Migrate to Jakarta EE 10 and Jetty 12

DependencyTrack / dependency-track

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Apache License 2.0

2.61k stars 553 forks source link

Description

Performs the migration from Java EE to Jakarta EE 10 (see here for background).

This migration is crucial to prevent the Dependency-Track code base from falling behind, and accumulating too much tech debt. Major frameworks like Spring and Quarkus migrated to Jakarta EE years ago.

This also upgrades the embedded Jetty from 10 to 12. 12 being the latest, and only community-supported version of Jetty:

Jetty 12 is the only community supported versions of Jetty at this point in time, and has a great many improvements over previous releases.

While many people continue to use older versions of Jetty like 11/10/9 for a variety of reasons, we recommend using Jetty 12

Note that Jetty 12 is the only version that will receive support for the open source community, and represents the version of Jetty that we will actively maintain and improve over the next few years.

January 1st, 2024 marks the end of community support for the Jetty 11 and older releases.

(Source)

Addressed Issue

Closes #2727

Additional Details

Depends on https://github.com/stevespringett/Alpine/pull/570

Checklist

[x] I have read and understand the contributing guidelines
~This PR fixes a defect, and I have provided tests to verify that the fix is effective~
~This PR implements an enhancement, and I have provided tests to verify that it works as intended~
~This PR introduces changes to the database model, and I have added corresponding update logic~
~This PR introduces new or alters existing behavior, and I have updated the documentation accordingly~

Coverage summary from Codacy

Coverage variation	Diff coverage
:white_check_mark: +0.03% (target: -1.00%)	:x: 50.00% (target: 70.00%)

Coverage variation

Diff coverage

:white_check_mark: +0.03% (target: -1.00%)

:x: 50.00% (target: 70.00%)

Coverage variation details

| | Coverable lines | Covered lines | Coverage | | ------------- | ------------- | ------------- | ------------- | | Common ancestor commit (9ac699509b4e68a10ef8c30c2f78fec28cdf5838) | 21640 | 16399 | 75.78% | | | Head commit (03518587da2ac256acada32d71dc409b531d0b76) | 21667 (+27) | 16425 (+26) | 75.81% (**+0.03%**) | **Coverage variation** is the difference between the coverage for the head and common ancestor commits of the pull request branch: ` - `

Diff coverage details

| | Coverable lines | Covered lines | Diff coverage | | ------------- | ------------- | ------------- | ------------- | | Pull request (#3730) | 4 | 2 | **50.00%** | **Diff coverage** is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: `/ * 100%`

_{Codacy will stop sending the deprecated coverage status from June 5th, 2024. Learn more}

DependencyTrack / dependency-track