Server

Upgrade from LTS 2019 to Nuxeo Platform Cloud 2020

Updated: October 15, 2020

For the general upgrade process, see the page Upgrading the Nuxeo Platform.

This chapter highlights some major information about upgrade from Nuxeo Platform LTS 2019 (10.10) to Nuxeo Platform Cloud 2020 (10.10). We strongly encourage you to also have a quick read of the upgrade notes.

Prerequisites

This upgrade notes assumes that Nuxeo Server is up to date in 10.10 before the upgrade, which means:

  • Nuxeo Server is on 10.10 with the latest hotfixes
  • All the migrations have been successfully completed (comments and trash).

Installation and Configuration

Disable Tomcat AJP Connector

For security reasons (CVE-2020-1938), AJP is now disabled by default. To re-enabled it, the following properties must be defined:

  • nuxeo.server.ajp.enabled=true
  • nuxeo.server.ajp.secretRequired=true
  • nuxeo.server.ajp.secret=changeme

The secret must also be mentioned in the mod_proxy_ajp configuration, see Apache documentation for more.

If one is sure that the AJP port cannot be accessed by any untrusted hosts, then the following configuration is possible:

  • nuxeo.server.ajp.enabled=true
  • nuxeo.server.ajp.secretRequired=false

 More on JIRA ticket NXP-28703

Allow Some Runtime Configuration in Nuxeo Docker Images

To control the JVM heap size with the new options (since Java 10): InitialRAMPercentage and MaxRAMPercentage, in nuxeo.conf, we've changed:

JAVA_OPTS=-Xms512m -Xmx1024m

to:

JAVA_OPTS=-XX:InitialRAMPercentage=3 -XX:MaxRAMPercentage=25

See the best practices about the Java Virtual Machine Settings for more information.

 More on JIRA ticket NXP-28145

Create ClusterService to Hold Cluster Node Info

When configuring Nuxeo in cluster mode, the configuration is now done with:

nuxeo.cluster.enabled=true
nuxeo.cluster.nodeid=...

You should specify a nuxeo.cluster.nodeid even if you don't activate clustering, as it may help debugging (in particular Stream-based Pub/Sub).

The previous Framework properties (repository.clustering.enabled=true, repository.clustering.id=...) are still available for backward compatibility.

Note that repository.clustering.delay still exists but is only meaningful for VCS when used with the legacy and deprecated JDBCClusterInvalidator (which is not the default anymore since Nuxeo 9.1 (NXP-21801)).

 More on JIRA ticket NXP-25499

Behavior Changes

Strict Mode by Default for nuxeoctl Start

nuxeoctl now starts a Nuxeo server in strict mode by default. --force and --strict have no impact.

To start a Nuxeo server but aborting in error the start command when a component cannot be activated or if a server is already running, use the --lenient option.

$ nuxeoctl start --lenient

 More on JIRA ticket NXP-20418

Core Storage

Behavior Changes

MongoDB Repository Configuration Descriptors

Contributions including a MongoDB nativeId, sequenceBlockSize or childNameUniqueConstraintEnabled are now correctly merged.

 More on JIRA ticket NXP-28770

Document Creator And Contributors Injection/Impersonation

The following dublincore properties are now secured from edition:

  • dc:created
  • dc:modified
  • dc:creator
  • dc:lastContributor
  • dc:contributors

This means you have to be administrator to edit these properties. In tests, you can do the following:

Framework.doPrivileged(() -> doc.setPropertyValue("dc:creator", "john"));

or:

CoreInstance.doPrivileged("default", session -> {
    DocumentModel doc = session.createDocumentModel("/", "file", "File");
    doc.setPropertyValue("dc:creator", "john");
    return session.createDocument(doc);
});

In order to declare a property secured you can contribute the following:

<component name="my.component.name" version="1.0">
  <extension target="org.nuxeo.ecm.core.schema.TypeService" point="schema">
    <property schema="YOUR_SCHEMA" name="PROP_NAME" secured="true" />
  </extension>
</component>
You can also relax the constraint on a secured property, for example dc:creator with:
<component name="my.component.name" version="1.0">
  <require>org.nuxeo.ecm.core.CoreExtensions</require>
  <extension target="org.nuxeo.ecm.core.schema.TypeService" point="schema">
    <property schema="dublincore" name="created" secured="false" />
  </extension>
</component>

 More on JIRA ticket NXP-27137

Nuxeo API Changes

New Endpoint to Get All Comments for 50+ Annotations Documents

  • REST API: The endpoint GET /nuxeo/api/v1/id/DOC_ID/@annotation/comments has been deprecated in favor of POST /nuxeo/api/v1/id/DOC_ID/@annotation/comments.

    The annotationIds are now given in the payload request as a simple json array.

    For instance:

      curl -XPOST http://localhost:8080/nuxeo/api/v1/id/DOC_ID/@annotation/comments -d '[ "ANNOT_ID1", "ANNOT_ID2", ...  ]'
    
  • Java API Added:

      CommentManager#getComments(CoreSession session, Collection<String> documentIds)
      AnnotationAdapter#getCommentsFromBody(String payload)
    

    Deprecated:

      AnnotationAdapter#getComments(@QueryParam("annotationIds") List<String> annotationIds)
    

 More on JIRA ticket NXP-29610

Remove "session id" Notion From CoreSession and DocumentModel

New methods:

  • DocumentModel.getPrincipal()
  • DocumentModel.attach(CoreSession)
  • DocumentModel.isAttached()
  • CoreInstance.getCoreSession() various signatures, as replacements for deprecated openCoreSession()
  • CoreInstance.getCoreSessionSystem() various signatures, as replacements for deprecated openCoreSessionSystem()

Deprecated methods/fields/classes:

  • DocumentModel.getSessionId()
  • DocumentModel() constructors with sid parameter
  • CoreInstance.openCoreSession() various signatures (use getCoreSession() instead)
  • CoreInstance.openCoreSessionSystem() various signatures (use getCoreSessionSystem() instead)
  • CoreInstance.closeCoreSession() (does nothing)
  • DocumentModelFactory.createDocumentModel(type, id) (was unused)
  • CoreEventConstants.SESSION_ID (was unused for a long time)
  • CoreSessionService.releaseCoreSession(CoreSession) (does nothing)
  • CloseableCoreSession (use CoreSession instead)

New INTERNAL methods:

  • DocumentModel() constructor with CoreSession, repositoryName, NuxeoPrincipal parameters
  • DocumentModelFactory.createDocumentModel() signatures with CoreSession parameter
  • BaseSession.createEntryModel(schema, id, values, readOnly) and variations (directory class)

Removed methods/fields/classes (these were INTERNAL implementation details):

  • DocumentModel.attach(sid)
  • DocumentModelFactory.createDocumentModel() signatures with sid parameter
  • CoreSession.isLive(boolean)
  • CoreSession.getSessionId()
  • CoreInstance.getSession(sid)
  • CoreSessionService.getCoreSession(sid)
  • CoreSessionService.getCoreSessionRegistrationInfos()
  • BaseSession.createEntryModel() signatures with sid parameter (directory class)
  • LocalException (DocumentNotFoundException is thrown instead)
  • CoreSessionRegistrationInfo
  • SessionInfo
  • SIDGenerator

 More on JIRA ticket NXP-28799

ConfigurationService API

APIs below were deprecated:

  • String getProperty(String) in favor of Optional<String> getString(String)
  • String getProperty(String, String) in favor of String getString(String, String)
  • boolean isBooleanPropertyTrue(String) in favor of boolean isBooleanTrue(String) (same behavior)
  • boolean isBooleanPropertyFalse(String) in favor of boolean isBooleanFalse(String) - new API returns true if and only if property value is false, it wasn't the case for isBooleanPropertyFalse which returns true if property value is not blank and is not true.

 More on JIRA ticket NXP-26181

Cannot use multi repository (XA mode) with PostgreSQL

The following APIs are deprecated and will be removed in the future:

  • TransactionHelper.suspendTransaction
  • TransactionHelper.resumeTransaction
  • TransactionHelper.requireNewTransaction

Instead, the following APIs should be used:

  • TransactionHelper.runInNewTransaction
  • TransactionHelper.runWithoutTransaction

 More on JIRA ticket NXP-274915

Operations and Automation

GET Call to an Operation's @async Returns a JSON

Result of a GET call to an operation's @async adapter is now always JSON. Previously when the result of the operation had a URL we returned a redirect to download the file but, in order to workaround the opaque redirect limitation, we are now returning the JSON object with the absolute URL. Clients should follow the URL manually to trigger the download.

 More on JIRA ticket NXP-28608

Operation Document.AddPermission "users" Field Now Supports Stringlist

Document.AddPermission operation use now StringList type for users field.

 More on JIRA ticket NXP-26773

Error Management on Invalid Operation/Chain/Codec Registration

Operation chain contributions should now require contributions holding operations that they reference.

The following issue will now prevent server from starting in strict mode:

  • invalid chain declaration, referencing an operation unknown to the service at registration time
  • invalid operation class declaration (class not found or not an operation)
  • invalid automation codec class declaration (class not found or not a codec)

 More on JIRA ticket NXP-29499

Fn.htmlEscape is Now Available in JS Automation

The following methods become non-static to be available via JS automation:

  • org.nuxeo.ecm.automation.features.PlatformFunctions#htmlEscape
  • org.nuxeo.ecm.automation.features.PlatformFunctions#nxqlEscape

You can use them directly through the Fn object:

var escapedHtml = Fn.htmlEscape(html)
var escapedNxql = Fn.nxqlEscape(nxql)

When used in Java code, you must update your code from:

String htmlEscaped = PlatformFunctions.htmlEscape(html);
String nxqlEscaped = PlatformFunctions.nxqlEscape(nxql);

to:

PlatformFunctions pf = new PlatformFunctions();
String nxqlEscaped = pf.nxqlEscape(nxql);

 More on JIRA ticket NXP-27294

Make Tests Stop Depending on nuxeo-automation-client

Tests depending on EmbeddedAutomationServerFeature can now make use of a limited-functionality org.nuxeo.ecm.automation.test.HttpAutomationClient (in a new package) that does direct HTTP calls and doesn't attempt to map JSON responses to a domain-level object model like Document, etc.

@Inject
protected Session session;

becomes:

@Inject
protected HttpAutomationSession clientSession;

 More on JIRA ticket NXP-28581

Rename the Parameter "overwite" of filemanager.import to "overwrite"

In the FileManager.Import operation, the misspelled param overwite has been renamed to overwrite:

  • overwite is now deprecated, no more used and replaced by overwrite.
  • overwite is kept as an alias for backward compatibility.

 More on JIRA ticket NXP-29286

Workflow

Behavior Changes

Workflow Page Providers Now Used the ecm:isTrashed Attribute

Workflow page providers now used the ecm:isTrashed attribute.

 More on JIRA ticket NXP-29183

Elasticsearch

Behavior Changes

Make Elasticsearch Hints an Extension Point

Elasticsearch hints are now exposed as extension point. To contribute or override an existing Elasticsearch hint, you should provide a name for your Elasticsearch hint and an implementation of org.nuxeo.elasticsearch.api. ESHintQueryBuilder.

The new way to expose the ES hints is by creating a contribution as below:

  • We add new Extension Point to our existing ESComponent: org.nuxeo.elasticsearch.ElasticSearchComponent
  • The name of XP is elasticSearchHints.
  • At the end our "fuzzy" switch case, will be done like below:

    <component name="org.nuxeo.elasticsearch.hint.contrib">
    <require>org.nuxeo.elasticsearch.ElasticSearchComponent</require>
    
    <extension point="elasticSearchHints" target="org.nuxeo.elasticsearch.ElasticSearchComponent">
      <hint name="match" class="org.nuxeo.elasticsearch.hint.MatchESHintQueryBuilder" />
      <hint name="match_phrase" class="org.nuxeo.elasticsearch.hint.MatchPhraseESHintQueryBuilder" />
      <hint name="match_phrase_prefix" class="org.nuxeo.elasticsearch.hint.MatchPhrasePrefixESHintQueryBuilder" />
      <hint name="multi_match" class="org.nuxeo.elasticsearch.hint.MultiMatchESHintQueryBuilder" />
      <hint name="regex" class="org.nuxeo.elasticsearch.hint.RegexESHintQueryBuilder" />
      <hint name="fuzzy" class="org.nuxeo.elasticsearch.hint.FuzzyESHintQueryBuilder" />
    </extension>
    </component>
    

More details in the Nuxeo How to documentation

 More on JIRA ticket NXP-21874

Import

Behavior Changes

Initialize Filename With Blob Name in FileImporterContext

Since 11.1 if the file name of the FileImporterContext is missing then it will be filled with the Blob's file name.

This means that you no longer need to add control to avoid an empty filename outside of the FileImporterContext class, for example see the snippet code below AudioImporter:

// code placeholder
@@ -57,8 +56,7 @@ public class AudioImporter extends AbstractFileImporter {
         CoreSession session = context.getSession();
         Blob blob = context.getBlob();

-        String filename = FileManagerUtils.fetchFileName(
-                StringUtils.defaultIfBlank(context.getFileName(), blob.getFilename()));
+        String filename = FileManagerUtils.fetchFileName(context.getFileName());

 More on JIRA ticket NXP-26780

Don't Timeout During Long Imports

It is no more possible to call FileManager.Import in a sychronous event, it has to be done in an asynchronous event. See NXP-28534.

 More on JIRA ticket NXP-27346

Monitoring

Behavior Changes

Tagging for Datadog Metrics

Many metrics names have been renamed in order to support tagging which is necessary for Datadog and Prometheus support.

Visit the documentation for more information.

Metric names updated to use tag but that generates different metric names in Graphite:

# global metrics for all cluster
nuxeo.works.global.queue.scheduled{queue=$queue}
nuxeo.works.global.queue.running{queue=$queue}
nuxeo.works.global.queue.completed{queue=$queue}
# local metrics per node
nuxeo.works.local.queue.timer{queue=$queue}

Metric names updated to use tag but without changing metric name in Graphite:

# local metrics on computation
nuxeo.stream.computation.running{computation=$computation}
nuxeo.stream.computation.failure{computation=$computation}
nuxeo.stream.computation.skippedRecord{computation=$computation}
nuxeo.stream.computation.processRecord{computation=$computation}
nuxeo.stream.computation.processTimer{computation=$computation}

# elasticsearch service metrics timer, service in index, delete, bulkIndex, search, scroll and fetch:
nuxeo.elasticsearch.service.timer{service=service}

# cache
nuxeo.cache.*{cache=$cache}

 More on JIRA ticket NXP-28639

Change Default Datadog Poll Intervar to 1min

The option to configure the metrics poll interval for Datadog is now metrics.datadog.pollInterval and default is 60 (previously datadog.pollinterval=10)

 More on JIRA ticket NXP-28760

Nuxeo Streams

Behavior Changes

Keystore Is Now Optional With Kafka SSL Enabled

The SSL keystore is not mandatory for all Kafka setups. Kafka can work with several security configurations independently.

The best way to infer the need for an SSL keystore is to check if its path is set up in the configuration.

 More on JIRA ticket NXP-27904

Namespaces for Stream and Consumer Group Names Stream and Consumer Group Names Have Changed

To upgrade:

  1. Wait for any asynchronous processing to be done, there must be no activity and no error,
  2. Stop the Nuxeo cluster,
  3. Drop the entire Kafka topics or Chronicle Queue directory,
  4. Upgrade the Nuxeo cluster, streams will be created with new names.

Note that custom code is backward compatible and will continue to work even with name without namespace, but names have been enforced and must match:

[A-Za-z0-9][A-Za-z0-9_]*

or you get:

IllegalArgumentException: Invalid name without namespace: 'foo.bar'

 More on JIRA ticket NXP-28877

WorkManager

Behavior Changes

StreamWorkManager Workaround for Large Work

The wrongly named class LogConfigDescriptor.StreamDescriptor has been renamed to LogConfigDescriptor.LogDescriptor.

 More on JIRA ticket NXP-26691

Addons

Web UI - Take Into Account the Commentable Facet

Comments will only be available for document with the Commentable facet.

Note that on 10.10, this check will only be done when setting the org.nuxeo.web.ui.enforceCommentable conf property to true:

<require>org.nuxeo.web.ui.properties.contrib</require>
<extension target="org.nuxeo.runtime.ConfigurationService" point="configuration">
  <property name="org.nuxeo.web.ui.enforceCommentable">true</property>
</extension>

to avoid a breaking change.

 More on JIRA ticket NXP-27963

Web UI - Leverage Validation Report Client Side and Allow Async Layout Validation

  • Layout validate method can now return a Promise in which case it must resolve to true to validate the layout.
  • Server-side schema constraint violations are now reported at the top of the create and edit form layout.
  • Server-side, you can now trigger a global validation error by throwing the following exception:
    throw new DocumentValidationException("your.error.message");
    

in a synchronous listener on aboutToCreate or beforeDocumentModification. Note that your listener must bubble the exception to prevent the creation or modification. The error message of the exception will be translated Web UI (client) side and reported at the top of the create or edit form.

 More on JIRA ticket NXP-27982

Web UI - Integrate Spreadsheet App Code in Nuxeo-Spreadsheet Web UI Addon

Nuxeo Spreadsheet is no longer a marketplace package, it is bundled with Web UI behind a feature flag. To enable Nuxeo Spreadsheet the new configuration property org.nuxeo.web.ui.spreadsheet.enabled should be set to true: <extension target="org.nuxeo.runtime.ConfigurationService" point="configuration"> <property name="org.nuxeo.web.ui.spreadsheet.enabled">true</property> </extension>

 More on JIRA ticket NXP-27416

Web UI - Fix Selection Toolbar in Ordered Folders

Content distributed to "selectionActions" slot in <nuxeo-results> is no longer wrapped with a <nuxeo-actions-menu>. When overriding the default content be sure to wrap the actions or the <nuxeo-slot> with a <nuxeo-actions-menu> if you want to keep previous behavior.

 More on JIRA ticket NXP-28977

Web UI - Allow using automation API in nuxeo-page-provider

This introduces a new Web UI configuration property org.nuxeo.web.ui.pageprovider.method which by default is GET but can be changed to POST, in which case search requests will leverage the Automation API.

<extension target="org.nuxeo.runtime.ConfigurationService" point="configuration">
  <property name="org.nuxeo.web.ui.pageprovider.method">POST</property>
</extension>

 More on JIRA ticket NXP-29126

Miscellaneous

Behavior Changes

Move RequestContext and RequestContextFilter to nuxeo-platform-web-common

RequestContext and RequestContextFilter have been moved from WebEngine to nuxeo-platform-web-common.

They have to be imported from org.nuxeo.ecm.platform.web.common.RequestContext and org.nuxeo.ecm.platform.web.common.RequestCleanupHandler (they were previously under org.nuxeo.ecm.webengine.jaxrs.context).

Maven dependency to add:

<dependency>
  <groupId>org.nuxeo.ecm.platform</groupId>
  <artifactId>nuxeo-platform-web-common</artifactId>
</dependency>

 More on JIRA ticket NXP-26710

Fix Collections Drawer Refresh When Trashing/Restoring a Collection

The nuxeo-documents-untrashed event payload is now consistent with the other similar event payloads and, instead of having only documents uids, contains the complete documents.

 More on JIRA ticket NXP-28902

Quota Exception Not Raised When Version Is Incremented

Behavior of quota computation and check has changed for versioning.

Now we compute and check the quotas on the aboutToCheckIn event instead of computing the quotas on the documentCheckedIn one and checking the quotas on the documentCheckedOut one.

 More on JIRA ticket NXP-26841

Fix Retrieval of Personal Workspace for User With Special Characters

Retrieving a User Workspace through UserWorkspaceService requires that the user (NuxeoPrincipal) exists in the Nuxeo Platform.

 More on JIRA ticket NXP-26003

Don't Do Orphan Versions Cleanup by Default

Orphan versions cleanup is now disabled by default, and can be re-enabled (if its performance is acceptable) by doing:

<require>org.nuxeo.ecm.core.orphanVersionsCleanup</require>
  <extension point="listener" target="org.nuxeo.ecm.core.event.EventServiceComponent">
    <listener name="orphanVersionsCleanup" enabled="true" />
</extension>

 More on JIRA ticket NXP-24819

Fix Some Nuxeo Maven Groups

Old groupId:artifactId --> new groupId:artifactId for the following maven modules:

  • org.nuxeo:nuxeo-dmk-adaptor --> org.nuxeo.ecm.platform:nuxeo-dmk-adaptor
  • org.nuxeo:nuxeo-platform-lang-ext --> org.nuxeo.ecm.platform:nuxeo-platform-lang-ext
  • org.nuxeo:nuxeo-platform-lang-ext-incomplete --> org.nuxeo.ecm.platform:nuxeo-platform-lang-ext-incomplete
  • org.nuxeo.binary.metadata:nuxeo-binary-metadata --> org.nuxeo.ecm.platform:nuxeo-binary-metadata

 More on JIRA ticket NXP-29046

Document.Lock Can Be Call Several Times for the Same User

The behavior of AbstractSession.setLock has been modified to meet the requirement "Document.Lock called twice should not fail".

Now if you try to lock a document locked by you, you will only get your original lock.

 More on JIRA ticket NXP-24359

Document Path Not Available in emptyDocumentmodelCreated Event Context

DocumentModel#getRef behavior has changed when called on a non-saved document. Before it was always returning null, now it may return a non-null PathRef value.

If DocumentModel#getRef was wrongly used to test if a document is saved or not, code must be updated to rely on DocumentModel#getId instead.

 More on JIRA ticket NXP-26903

Upgrade to Apache PDFBox 2.0.19

The upgrade of Apache PDFBox from 1.8.16 to 2.0.19 introduces breaking changes to the library, code relying on it must be updated.

See the Migration to PDFBox 2.0.0 guide.

 More on JIRA ticket NXP-28825

Upgrade to mockserver-netty 5.10.0

import org.mockserver.client.server.MockServerClient;

becomes:

import org.mockserver.client.MockServerClient;

Use try-with-resource on MockServerClient:

try {
    MockServerClient client = new MockServerClient("localhost", PORT);
    …
}

becomes:

try (MockServerClient client = new MockServerClient("localhost", PORT)) {
   …
}

 More on JIRA ticket NXP-28818

Farewell

Remove Deprecated org.nuxeo.ecm.core.model.LockManager

The internal interface org.nuxeo.ecm.core.model.LockManager has been removed, org.nuxeo.ecm.core.api.lock.LockManager should be used instead.

 More on JIRA ticket NXP-29654

Remove Old JDBCClusterInvalidator for VCS

The configuration property repository.clustering.delay is now fully unused (all clustering invalidation propagation is immediate).

The unused class JDBCClusterInvalidator has been removed.

The configuration property repository.clustering.delay is not used anymore, and in the <repository> extension point, the <clustering> part doesn't exist anymore.

(Note that the <clustering> id= and enabled= attributes were removed from the <repository> extension point by NXP-25499.)

 More on JIRA ticket NXP-28891

Dependencies Upgrade Versions

Component Nuxeo Platform LTS 2019 Nuxeo Platform Cloud 2020
ant-maven-assembly-plugin 2.1.2 2.1.3
Apache HttpComponents 4.5.6 4.5.11
Apache HttpCore 4.4.10 4.4.13
ASM 6.2.1 7.3.1
assertj-core 3.8.0 3.14.0
avro 1.8.2 1.9.2
AWS SDK 1.11.516 1.11.738
Axiom 1.2.20 1.2.22
Batik 1.10 1.12
BouncyCastle 1.60 1.64
bsh 2.0b1 2.0b4
cglib-nodep 2.2.2 3.3.0
chronicle 2.17.92 2.17.465
Commons Codec 1.11 1.14
Commons Collections 4.1 4.4
Commons CSV 1.5 1.7
Commons Fileupload 1.3.3 1.4
Commons Lang3 3.8 3.9
Commons Pool2 2.6.0 2.8.0
Commons Text 1.4 1.8
Commons VFS2 2.2 2.6.0
com.sun.xml.bind:jaxb-impl 2.3.0.1 2.3.3
CORS Filter 2.6 2.8
dependency-check-maven 3.3.2 5.2.4
dnsjava 2.1.8 2.1.9
dom4j 1.6.1 2.1.1
Dumbster 1.6 1.7
ESAPI 2.1.0.1 2.2.0.0
fast-classpath-scanner 2.0.4 ClassGraph 4.8.60
freemarker 2.3.28 2.3.29
Gatling 2.3.1 3.3.1
Gatling plugin 2.2.4 3.0.4
Guava 26.0 28.2
ICU4J 62.1 65.1
ISOParser 1.9.27 1.9.41
Jackrabbit 2.17.5 2.20.0
Jackson 2.9.10 2.10.2
jacoco-maven-plugin 0.8.1 0.8.2
JAI 1.1.2_01 1.1.3
jansi 1.17.1 1.18
javassist 3.21.0-GA 3.26.0-GA
Java JWT 3.4.0 3.9.0
javax.json 1.1.2 1.1.4
javax.mail:mail 1.4.5 1.4.7
Javax transaction 1.1 1.3
javax.xml.bind:jaxb-api 2.2.11 jakarta.xml.bind:jakarta.xml.bind-api:2.3.3
jaxen 1.1.6 1.2.0
JClouds 2.1.1 2.2.0
Jettison 1.3.7 1.4.0
JGiven 0.16.0 0.18.2
JMock 2.8.4 2.12.0
joda-time 2.9.2 2.10.5
Jolokia 1.3.3 1.6.2
json-simple 1.1 1.1.1
JSONAssert 1.2.3 1.5.0
junit 4.12 4.13
Jxls jxls 1.0.6-NX01 jxls 1.0.6-NX02, jxls2 2.8.0
Log4j 2.11.1 2.13.0
maven-compiler-plugin 3.1 3.8.0
maven-dependency-analyzer 1.11.0 1.11.1
maven-dependency-plugin 2.10 5.2.4
maven-shade-plugin 3.1.1 3.2.1
mockserver-netty 3.10.4 5.10.0
Metrics 4.0.3 Metrics5 5.0.0-rc3
metrics-datadog 1.0.2 2.0.0-RC1
MongoDB Java Driver 3.8.1 3.12.1
Mongo quartz 2.0.0-NX3 2.1.0-NX1
MVEL 2.4.2.Final 2.4.5.Final
mysql-connector-java 8.0.13 8.0.19
onedrive 1.0 2.0
OpenPDF 1.2.1 1.3.12
PDFBox 1.8.16 2.0.19
pdf-html 1.2.1 1.2.16
POI 3.17 4.1.2
PostgreSQL Java Driver 42.2.5 42.2.9
quartz 2.3.0 2.3.2
Restlet 2.4.1 2.4.2
scala-maven-plugin 3.3.2 4.3.1
SLF4J 1.7.21 1.7.30
snakeyaml 1.21 1.25
stax-ex 1.7.8 1.8.2
Surefire 2.22.0 2.22.2
Wink Client 1.3.0 1.4
xerces 2.12.0 2.12.0-nx1
XBean Naming 3.18 4.15
Xmlbeans 3.0.1 3.1.0
XOM 1.2.5 1.3.2
XStream 1.4.11 1.4.11.1
webdav-jaxrs 1.2.1 1.2.1-nx1

Dependencies Removal

Removed component
com.sun.xml.bind:jaxb-core

Complementary Information

We'd love to hear your thoughts!

All fields required