Skip to content

Migrate from Java 11 to Java 21 with Spring Boot 3.5.6 #75

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Migrate from Java 11 to Java 21 with Spring Boot 3.5.6 #75

wants to merge 4 commits into from

Conversation

@devin-ai-integration
Copy link

@devin-ai-integration devin-ai-integration bot commented Oct 16, 2025
edited
Loading

Migrate from Java 11 to Java 21 with Spring Boot 3.5.6

Summary

Complete migration of the Spring Boot RealWorld Example Application from Java 11 + Spring Boot 2.6.3 to Java 21 + Spring Boot 3.5.6. This is a major upgrade that includes:

  • Java: 11 → 21
  • Spring Boot: 2.6.3 → 3.5.6
  • Jakarta EE namespace migration: All javax.* imports → jakarta.* (23+ files affected)
  • Spring Security 6 refactoring: WebSecurityConfigurerAdapterSecurityFilterChain bean approach
  • Netflix DGS: 4.9.21 → 10.4.0 with artifact name change (graphql-dgs-spring-boot-startergraphql-dgs-spring-graphql-starter)
  • JJWT: 0.11.2 → 0.13.0 with breaking API changes
  • MyBatis: 2.2.2 → 3.0.5
  • Rest Assured: 4.5.1 → 5.5.0
  • Gradle: 7.4 → 8.10.2

All tests pass locally (70/70) and CI checks pass ✅

Review & Testing Checklist for Human

⚠️ Critical items to verify (in order of importance):

  • Test GraphQL API endpoints with real clients, especially paginated queries (articles feed, comments). The PageInfo type changed from graphql.relay.DefaultPageInfo to generated io.spring.graphql.types.PageInfo, which could break existing clients if they rely on the response structure.

  • Verify JWT authentication flows: Test login, token generation, and protected endpoints. JJWT 0.13.0 has breaking API changes:

    • Parser changed from parserBuilder().setSigningKey() to parser().verifyWith()
    • Signing now requires explicit algorithm specification
    • Ensure existing JWT tokens (if any) still work or document the breaking change

  • Test error handling: Verify that REST API and GraphQL error responses maintain the expected format for clients. Both CustomizeExceptionHandler and GraphQLCustomizeExceptionHandler were modified, and the GraphQL handler now uses async API (CompletableFuture).

  • Security configuration review: Validate that all endpoints have correct authentication requirements:

    • /graphiql and /graphql should be public
    • /articles/feed (GET) requires authentication
    • /users and /users/login (POST) should be public
    • All other endpoints require authentication

Test Plan Recommendation

  1. Run the application locally and test the GraphQL playground at /graphiql
  2. Execute a full authentication flow: register user → login → access protected endpoints
  3. Test paginated GraphQL queries (articles, comments) and verify response structure
  4. Verify CORS configuration still works for frontend clients
  5. Test error scenarios (invalid JWT, validation errors) to ensure error responses are correct

Notes

  • Deprecated @MockBean warnings: Tests show 23 deprecation warnings for @MockBean annotations marked for removal in future Java versions. This doesn't affect functionality now but will need addressing in a future migration.
  • Netflix DGS artifact name change: In DGS 10.x, the artifact name changed from graphql-dgs-spring-boot-starter to graphql-dgs-spring-graphql-starter. Make sure any documentation or deployment scripts are updated.
  • Spring Security 6: Completely refactored from WebSecurityConfigurerAdapter pattern to component-based SecurityFilterChain bean. Logic should be equivalent but worth double-checking security behavior.

Link to Devin run: https://app.devin.ai/sessions/51ca1f399821411bb7547217f2f98ad7
Requested by: Abhay Aggarwal (@abhay-codeium)

@devin-ai-integration @abhay-codeium
Migrate from Java 11 to Java 21 with Spring Boot 3.5.6
038ba00 
- Update Spring Boot from 2.6.3 to 3.5.6
- Update Java version from 11 to 21
- Update GitHub Actions workflow to use Java 21
- Update MyBatis Spring Boot Starter to 3.0.5
- Update Netflix DGS to 10.4.0 (Spring Boot 3 compatible)
- Update Netflix DGS Codegen plugin to 8.1.1
- Update JJWT from 0.11.2 to 0.13.0
- Migrate javax.validation.* to jakarta.validation.* across 19 files
- Migrate javax.servlet.* to jakarta.servlet.* in JwtTokenFilter
- Refactor WebSecurityConfig to use SecurityFilterChain (Spring Security 6)
- Remove deprecated WebSecurityConfigurerAdapter
- Update to lambda-based configuration for Spring Security 6
- Update .antMatchers() to .requestMatchers()
- Update .authorizeRequests() to .authorizeHttpRequests()

Co-Authored-By: Abhay Aggarwal <abhay.aggarwal@codeium.com>
@devin-ai-integration
Copy link
Author

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

devin-ai-integration bot and others added 3 commits October 16, 2025 05:17
@devin-ai-integration @abhay-codeium
Fix CI: Update actions/cache from v2 to v4
afa6273 
GitHub has deprecated and shut down actions/cache v1 and v2.
Update to v4 to fix CI failures.

Co-Authored-By: Abhay Aggarwal <abhay.aggarwal@codeium.com>
@devin-ai-integration @abhay-codeium
Upgrade Gradle from 7.4 to 8.10.2 for Java 21 support
4f13fa5 
Gradle 7.4 does not support Java 21 (class file major version 65).
Java 21 requires Gradle 8.5 or later. Upgrading to 8.10.2 (stable).

Fixes CI error: 'Unsupported class file major version 65'

Co-Authored-By: Abhay Aggarwal <abhay.aggarwal@codeium.com>
@devin-ai-integration @abhay-codeium
Fix Netflix DGS compatibility with Spring Boot 3.5.6
45e4b7e 
Root cause: In Netflix DGS 10.x, the artifact name changed from
graphql-dgs-spring-boot-starter to graphql-dgs-spring-graphql-starter.
Version 10.4.0 supports Spring Boot 3.5.5 (compatible with 3.5.6).

Changes:
- Update Netflix DGS artifact to graphql-dgs-spring-graphql-starter:10.4.0
- Migrate PageInfo usage in ArticleDatafetcher and CommentDatafetcher to use generated types
- Update GraphQLCustomizeExceptionHandler for DGS 10.x API (handleException returns CompletableFuture)
- Migrate CustomizeExceptionHandler to jakarta.validation.*
- Update DefaultJwtService for JJWT 0.13.0 API (parser().verifyWith() and explicit signWith algorithm)
- Fix DefaultJwtServiceTest key size to meet 512-bit HS512 requirement

All tests pass locally.

Co-Authored-By: Abhay Aggarwal <abhay.aggarwal@codeium.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants