search

camunda / camunda-bpm-platform

Flexible framework for workflow and decision automation with BPMN and DMN. Integration with Quarkus, Spring, Spring Boot, CDI.
https://camunda.com/
Apache License 2.0
4.03k stars 1.53k forks source link

Remove swagger from run distribution #4467

Open toco-cam opened 4 days ago

toco-cam commented 4 days ago

Acceptance Criteria (Required on creation)

Hints

Links

Breakdown

### Pull Requests

Dev2QA handover

amardeep2006 commented 3 days ago

May I know what is the reason for removing swagger ? This was a good feature.

Please clarify it does not impact following artifact (OPENAPI specifications) and only impacts camunda run.

<dependency>
  <groupId>org.camunda.bpm</groupId>
  <artifactId>camunda-engine-rest-openapi</artifactId>
  <version>${version.camunda}</version>
</dependency>
toco-cam commented 1 day ago

Hello @amardeep2006

May I know what is the reason for removing swagger ?

SwaggerUI has faced many security problems recently, resulting in high maintenance efforts on our side. The alternative to SwaggerUI is OpenAPI and a REST client like Postman. The REST client with the OpenAPI can, in our opinion, cover the intended use case for SwaggerUI: "Easy testing of API interfaces".

Please clarify it does not impact following artifact (OPENAPI specifications) and only impacts camunda run.

There was no impact on OpenAPI. And yes, only Camunda Run, as the other distributions never supported SwaggerUI.

Regards Tobias (Product Management)