-
Notifications
You must be signed in to change notification settings - Fork 439
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Change com.github.tomakehurst:wiremock-jre8-standalone coordinates to allow migration to version 3.0.0+ #1933
Comments
Hey, have the packages changed too? Cause if they did that's a breaking change. |
At least not yet, though some APIs have been deprecated |
Ah, but a few classes have been moved, like to And the instantiation of ResponseTemplateTransformer changed |
I see. I'll have to think about it but actually we could theoretically support both versions. These are 2 separate jars, we can have 2 different conditionals on classes etc. Do we know if the stub JSON produced by WireMock 3 is compatible with WireMock 2 ? |
According to the docs the JSON output/API should be the same. |
Doesn't spring-cloud-contract package Wiremock? So upgrading to the lastest version should be transparent to the user, right? |
We're in touch with @oleg-nenashev to add support for WireMock 3. We'll keep everyone posted in this issue |
The upgrade is expected to be mostly transparent, but we need to do some integration testing. The update is unlikely to be just a dependency groupId and artifactId change, we have quite a lot of API changes |
I just want to pass by to mention that CVE-2023-44487 is currently impacting the 2.x version (even if it is not exploitable given that this is a test dependency) . See https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/ |
Just wondering, is the way forward still dependent on some new integration tests on the wiremock side? I'm also happy to contribute to get this moving. |
With Wiremock 3.0.0, groupId and artifactId have changed from
to
By adapting the coordinates, you should still get automated dependency updates.
I can provide a PR if applicable.
The text was updated successfully, but these errors were encountered: