Skip to content

Minor improvements to manage migrations #422

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
tuplle merged 6 commits into from
Mar 10, 2026
Merged

Minor improvements to manage migrations #422

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
a5bb215
Added `ApplicationShutdownProvider` to enable graceful application sh…
tuplle Mar 9, 2026
938d94c
Add `MigrationProperties` to configure migration behavior
tuplle Mar 9, 2026
815e2f6
Increased `sleep` duration to allow elastic executor and related proc…
tuplle Mar 9, 2026
00d04bb
Update GitHub Actions dependencies and services
tuplle Mar 10, 2026
384252c
Update Maven repositories and workflows
tuplle Mar 10, 2026
9f90ce5
Add UserServiceTest and improve graceful shutdown handling
tuplle Mar 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 15 additions & 33 deletions .github/workflows/master-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,22 +9,16 @@ jobs:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
with:
fetch-depth: 0

- name: Set up JDK 11
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
distribution: 'temurin'
cache: maven

- name: Build
run: mvn clean verify -DskipTests=true
Expand All @@ -36,7 +30,7 @@ jobs:
timeout-minutes: 90
services:
mongo:
image: mongo:4.4
image: mongo:6
ports:
- 27017:27017

Expand All @@ -46,7 +40,7 @@ jobs:
- 6379:6379

elasticsearch:
image: elasticsearch:7.17.3
image: elasticsearch:7.17.28
ports:
- 9200:9200
- 9300:9300
Expand All @@ -67,15 +61,16 @@ jobs:
echo $ELASTIC_SEARCH_URL
curl -fsSL "$ELASTIC_SEARCH_URL/_cat/health?h=status"

- uses: actions/checkout@v3
- uses: actions/checkout@v6
with:
fetch-depth: 0

- name: Set up JDK 11
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'
distribution: 'temurin'
cache: maven

# - name: Cache SonarCloud packages
# uses: actions/cache@v3
Expand All @@ -84,13 +79,6 @@ jobs:
# key: ${{ runner.os }}-sonar
# restore-keys: ${{ runner.os }}-sonar

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2

- name: Generate certificates
run: cd src/main/resources/certificates && openssl genrsa -out keypair.pem 4096 && openssl rsa -in keypair.pem -pubout -out public.crt && openssl pkcs8 -topk8 -inform PEM -outform DER -nocrypt -in keypair.pem -out private.der && cd ../../../..

Expand All @@ -113,23 +101,17 @@ jobs:
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
with:
token: ${{ secrets.PUSH_DOCS }}
fetch-depth: 0

- name: Set up JDK 11
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
distribution: 'temurin'
cache: maven

- name: Build
run: mvn clean package install -DskipTests=true
Expand All @@ -139,7 +121,7 @@ jobs:
mvn javadoc:javadoc
cp -r ./target/apidocs/* ./docs/javadoc/

- uses: EndBug/add-and-commit@v8
- uses: EndBug/add-and-commit@v9
with:
add: docs
pathspec_error_handling: exitImmediately
Expand Down
32 changes: 10 additions & 22 deletions .github/workflows/pr-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,22 +8,16 @@ jobs:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
with:
fetch-depth: 0

- name: Set up JDK 11
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
distribution: 'temurin'
cache: maven

- name: Build
run: mvn clean verify -DskipTests=true
Expand All @@ -35,7 +29,7 @@ jobs:
timeout-minutes: 200
services:
mongo:
image: mongo:4.4
image: mongo:6
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Check elasticsearch and MongoDB driver versions in pom.xml
rg -n "elasticsearch.version|mongodb" pom.xml | head -20

Repository: netgrif/application-engine

Length of output: 569

🏁 Script executed:

#!/bin/bash
# Get Spring Boot version and MongoDB driver details
rg -n "spring.boot.version|<version>|spring-boot-starter" pom.xml | grep -E "(spring.boot.version|spring-boot-starter-data-mongodb)" | head -10

Repository: netgrif/application-engine

Length of output: 143

🏁 Script executed:

#!/bin/bash
# Get more context around spring-boot-starter-data-mongodb to see versions
rg -A 3 -B 1 "spring-boot-starter-data-mongodb" pom.xml

Repository: netgrif/application-engine

Length of output: 245

🏁 Script executed:

#!/bin/bash
# Check the workflow file to confirm the version changes mentioned
cat .github/workflows/pr-build.yml | grep -n "mongo\|elasticsearch" | head -20

Repository: netgrif/application-engine

Length of output: 271

🏁 Script executed:

#!/bin/bash
# Find Spring Boot version
rg -n "spring-boot-starter-parent|spring.boot.version" pom.xml | head -5

Repository: netgrif/application-engine

Length of output: 132

🏁 Script executed:

#!/bin/bash
# Look at the parent section of pom.xml
head -50 pom.xml | grep -A 5 "parent"

Repository: netgrif/application-engine

Length of output: 194

🏁 Script executed:

#!/bin/bash
# Get the full parent section with version
rg -A 3 "spring-boot-starter-parent" pom.xml | head -10

Repository: netgrif/application-engine

Length of output: 201

🏁 Script executed:

#!/bin/bash
# Check if there's an explicit mongodb driver version specified
rg -n "mongodb.version|mongo-java-driver" pom.xml

Repository: netgrif/application-engine

Length of output: 52

🏁 Script executed:

#!/bin/bash
# Look for all mongodb-related dependencies with versions
rg -B 2 -A 2 "mongodb" pom.xml | grep -E "(groupId|artifactId|version)" | head -30

Repository: netgrif/application-engine

Length of output: 608

🏁 Script executed:

#!/bin/bash
# Get the exact Spring Boot 2.7.18 MongoDB driver version bundled
# First, let's see if there's a spring-boot-starter-data-mongodb with explicit version
rg -B 5 -A 5 "spring-boot-starter-data-mongodb" pom.xml

Repository: netgrif/application-engine

Length of output: 391

🌐 Web query:

MongoDB Java driver 4.6.0 compatibility with MongoDB 6 server

💡 Result:

Yes—MongoDB Java Driver 4.6.0 can connect to and work with MongoDB Server 6.0, but it’s marked “⊛” in MongoDB’s official compatibility table, meaning it works, but does not support all newer server features. [1]

If you want a driver version that’s fully compatible (“✓”) with MongoDB 6.0, MongoDB’s table indicates Java driver 4.7+ (and newer) is recommended. [1]

Source
[1] MongoDB Docs – Java Driver compatibility table (shows 4.3–4.6 as ⊛ for MongoDB 6.0, and explains ⊛ vs ✓): (mongodb.com)

Citations:

🌐 Web query:

Spring Boot 2.7.18 MongoDB driver version included bundled

💡 Result:

Spring Boot 2.7.18 (via its dependency management / spring-boot-dependencies BOM) bundles/manages MongoDB Java Driver 4.6.1:

  • org.mongodb:bson 4.6.1
  • org.mongodb:mongodb-driver-core 4.6.1
  • org.mongodb:mongodb-driver-sync 4.6.1
  • org.mongodb:mongodb-driver-reactivestreams 4.6.1
  • org.mongodb:mongodb-driver-legacy 4.6.1 [1]

Source: Spring Boot’s managed dependency versions table for 2.7.18 (shown on the 2.7.18-SNAPSHOT reference docs, matching the 2.7.18 line). [1]

References
[1] Spring Boot 2.7.18 dependency versions (managed dependencies) https://docs.spring.io/spring-boot/docs/2.7.18-SNAPSHOT/reference/html/dependency-versions.html

Upgrade MongoDB Java driver to 4.7+ for full MongoDB 6 compatibility.

The service container versions have been bumped:

  • MongoDB: 4.4 → 6
  • Elasticsearch: 7.17.3 → 7.17.28

Spring Boot 2.7.18 bundles MongoDB Java Driver 4.6.1, which works with MongoDB 6 but only with partial support (⊛). Per MongoDB's official compatibility table, Java driver 4.7+ is required for full (✓) compatibility with MongoDB 6. The Elasticsearch client version 7.17.2 is compatible with server 7.17.28 (same minor version, patch release difference).

Upgrade the MongoDB driver version to ensure full feature compatibility with the new MongoDB 6 server.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/pr-build.yml at line 32, The project updated the service
container to MongoDB 6 but Spring Boot 2.7.18 currently brings MongoDB Java
Driver 4.6.1; update the MongoDB Java driver to 4.7.x or later to ensure full
MongoDB 6 compatibility by overriding the managed dependency in your build
files: locate the MongoDB driver dependency (e.g., artifactIds like
mongodb-driver, mongodb-driver-sync or mongodb-driver-core referenced in pom.xml
or build.gradle) or the dependencyManagement/versions section and set the
version to 4.7.+ (or a specific 4.7.x/4.8.x release), or add an explicit
dependency with version 4.7+ to supersede Spring Boot’s managed version; run a
full build and tests to confirm no regressions.

ports:
- 27017:27017

Expand All @@ -45,7 +39,7 @@ jobs:
- 6379:6379

elasticsearch:
image: elasticsearch:7.17.3
image: elasticsearch:7.17.28
ports:
- 9200:9200
- 9300:9300
Expand All @@ -66,15 +60,16 @@ jobs:
echo $ELASTIC_SEARCH_URL
curl -fsSL "$ELASTIC_SEARCH_URL/_cat/health?h=status"

- uses: actions/checkout@v3
- uses: actions/checkout@v6
with:
fetch-depth: 0

- name: Set up JDK 11
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'
distribution: 'temurin'
cache: maven

# - name: Cache SonarCloud packages
# uses: actions/cache@v3
Expand All @@ -83,13 +78,6 @@ jobs:
# key: ${{ runner.os }}-sonar
# restore-keys: ${{ runner.os }}-sonar

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2

- name: Generate certificates
run: cd src/main/resources/certificates && openssl genrsa -out keypair.pem 4096 && openssl rsa -in keypair.pem -pubout -out public.crt && openssl pkcs8 -topk8 -inform PEM -outform DER -nocrypt -in keypair.pem -out private.der && cd ../../../..

Expand Down
71 changes: 24 additions & 47 deletions .github/workflows/release-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,27 +9,21 @@ jobs:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6
with:
fetch-depth: 0

- name: Set up JDK 11
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'
distribution: 'temurin'
cache: maven

- name: Get Project Version from pom.xml
uses: entimaniac/read-pom-version-action@1.0.0
id: getVersion

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2

- name: Build
run: mvn clean verify -DskipTests=true

Expand Down Expand Up @@ -71,22 +65,16 @@ jobs:
echo $ELASTIC_SEARCH_URL
curl -fsSL "$ELASTIC_SEARCH_URL/_cat/health?h=status"

- uses: actions/checkout@v3
- uses: actions/checkout@v6
with:
fetch-depth: 0

- name: Set up JDK 11
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
distribution: 'temurin'
cache: maven

- name: Generate certificates
run: cd src/main/resources/certificates && openssl genrsa -out keypair.pem 4096 && openssl rsa -in keypair.pem -pubout -out public.crt && openssl pkcs8 -topk8 -inform PEM -outform DER -nocrypt -in keypair.pem -out private.der && cd ../../../..
Expand All @@ -108,7 +96,7 @@ jobs:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6

- id: install-secret-key
name: Install gpg secret key
Expand All @@ -117,10 +105,11 @@ jobs:
gpg --list-secret-keys --keyid-format LONG

- name: Set up Maven Central Repository
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'
distribution: 'temurin'
cache: maven
server-id: central
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
Expand All @@ -141,26 +130,20 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v6

- name: Set up JDK 11
uses: actions/setup-java@v3
uses: actions/setup-java@v5
with:
java-version: 11
distribution: 'adopt'

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
distribution: 'temurin'
cache: maven

- name: Build
run: mvn -P docker-build clean package install -DskipTests=true

- name: Log in to Docker Hub
uses: docker/login-action@v1
uses: docker/login-action@v4
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_AUTH_TOKEN }}
Expand All @@ -170,14 +153,14 @@ jobs:
id: getVersion

- name: Push Version ${{ steps.getVersion.outputs.version }}
uses: docker/build-push-action@v3
uses: docker/build-push-action@v7
with:
push: true
tags: netgrif/application-engine:${{ steps.getVersion.outputs.version }}

- name: Push Latest
if: ${{ !contains(steps.getVersion.outputs.version, '-SNAPSHOT') }}
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Fix extra space after colon in conditional.

Static analysis flagged "too many spaces after colon" on this line.

🔧 Proposed fix 
-        if:  ${{ !contains(steps.getVersion.outputs.version, '-SNAPSHOT') }}
+        if: ${{ !contains(steps.getVersion.outputs.version, '-SNAPSHOT') }}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
if: ${{ !contains(steps.getVersion.outputs.version, '-SNAPSHOT') }}
if: ${{ !contains(steps.getVersion.outputs.version, '-SNAPSHOT') }}
🧰 Tools
🪛 YAMLlint (1.38.0)

[error] 162-162: too many spaces after colon

(colons)

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In @.github/workflows/release-build.yml at line 162, The conditional line uses
an extra space after the GitHub Actions key "if:" causing a
style/static-analysis error; edit the workflow step so the "if:" key has a
single space before the expression (i.e., change the "if:  ${{
!contains(steps.getVersion.outputs.version, '-SNAPSHOT') }}" entry to remove the
extra space), leaving the expression using
contains(steps.getVersion.outputs.version, '-SNAPSHOT') unchanged.

uses: docker/build-push-action@v3
uses: docker/build-push-action@v7
with:
push: true
tags: netgrif/application-engine:latest
Expand All @@ -190,19 +173,13 @@ jobs:
contents: read
packages: write
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6

- uses: actions/setup-java@v3
- uses: actions/setup-java@v5
with:
java-version: '11'
distribution: 'adopt'

- name: Cache Maven packages
uses: actions/cache@v3
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
distribution: 'temurin'
cache: maven

- name: Publish artifact on GitHub Packages
run: mvn -B -P github-publish clean deploy -DskipTests
Expand All @@ -219,7 +196,7 @@ jobs:
id-token: write
security-events: write
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v6

- name: Build
run: mvn clean package install -DskipTests=true
Expand Down
26 changes: 26 additions & 0 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -91,6 +91,27 @@
<!-- <id>mulesoft</id>-->
<!-- <url>https://repository.mulesoft.org/nexus/content/repositories/public/</url>-->
<!-- </repository>-->
<repository>
<id>central</id>
<url>https://repo.maven.apache.org/maven2</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<name>Central Portal Snapshots</name>
<id>central-portal-snapshots</id>
<url>https://central.sonatype.com/repository/maven-snapshots/</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
Comment on lines +94 to +114
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

python - <<'PY'
import xml.etree.ElementTree as ET

ns = {'m': 'http://maven.apache.org/POM/4.0.0'}
root = ET.parse('pom.xml').getroot()

print("Top-level repositories:")
for repo in root.findall('./m:repositories/m:repository', ns):
    rid = repo.findtext('m:id', default='', namespaces=ns)
    url = repo.findtext('m:url', default='', namespaces=ns)
    rel = repo.findtext('m:releases/m:enabled', default='(default)', namespaces=ns)
    snap = repo.findtext('m:snapshots/m:enabled', default='(default)', namespaces=ns)
    print(f"  {rid}: releases={rel}, snapshots={snap}, url={url}")

print("\nDependencies/plugins with explicit SNAPSHOT or ranged versions:")
found = False
for path in ('.//m:dependency[m:version]', './/m:plugin[m:version]'):
    for node in root.findall(path, ns):
        version = node.findtext('m:version', namespaces=ns)
        if version and ('SNAPSHOT' in version or version.startswith('[') or version.startswith('(')):
            gid = node.findtext('m:groupId', namespaces=ns)
            aid = node.findtext('m:artifactId', namespaces=ns)
            print(f"  {gid}:{aid}:{version}")
            found = True
if not found:
    print("  (none)")
PY

Repository: netgrif/application-engine

Length of output: 441

Scope the snapshot repository to a profile, or remove it entirely.

The top-level snapshot repository allows snapshot resolution for every build, weakening reproducibility. No dependencies or plugins in this POM declare snapshot or ranged versions, so the central-portal-snapshots repository is unnecessary. Similarly, the explicit central resolver is redundant since Maven defaults to Maven Central. If you do not intend to consume snapshots, either remove both repositories or restrict them to a dedicated profile that is only enabled when needed.

Suggested change 
-        <repository>
-            <id>central</id>
-            <url>https://repo.maven.apache.org/maven2</url>
-            <releases>
-                <enabled>true</enabled>
-            </releases>
-            <snapshots>
-                <enabled>false</enabled>
-            </snapshots>
-        </repository>
-        <repository>
-            <name>Central Portal Snapshots</name>
-            <id>central-portal-snapshots</id>
-            <url>https://central.sonatype.com/repository/maven-snapshots/</url>
-            <releases>
-                <enabled>false</enabled>
-            </releases>
-            <snapshots>
-                <enabled>true</enabled>
-            </snapshots>
-        </repository>
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<repository>
<id>central</id>
<url>https://repo.maven.apache.org/maven2</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<name>Central Portal Snapshots</name>
<id>central-portal-snapshots</id>
<url>https://central.sonatype.com/repository/maven-snapshots/</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@pom.xml` around lines 94 - 114, Remove the top-level <repository> entries for
"central" and "central-portal-snapshots" (IDs: central,
central-portal-snapshots) unless you intentionally consume snapshots; Maven
already uses Central by default. If you need snapshots, move the
"central-portal-snapshots" entry into a dedicated <profile> (e.g.,
id="snapshots") and scope it behind an opt-in activation (property like
-Dsnapshots or <activeByDefault>false</activeByDefault>), placing the
<repositories> entry inside that profile so snapshot resolution is only enabled
when the profile is activated. Ensure no other POM sections
(dependencies/plugins) require snapshot versions before removing or scoping.

<repository>
<id>jitpack.io</id>
<url>https://jitpack.io</url>
Expand Down Expand Up @@ -315,6 +336,11 @@
<artifactId>batik-all</artifactId>
<version>1.17</version>
</dependency>
<dependency>
<groupId>xml-apis</groupId>
<artifactId>xml-apis-ext</artifactId>
<version>1.3.04</version>
</dependency>
Comment on lines +339 to +343
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Mar 10, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick | 🔵 Trivial

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Batik/SVG usage in source:"
rg -n -C2 'SAXSVGDocumentFactory|BridgeContext|XMLResourceDescriptor|org\.w3c\.dom\.(svg|smil)' src/main src/test || true

echo
echo "Relevant dependency declarations in pom.xml:"
python - <<'PY'
import xml.etree.ElementTree as ET

ns = {'m': 'http://maven.apache.org/POM/4.0.0'}
root = ET.parse('pom.xml').getroot()

for dep in root.findall('.//m:dependencies/m:dependency', ns):
    gid = dep.findtext('m:groupId', namespaces=ns)
    aid = dep.findtext('m:artifactId', namespaces=ns)
    if (gid, aid) in {
        ('org.apache.xmlgraphics', 'batik-all'),
        ('xml-apis', 'xml-apis-ext'),
    }:
        print(f"{gid}:{aid}:{dep.findtext('m:version', namespaces=ns)}")
PY

Repository: netgrif/application-engine

Length of output: 3032

Add a documentation comment for xml-apis-ext dependency.

The dependency is non-obvious when scanning the POM and could be mistakenly removed in future cleanups, despite being required by the Batik-based SVG/PDF rendering path in PdfGenerator.java. A brief comment clarifying its purpose will preserve intent.

Suggested change 
         <dependency>
             <groupId>org.apache.xmlgraphics</groupId>
             <artifactId>batik-all</artifactId>
             <version>1.17</version>
         </dependency>
+        <!-- Required by the Batik-based SVG/PDF rendering path -->
         <dependency>
             <groupId>xml-apis</groupId>
             <artifactId>xml-apis-ext</artifactId>
             <version>1.3.04</version>
         </dependency>
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
<dependency>
<groupId>xml-apis</groupId>
<artifactId>xml-apis-ext</artifactId>
<version>1.3.04</version>
</dependency>
<!-- Required by the Batik-based SVG/PDF rendering path -->
<dependency>
<groupId>xml-apis</groupId>
<artifactId>xml-apis-ext</artifactId>
<version>1.3.04</version>
</dependency>
🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@pom.xml` around lines 339 - 343, Add an inline XML comment above the
xml-apis-ext dependency in the POM explaining why it is required: note that this
artifact is needed for Batik-based SVG/PDF rendering used by PdfGenerator.java
(prevents runtime NoSuchMethod/NoClass errors in the SVG/PDF generation path)
and should not be removed during dependency cleanup; reference the PdfGenerator
class in the comment for future maintainers.

<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
Expand Down
Loading
Loading