Remove compiler warnings for spring-security-oauth2-authorization-server #18562
Conversation
gisu1102
force-pushed
the
fix/18421-remove-compiler-warnings-crypto
branch
2 times, most recently
from
98b1478 to
2218ebe
Compare
spring-projects-issues
added
the
status: waiting-for-triage
Remove compiler warnings in spring-security-oauth2-authorization-server - Remove ACCESS_DECLARED_FIELDS from AOT/runtime hints - Add @SuppressWarnings("removal") for Jackson2 deprecated adapters Closes spring-projectsgh-18432 Signed-off-by: gimgisu <gisu1102@gmail.com>
gisu1102
force-pushed
the
fix/18421-remove-compiler-warnings-crypto
branch
from
2218ebe to
e0ef1d6
Compare
rwinch
left a comment
rwinch
left a comment
There was a problem hiding this comment.
Thanks for the PR! I've responded with a few comments. Please keep in mind that there are a few examples of me wanting to understand why the deprecated fields in MemberCategory were not migrated according to the Javadocs, but this is a general question and should be considered throughout the whole pull request.
| // Jackson Modules | ||
| if (jackson2Present) { | ||
| hints.reflection() | ||
| .registerTypes( |
There was a problem hiding this comment.
This needs to continue to register the jackson 2 modules for passivity. You can extract it into a separate method and add a suppression to it.
There was a problem hiding this comment.
Agreed. Jackson 2 module registration is still required for passivity when Jackson 2
is present on the classpath.
I will keep the Jackson 2 registrations, extract them into a dedicated helper method,
and scope @SuppressWarnings("removal") to that method only so the intent is explicit
while preserving the existing behavior.
Jackson 3 module registration will remain unchanged.
Thank you.
| hints.reflection() | ||
| .registerType(Collections.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | ||
| MemberCategory.INVOKE_DECLARED_METHODS); |
There was a problem hiding this comment.
This and the similar changes don't seem to be a one to one change from deprecation to replacement. For example, I'd expect this change to be as shown in this suggestion since the deprecation for DECLARED_CLASSES states it is deprecated with no replacement since registerType registers the class.
| hints.reflection() | |
| .registerType(Collections.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, | |
| MemberCategory.INVOKE_DECLARED_METHODS); | |
| hints.reflection().registerType(Collections.class); |
Can you help me understand why these changes do not appear to be a one to one replacement for the deprecations?
There was a problem hiding this comment.
Thanks for the clarification.
You're right — my change removed MemberCategory.DECLARED_CLASSES but didn’t make it explicit that the type itself is still being registered.
Since DECLARED_CLASSES is deprecated with no replacement (because registerType already registers the class), I’ll add an explicit
hints.reflection().registerType(T.class) alongside the existing INVOKE_* categories. This preserves the original “type registration”
intent while keeping the reflective invocation hints where needed.
| hints.reflection() | ||
| .registerType(HashSet.class, MemberCategory.DECLARED_FIELDS, | ||
| MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, MemberCategory.INVOKE_DECLARED_METHODS); | ||
| .registerType(HashSet.class, MemberCategory.INVOKE_DECLARED_CONSTRUCTORS, |
There was a problem hiding this comment.
Can you help me understand why MemberCategory.DECLARED_FIELDS wasn't migrated to MemberCategory.INVOKE_DECLARED_FIELDS as documented within the Javadoc?
There was a problem hiding this comment.
Thank you for pointing this out.
You’re right — MemberCategory.DECLARED_FIELDS should be migrated to MemberCategory.ACCESS_DECLARED_FIELDS as documented in the Javadoc.
In my earlier change, I removed DECLARED_FIELDS without explicitly replacing it with ACCESS_DECLARED_FIELDS, which made the migration look incomplete and not 1:1.
I’ve updated the code so that:
- All previous DECLARED_FIELDS usages are now migrated to
ACCESS_DECLARED_FIELDS. - INVOKE_DECLARED_CONSTRUCTORS / INVOKE_DECLARED_METHODS are kept only where
reflective invocation was already required.
This preserves the original intent of field access while aligning with the documented replacement in Spring Framework 7.
rwinch
added
status: waiting-for-feedback
Restore Jackson 2 module runtime hints for passivity - Keep Jackson 2 module registrations when jackson2 is present - Extract Jackson 2 hint registration into a dedicated method - Suppress removal warnings only for the Jackson 2 registration Closes spring-projectsgh-18432 Signed-off-by: gimgisu <gisu1102@gmail.com>
Align AOT hints with MemberCategory deprecation replacements - Replace DECLARED_FIELDS with ACCESS_DECLARED_FIELDS in runtime hints - Preserve 1:1 intent for Collections via registerType only - Keep INVOKE_* only where it existed before Closes spring-projectsgh-18432 Signed-off-by: gimgisu <gisu1102@gmail.com>
|
@rwinch I’ve addressed all of the requested changes:
Could you please take another look when you have a moment? |
spring-projects-issues
added
status: feedback-provided
rwinch
added
in: oauth2
|
Thank you for the updates! This will be merged once the build passes |
Thanks for the review and the helpful comments. |
Apply code formatting to OAuth2AuthorizationServerBeanRegistrationAotProcessor Closes spring-projectsgh-18432 Signed-off-by: gimgisu <gisu1102@gmail.com>
Head branch was pushed to by a user without write access
3 participants
Summary
Closes #18432
AOT/runtime hints in the OAuth2 Authorization Server module
Deprecated Jackson2 adapter usage
Testing
Notes
Other module warnings are unchanged and outside this module’s scope.