Uploaded image for project: 'RAML Module Builder'
  1. RAML Module Builder
  2. RMB-647

Investigation/Design: Convert GenerateRunner into maven plugin

    XMLWordPrintable

Details

    • CP: sprint 92, CP: sprint 94, CP: sprint 95, CP: sprint 96, CP: sprint 97, CP: sprint 98, CP: sprint 99, CP: sprint 100, CP: sprint 101, CP: sprint 102, CP: sprint 103, CP: sprint 105
    • 8
    • Core: Platform
    • R1 2021

    Description

      domain-model-runtime ships with the complete domain-models-interface-extensions submodule that contains the GenerateRunner class to generate Java files from RAML files.

      We need this at compile time only.

      The clean solution is a maven plugin, for example rmb-maven-plugin, that runs at compile time, and will not be included into the runtime artifact.

      The RAML generating code is based on a library that uses Guava 19 that has a security vulnerability (RMB-283) and the library breaks for fixed Guava versions.
      By moving the generating code into a maven plugin that runs a compile time only we can avoid to ship the runtime with vulnerable Guava.

      TestRail: Results

        Attachments

          Issue Links

            blocks

            Task - A task that needs to be done. MODEUS-86 Guava security vulnerability CVE-2018-10237

            • TBD - To be determined
            • Closed

            Task - A task that needs to be done. MODEUSHARV-11 Guava security vulnerability CVE-2018-10237

            • TBD - To be determined
            • Closed

            Task - A task that needs to be done. MODLOGSAML-76 Upgrade to RMB 31.x and JDK 11

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Story - Created by Jira Software - do not edit or delete. Issue type for a user story. MODLOGSAML-86 Upgrade mod-login-saml to RMB v33 (and JDK11)

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. RMB-283 com.google.guava 19.0 security vulnerabilities (CVE-2018-10237)

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. RMB-571 Remove com.google Guava runtime dependency

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed
            duplicates

            Task - A task that needs to be done. RMB-233 Avoid bundling GenerateRunner

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed
            is cloned by

            Task - A task that needs to be done. RMB-785 Implementation/Testing/Code Review: Convert GenerateRunner into maven plugin

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            relates to

            Task - A task that needs to be done. RMB-328 Make RMB OpenJDK 11 compliant

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Story - Created by Jira Software - do not edit or delete. Issue type for a user story. RMB-852 Update documentation for domain-models-interface-extensions removal

            • P2 - normal priority level, must be included in the current development cycle
            • Closed

            Activity

              People

                julianladisch Julian Ladisch
                julianladisch Julian Ladisch
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases