-bom", version.ref = "opentelemetry" }

I did not have enough time back then to experiment with that, but it may allow us to remove redundant dependencies to BOMs in our modules, like the one you pointed at.

Copy link
Copy Markdown
Contributor

@dsmiley dsmiley Dec 31, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for that thorough response Christos.
Background: I've been looking at Solr's techniques to apply some techniques elsewhere.

Copy link
Copy Markdown
Contributor

@malliaridis malliaridis Jan 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

SOLR-18003 also shows a case where the BOM version resolution fails and we have to intervene.


runtimeOnly libs.slf4j.api

implementation libs.jakarta.ws.rsapi
api libs.fasterxml.jackson.core.annotations
api libs.swagger3.annotations.jakarta
Expand Down
52 changes: 15 additions & 37 deletions solr/api/gradle.lockfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,26 +3,17 @@
# This file is expected to be part of source control.
com.carrotsearch.randomizedtesting:randomizedtesting-runner:2.8.3=jarValidation,testCompileClasspath,testRuntimeClasspath
com.carrotsearch:hppc:0.10.0=jarValidation,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-annotations:2.16.2=swaggerDeps
com.fasterxml.jackson.core:jackson-annotations:2.18.2=apiHelper,compileClasspath,jarValidation,runtimeClasspath,swaggerBuild,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-core:2.16.2=swaggerDeps
com.fasterxml.jackson.core:jackson-core:2.18.2=jarValidation,swaggerBuild,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-databind:2.16.2=swaggerDeps
com.fasterxml.jackson.core:jackson-databind:2.18.2=jarValidation,swaggerBuild,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.18.2=jarValidation,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.18.2=jarValidation,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.16.2=swaggerDeps
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.2=swaggerBuild
com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.16.2=swaggerDeps
com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.2=swaggerBuild
com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-base:2.18.2=swaggerBuild
com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider:2.18.2=swaggerBuild
com.fasterxml.jackson.jaxrs:jackson-jaxrs-base:2.16.2=swaggerDeps
com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider:2.16.2=swaggerDeps
com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations:2.18.2=jarValidation,swaggerBuild,testRuntimeClasspath
com.fasterxml.jackson.module:jackson-module-jaxb-annotations:2.16.2=swaggerDeps
com.fasterxml.jackson:jackson-bom:2.16.2=swaggerDeps
com.fasterxml.jackson:jackson-bom:2.18.2=apiHelper,compileClasspath,jarValidation,runtimeClasspath,swaggerBuild,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-annotations:2.20=apiHelper,compileClasspath,jarValidation,runtimeClasspath,swaggerBuild,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-core:2.20.0=jarValidation,swaggerBuild,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-databind:2.20.0=jarValidation,swaggerBuild,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.20.0=jarValidation,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.20.0=jarValidation,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.20.0=swaggerBuild
com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.20.0=swaggerBuild
com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-base:2.20.0=swaggerBuild
com.fasterxml.jackson.jakarta.rs:jackson-jakarta-rs-json-provider:2.20.0=swaggerBuild
com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations:2.20.0=jarValidation,swaggerBuild,testRuntimeClasspath
com.fasterxml.jackson:jackson-bom:2.20.0=apiHelper,compileClasspath,jarValidation,runtimeClasspath,swaggerBuild,testCompileClasspath,testRuntimeClasspath
com.fasterxml.woodstox:woodstox-core:7.0.0=jarValidation,testRuntimeClasspath
com.github.ben-manes.caffeine:caffeine:3.1.8=annotationProcessor,errorprone,jarValidation,testAnnotationProcessor,testRuntimeClasspath
com.github.kevinstern:software-and-algorithms:1.0=annotationProcessor,errorprone,testAnnotationProcessor
Expand Down Expand Up @@ -54,7 +45,7 @@ io.dropwizard.metrics:metrics-jetty12-ee10:4.2.26=jarValidation,testRuntimeClass
io.dropwizard.metrics:metrics-jetty12:4.2.26=jarValidation,testRuntimeClasspath
io.dropwizard.metrics:metrics-jmx:4.2.26=jarValidation,testRuntimeClasspath
io.dropwizard.metrics:metrics-jvm:4.2.26=jarValidation,testRuntimeClasspath
io.github.classgraph:classgraph:4.8.165=swaggerBuild,swaggerDeps
io.github.classgraph:classgraph:4.8.165=swaggerBuild
io.github.eisop:dataflow-errorprone:3.41.0-eisop1=annotationProcessor,errorprone,testAnnotationProcessor
io.github.java-diff-utils:java-diff-utils:4.12=annotationProcessor,errorprone,testAnnotationProcessor
io.netty:netty-buffer:4.2.4.Final=jarValidation,testCompileClasspath,testRuntimeClasspath
Expand All @@ -75,31 +66,20 @@ io.prometheus:prometheus-metrics-exposition-formats:1.1.0=jarValidation,testRunt
io.prometheus:prometheus-metrics-model:1.1.0=jarValidation,testRuntimeClasspath
io.sgr:s2-geometry-library-java:1.0.0=jarValidation,testRuntimeClasspath
io.swagger.core.v3:swagger-annotations-jakarta:2.2.22=apiHelper,compileClasspath,jarValidation,runtimeClasspath,swaggerBuild,testCompileClasspath,testRuntimeClasspath
io.swagger.core.v3:swagger-annotations:2.2.22=swaggerDeps
io.swagger.core.v3:swagger-core-jakarta:2.2.22=swaggerBuild
io.swagger.core.v3:swagger-core:2.2.22=swaggerDeps
io.swagger.core.v3:swagger-integration-jakarta:2.2.22=swaggerBuild
io.swagger.core.v3:swagger-integration:2.2.22=swaggerDeps
io.swagger.core.v3:swagger-jaxrs2-jakarta:2.2.22=swaggerBuild
io.swagger.core.v3:swagger-jaxrs2:2.2.22=swaggerDeps
io.swagger.core.v3:swagger-models-jakarta:2.2.22=swaggerBuild
io.swagger.core.v3:swagger-models:2.2.22=swaggerDeps
jakarta.activation:jakarta.activation-api:1.2.2=swaggerDeps
jakarta.annotation:jakarta.annotation-api:2.1.1=jarValidation,testRuntimeClasspath
jakarta.inject:jakarta.inject-api:2.0.1=jarValidation,testRuntimeClasspath
jakarta.servlet:jakarta.servlet-api:6.0.0=jarValidation,testCompileClasspath,testRuntimeClasspath
jakarta.validation:jakarta.validation-api:2.0.2=swaggerDeps
jakarta.validation:jakarta.validation-api:3.0.2=jarValidation,swaggerBuild,testRuntimeClasspath
jakarta.ws.rs:jakarta.ws.rs-api:3.1.0=compileClasspath,jarValidation,runtimeClasspath,swaggerBuild,testCompileClasspath,testRuntimeClasspath
jakarta.xml.bind:jakarta.xml.bind-api:2.3.3=swaggerDeps
jakarta.xml.bind:jakarta.xml.bind-api:3.0.1=swaggerBuild
javax.inject:javax.inject:1=annotationProcessor,errorprone,testAnnotationProcessor
javax.servlet:javax.servlet-api:3.1.0=swaggerDeps
javax.ws.rs:javax.ws.rs-api:2.1=swaggerDeps
junit:junit:4.13.2=jarValidation,testCompileClasspath,testRuntimeClasspath
org.antlr:antlr4-runtime:4.13.2=jarValidation,testRuntimeClasspath
org.apache.commons:commons-exec:1.5.0=jarValidation,testRuntimeClasspath
org.apache.commons:commons-lang3:3.14.0=swaggerDeps
org.apache.commons:commons-lang3:3.18.0=jarValidation,swaggerBuild,testRuntimeClasspath
org.apache.commons:commons-math3:3.6.1=jarValidation,testRuntimeClasspath
org.apache.curator:curator-client:5.9.0=jarValidation,testCompileClasspath,testRuntimeClasspath
Expand Down Expand Up @@ -170,7 +150,7 @@ org.glassfish.jersey.ext:jersey-entity-filtering:3.1.11=jarValidation,testRuntim
org.glassfish.jersey.inject:jersey-hk2:3.1.11=jarValidation,testRuntimeClasspath
org.glassfish.jersey.media:jersey-media-json-jackson:3.1.11=jarValidation,testRuntimeClasspath
org.hamcrest:hamcrest:3.0=jarValidation,testCompileClasspath,testRuntimeClasspath
org.javassist:javassist:3.30.2-GA=jarValidation,swaggerBuild,swaggerDeps,testRuntimeClasspath
org.javassist:javassist:3.30.2-GA=jarValidation,swaggerBuild,testRuntimeClasspath
org.jspecify:jspecify:1.0.0=annotationProcessor,compileClasspath,errorprone,jarValidation,runtimeClasspath,swaggerBuild,testAnnotationProcessor,testCompileClasspath,testRuntimeClasspath
org.junit.jupiter:junit-jupiter-api:5.6.2=jarValidation,testRuntimeClasspath
org.junit.platform:junit-platform-commons:1.6.2=jarValidation,testRuntimeClasspath
Expand All @@ -184,8 +164,6 @@ org.pcollections:pcollections:4.0.1=annotationProcessor,errorprone,testAnnotatio
org.semver4j:semver4j:6.0.0=compileClasspath,jarValidation,runtimeClasspath,swaggerBuild,testCompileClasspath,testRuntimeClasspath
org.slf4j:jcl-over-slf4j:2.0.17=jarValidation,testRuntimeClasspath
org.slf4j:slf4j-api:2.0.17=jarValidation,runtimeClasspath,swaggerBuild,testCompileClasspath,testRuntimeClasspath
org.slf4j:slf4j-api:2.0.9=swaggerDeps
org.xerial.snappy:snappy-java:1.1.10.8=jarValidation,testRuntimeClasspath
org.yaml:snakeyaml:2.2=swaggerDeps
org.yaml:snakeyaml:2.3=swaggerBuild
empty=apiHelperTest,compileOnlyHelper,compileOnlyHelperTest,missingdoclet,permitAggregatorUse,permitTestAggregatorUse,permitTestUnusedDeclared,permitTestUsedUndeclared,permitUnusedDeclared,permitUsedUndeclared,signatures
org.yaml:snakeyaml:2.4=swaggerBuild
empty=apiHelperTest,compileOnlyHelper,compileOnlyHelperTest,missingdoclet,permitAggregatorUse,permitTestAggregatorUse,permitTestUnusedDeclared,permitTestUsedUndeclared,permitUnusedDeclared,permitUsedUndeclared,signatures,swaggerDeps
14 changes: 7 additions & 7 deletions solr/benchmark/gradle.lockfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,13 @@
# This file is expected to be part of source control.
com.carrotsearch.randomizedtesting:randomizedtesting-runner:2.8.3=compileClasspath,jarValidation,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
com.carrotsearch:hppc:0.10.0=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-annotations:2.18.2=compileClasspath,jarValidation,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-core:2.18.2=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-databind:2.18.2=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.18.2=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.18.2=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations:2.18.2=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson:jackson-bom:2.18.2=compileClasspath,jarValidation,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-annotations:2.20=compileClasspath,jarValidation,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-core:2.20.0=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.core:jackson-databind:2.20.0=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor:2.20.0=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.20.0=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson.module:jackson-module-jakarta-xmlbind-annotations:2.20.0=jarValidation,runtimeClasspath,testRuntimeClasspath
com.fasterxml.jackson:jackson-bom:2.20.0=compileClasspath,jarValidation,runtimeClasspath,testCompileClasspath,testRuntimeClasspath
com.fasterxml.woodstox:woodstox-core:7.0.0=jarValidation,runtimeClasspath,testRuntimeClasspath
com.github.ben-manes.caffeine:caffeine:3.1.8=annotationProcessor,errorprone,jarValidation,runtimeClasspath,testAnnotationProcessor,testRuntimeClasspath
com.github.kevinstern:software-and-algorithms:1.0=annotationProcessor,errorprone,testAnnotationProcessor
Expand Down
1 change: 1 addition & 0 deletions solr/core/build.gradle
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ description = 'Apache Solr Core'

dependencies {
api platform(project(":platform"))
permitUnusedDeclared platform(project(":platform"))
// Spotbugs Annotations are only needed for old findbugs
// annotation usage like in Zookeeper during compilation time.
// It is not included in the release so exclude from checks.
Expand Down
Loading