includes.guides.upgrade.adoc Maven / Gradle / Ivy
///////////////////////////////////////////////////////////////////////////////
Copyright (c) 2020, 2023 Oracle and/or its affiliates.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
///////////////////////////////////////////////////////////////////////////////
ifndef::rootdir[:rootdir: {docdir}/../..]
== Java 11 Runtime
Java 8 is no longer supported in Helidon 2. Java 11 or newer is required.
== Tracing
We have upgraded to OpenTracing version 0.33.0 that is not backward compatible. OpenTracing
introduced the following breaking changes:
|===
|Removed | Replacement
|`ScopeManager.active()`|`Tracer.activeSpan()`
|`ScopeManager.activate(Span, boolean)`|`ScopeManager.activate(Span)` - second parameter is now always `false`
|`SpanBuilder.startActive()`|`Tracer.activateSpan(Span)`
|`TextMapExtractAdapter` and `TextMapInjectAdapter`|`TextMapAdapter`
| Module name changed `opentracing.api`|`io.opentracing.api` (same for `noop` and `util`)
|===
If you use the `TracerBuilder` abstraction in Helidon and have no custom Spans, there is no
change required
== Security: OIDC
When the OIDC provider is configured to use cookie (default configuration) to carry authentication information,
the cookie `Same-Site` is now set to `Lax` (used to be `Strict`). This is to prevent infinite redirects, as
browsers would refuse to set the cookie on redirected requests (due to this setting).
Only in the case of the frontend host and identity host match, we leave `Strict` as the default