Project-X v22.01 - Release Notes

AdroitLogic Project-X

Copyright © 2010-2022
AdroitLogic Private Ltd. All Rights Reserved

** Changes for 22.01-RC ** [2022-02-05]
--------------------------
(summary since 21.01)

core platform:

* All core libraries upgraded (most significant ones follow):
  - Spring 4.3.10.RELEASE -> 5.3.9
  - aspectjrt 1.8.10 -> 1.9.5
  - fast-classpath-scanner 2.0.9 -> classgraph 4.8.110
  - Log4J (via x-logging-log4j2) 2.8.2 -> 2.17.1
  - Elasticsearch (optional, for metrics) 5.1.1 -> 7.13.1
  - Curator/ZooKeeper (optional, for clustering) 3.2.1/3.5.1 -> 5.1.0/3.6.0
* BouncyCastle (bcprov-jdk15on) 1.49 -> 1.69 and made optional; not bundled in distros by default
* API: Provide an ordered output for `XMessageContext#getScopeContextList()` (by context creation order; Set -> List)
* Shutdown runtime automatically on project init/start errors; can be disabled via `XEnvironment#failOnProjectErrors` property
* Ability to disable platform-level default/inbuilt metrics reporting (system resources, worker pool/executor, ingress/egress msg count, etc.)
  using `XMetricsCollector#collectBuiltInMetrics` property
* Replaced `@AutoService` based service discovery with static service definition files
* Removed introspections based on `java.beans` API
* Updated core to use Jackson v2 (com.fasterxml); version is now consistent with most of the pluggable components (connectors/processors)
* Moved JMX MBeans from management module to core; any client with proper local/remote JMX access will be able to control the deployment,
  even if the deployed bundle does not have built-in management API
* UXTerm CLI is now driven by `x-management-client` module, the vendor's official client for accessing the management API
* Tolerate errors in component registry scan;
  if one connector/processor cannot be loaded (e.g. due to missing transitive libraries), registry will still generate the final output for the rest,
  and expose the failed component(s) and their encountered errors via `ComponentRegistry#getFailures()`
* Integration project/XPR builder plugin (x-project-plugin):
  - supports resolving Maven property values (e.g. `${project.version}`) during build; allowing them to be used as placeholders in project meta-files
  - `excludeSources` flag is now enabled by default
  - `excludeFlowPreviews` flag to exclude flow preview files (src/main/resources/*-json.xpos) from bundle; default: enabled
  - `skipProjectContextInspection` flag to skip creation of a project context instance (for metadata collection) during build,
    to avoid build issues/delays for projects with "complex" contexts; default: disabled
  - by default, avoid bundling of libraries that are already known to be available at core/platform level: Jackson, commons-lang3, etc.;
    can be changed by setting an explicit `excludeDependencies` mode (none|all|transitive)


UltraESB-X distribution:

* Docker images based on OpenJDK JRE 11 (index.docker.io/library/openjdk:11.0.3-jre-slim),
in addition to 8 (index.docker.io/library/openjdk:8-jre-slim)
* .bat launch script for Windows
* Updated Elasticsearch configs for 7.x
* Removed UXTerm CLI from prod distro; optionally installable from Tools distro
* Windows .bat/.cmd launch scripts for CLI, ZK client/server
* Added ZooKeeper server runtime JARs to complete distros; a complete ZK environment can now be launched using the complete distros


UltraStudio IDE plugin:

* IDEA 2021.3 compatibility


logging:

* Added LMAX Disruptor as an optional dependency to `x-logging-all` stack
* Log4J upgraded; 2.17.1


libraries:

* Library upgrades:
  - Spring 4.3.10.RELEASE -> 5.3.9
  - Log4J (used in JDBC/Slack/Elasticsearch appenders) 2.8.2 -> 2.17.1


features:

* Extract out authentication related utils from HTTP feature, as a new feature module, `x-feature-http-auth`;
  original `x-feature-http` is now leaner and only contains core HTTP functionalities from the original set
* Removed XML -> JAXB inter-feature dependency; client code that uses JAXB functions can continue to use same methods/signatures
  (under `JAXBFeature` instead of `XMLFeature`), but should explicitly import `x-feature-jaxb`
* Java 9+ compatibility changes, mainly on AS2/S-MIME fronts
* Misc. enhancements and fixes to AS2 feature, kudos as2gateway.com
  - include any MDN parse-errors in returned parse-result
  - BouncyCastle upgraded; 1.49 -> 1.69
  - implicitly trust leaf certificates that are directly available in provided trust-store; skipping the standard trust-anchor check
  - use binary encoding for SMIMESignedParser used in signature verification;
    fixes digest-mismatch cases due to missing Content-Transfer-Encoding in signed MIME parts
  - explicitly pass signature algorithm to MDN signature generator, instead of using signing certificate's algorithm by default
  - improve efficiency of processing "large" (GB-range) outgoing files, when fed as FileFormat- or MessageFileFormat-backed XAttachment entities


transports:

* `nio-http`:
  - Content-Length check and pre-payload verification now works for all requests (was previously working only for expect-100 preflight requests)
  - Ability to return proper HTTP codes (in addition to Apache-HC's built-in "method not supported" etc.) on request validation failures etc.,
    by throwing a `CodedHttpException` with desired error code
  - Cleaned up unused dependencies


connectors:

* `nio-http`: incorporates above transport-level enhancements for HTTP validations and custom error codes
* `as2`: pre-payload verifications to reject messages with missing/unknown partner (AS2-From) or station (AS2-To) identifiers;
  now works for direct requests too (i.e. not involving preflight (expect-100) checks), returning a HTTP error after consuming request headers


processors:

* `regular-flow-control`: made Groovy optional; should be explicitly added if needed, e.g. for expression-based condition evaluations