From e1c11ffcb5104778a345c5eb1c8fa48d57198d67 Mon Sep 17 00:00:00 2001 From: Anselm McClain Date: Tue, 26 Mar 2024 11:24:15 -0700 Subject: [PATCH] Remove H2 DB dependency + We provide a convenience config to spec use of in-memory h2 database as a datasource during initial / trial development. + H2 had been a dependency that was resolved @ outdated 1.x version with security vulnerabilities. + Remove dependency from hoist-core, replace with updated comment re. need to add back in at app-level using v2.x. + Update JDBC URL to workaround `value` as reserved word in H2 v2.x. --- build.gradle | 1 - .../hoist/configuration/RuntimeConfig.groovy | 21 ++++++++++++------- 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/build.gradle b/build.gradle index 2b0f2ed9..9a5432cc 100644 --- a/build.gradle +++ b/build.gradle @@ -50,7 +50,6 @@ dependencies { runtimeOnly "org.glassfish.web:el-impl:2.2.1-b05" runtimeOnly "javax.xml.bind:jaxb-api:2.3.1" - runtimeOnly "com.h2database:h2" //-------------------- // Hoist Additions diff --git a/src/main/groovy/io/xh/hoist/configuration/RuntimeConfig.groovy b/src/main/groovy/io/xh/hoist/configuration/RuntimeConfig.groovy index 981ef6c6..96565bc8 100644 --- a/src/main/groovy/io/xh/hoist/configuration/RuntimeConfig.groovy +++ b/src/main/groovy/io/xh/hoist/configuration/RuntimeConfig.groovy @@ -7,6 +7,8 @@ package io.xh.hoist.configuration +import org.hibernate.dialect.H2Dialect + import static io.xh.hoist.util.InstanceConfigUtils.getInstanceConfig import static io.xh.hoist.util.Utils.withDelegate @@ -18,8 +20,7 @@ import static io.xh.hoist.util.Utils.withDelegate class RuntimeConfig { /** - * All apps should call this from runtime.groovy - * to setup necessary default configurations + * All apps should call this from runtime.groovy to setup necessary default configurations */ static void defaultConfig(Script script) { withDelegate(script) { @@ -28,11 +29,12 @@ class RuntimeConfig { } /** - * Call this from runtime.groovy - * to setup an in memory H2 DB instead of - * a MySQL or SQL Server DB. This H2 DB option - * is intended only for early stages of development, - * before a production ready DB has been set up. + * Call this from runtime.groovy to setup an in memory H2 DB instead of MySQL or SQL Server. + * This option is intended only for early stages of development, before a production-ready + * database has been provisioned. Data is transient, NOT intended for actual deployments! + * + * Note you will need to add a dependency to your app's build.gradle file: + * `runtimeOnly "com.h2database:h2:2.2.224"` (check and use latest/suitable version). */ static void h2Config(Script script) { withDelegate(script) { @@ -40,6 +42,7 @@ class RuntimeConfig { pooled = true jmxExport = true driverClassName = "org.h2.Driver" + dialect = H2Dialect username = "sa" password = "" } @@ -47,7 +50,9 @@ class RuntimeConfig { development { dataSource { dbCreate = "create-drop" - url = "jdbc:h2:mem:devDb;LOCK_TIMEOUT=10000;DB_CLOSE_ON_EXIT=FALSE" + // `value` is a reserved word in H2 v2.x but used by Hoist AppConfig. + // We can workaround with NON_KEYWORDS=VALUE in the JDBC URL below. + url = "jdbc:h2:mem:devDb;LOCK_TIMEOUT=10000;DB_CLOSE_ON_EXIT=FALSE;NON_KEYWORDS=VALUE" } } }