Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

enable to use PEM feature without nanojson nor tomitribe-util #6

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

enable to use PEM feature without nanojson nor tomitribe-util #6

wants to merge 1 commit into from

Conversation

rmannibucau
Copy link

Goal to use it "dep free" is to lighten integrations but also make it more shebang/jshell friendly in scripts (less deps = less setup).

@dblevins
Copy link
Member

Hey @rmannibucau checkout the new groupId and artifactId, these don't have dependencies on nanojson or tomitribe-util

@rmannibucau
Copy link
Author

Any hope we get it without cheating with the shade + get the test in to ensure it is a feature of the deliverable?

@dblevins
Copy link
Member

Use of the shade plugin was intentional as to avoid forking of the related code, the JSON parser in particular. Note this PR does not address the JSON parser. On the test are you referring to something in the PR or something yet to be written?

@rmannibucau
Copy link
Author

This pr guarantees pem supports works without nanojson and tomitribe-util (and the shade) and harness it by running pem tests (disabling jwk related ones).
Shade should likely be disabled in favor of a classified version (or the default artifact should be "classified") to fully solve my issue, ill let you pick one you like ;).

Side note: ideally I think using a spi - hopefully not hardcoded to enable to use cdi or a serviceloader in standalone - and make indep modules to solve the dep more elegantly and explicitly would be the best but it sounded too intrusive so I just ensured my cases were running without deps and harnessed it by test execution on the ci.

@dblevins
Copy link
Member

What is the issue you're facing?

@rmannibucau
Copy link
Author

  • control deps
  • ensure decurity scanning tools work (no shade :()
  • ensure useless classes cant be scanned at build and at runtime
  • (Not yet fully covered) reduce delivery/patch size (incremental updates)

@dblevins
Copy link
Member

This PR doesn't do those things. The shaded libraries are still there in the final jar, including tomitribe-util and nanojson. This PR creates the same shaded jar, but is 4k larger due to the new code. It looks like tomitribe-util could be removed with this PR, but the dependency on nanojson wasn't addressed.

As mentioned the shade work was done very recently and I did consider copying the source code, but opted not to as it then tends to never get updated. I'd like to be able to easily get updates on the JSON parser when they're released without having to copy/paste them. The shading was setup to only bring in the classes needed so there isn't any useless code from unused classes.

I'd prefer to leave it as-is for now if that's ok.

@rmannibucau
Copy link
Author

It is David, only it does not do is to remove/classify the shade but rest is done. Only thing needed is to merge to enable github workflow. Check out the yaml.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@rmannibucau @dblevins