Openbravo Issue Tracking System - Openbravo ERP |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0045968 | Openbravo ERP | A. Platform | public | 2021-03-01 10:11 | 2024-02-07 05:06 |
|
| Reporter | alostale | |
| Assigned To | cberner | |
| Priority | normal | Severity | major | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | |
| Platform | | OS | 5 | OS Version | |
| Product Version | | |
| Target Version | | Fixed in Version | PR22Q1 | |
| Merge Request Status | |
| Review Assigned To | |
| OBNetwork customer | |
| Web browser | |
| Modules | Core |
| Support ticket | |
| Regression level | |
| Regression date | |
| Regression introduced in release | |
| Regression introduced by commit | |
| Triggers an Emergency Pack | No |
|
| Summary | 0045968: update to the latests 5.x Hibernate version |
| Description | Currently Openbravo depends on Hibernate 5.4.2.
This version was released in 2019. As of today the latest 5.x [1] version is 5.6.0 which includes several fixes and improvements.
---
[1] https://hibernate.org/orm/releases/5.5/ [^] |
| Steps To Reproduce | - |
| Proposed Solution | |
| Additional Information | |
| Tags | No tags attached. |
| Relationships | | related to | feature request | 0037064 | | closed | caristu | upgrade hibernate to 5.3.2 | | related to | feature request | 0040552 | | closed | caristu | upgrade hibernate to version 5.4 | | related to | feature request | 0045969 | | new | Triage Platform Base | upgrade to Hibernate 6.x (prototype) | | related to | defect | 0047800 | | closed | cberner | API Change: Remove javaassist library | | blocks | design defect | 0047090 | | new | Triage Platform Base | Tracking issue: Library update |
|
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2021-03-01 10:11 | alostale | New Issue | |
| 2021-03-01 10:11 | alostale | Assigned To | => platform |
| 2021-03-01 10:11 | alostale | Modules | => Core |
| 2021-03-01 10:11 | alostale | Triggers an Emergency Pack | => No |
| 2021-03-01 10:12 | alostale | Relationship added | blocks 0045922 |
| 2021-03-01 10:24 | alostale | Relationship added | related to 0045969 |
| 2021-03-01 11:09 | shuehner | Issue Monitored: shuehner | |
| 2021-03-01 17:46 | shuehner | Note Added: 0126430 | |
| 2021-05-26 16:38 | shuehner | Description Updated | bug_revision_view_page.php?rev_id=22607#r22607 |
| 2021-05-27 11:47 | shuehner | Description Updated | bug_revision_view_page.php?rev_id=22608#r22608 |
| 2021-05-27 11:48 | shuehner | Note Edited: 0126430 | bug_revision_view_page.php?bugnote_id=0126430#r22610 |
| 2021-06-11 17:44 | shuehner | Relationship added | blocks 0047090 |
| 2021-08-02 09:00 | alostale | Relationship added | related to 0037064 |
| 2021-08-02 09:03 | alostale | Relationship added | related to 0040552 |
| 2021-08-02 09:19 | cberner | Assigned To | platform => cberner |
| 2021-08-02 09:19 | cberner | Status | new => acknowledged |
| 2021-08-16 10:37 | hgbot | Note Added: 0131134 | |
| 2021-08-17 11:23 | cberner | Summary | update to the latests 5.4.x Hibernate version => update to the latests 5.5.x Hibernate version |
| 2021-08-17 11:23 | cberner | Description Updated | bug_revision_view_page.php?rev_id=23004#r23004 |
| 2021-09-21 13:35 | alostale | Relationship deleted | blocks 0045922 |
| 2021-10-04 09:25 | cberner | Relationship added | related to 0047800 |
| 2021-10-04 09:36 | cberner | Description Updated | bug_revision_view_page.php?rev_id=23134#r23134 |
| 2021-10-04 10:25 | cberner | Status | acknowledged => scheduled |
| 2021-10-18 18:36 | hgbot | Note Added: 0132425 | |
| 2021-10-19 13:43 | hgbot | Resolution | open => fixed |
| 2021-10-19 13:43 | hgbot | Status | scheduled => closed |
| 2021-10-19 13:43 | hgbot | Note Added: 0132450 | |
| 2021-10-19 13:43 | hgbot | Fixed in Version | => PR22Q1 |
| 2021-10-19 13:43 | hgbot | Note Added: 0132451 | |
| 2021-10-19 13:43 | hgbot | Note Added: 0132452 | |
| 2021-10-19 13:43 | hgbot | Note Added: 0132453 | |
| 2021-10-22 09:54 | hgbot | Note Added: 0132555 | |
| 2021-10-22 09:58 | cberner | Note Deleted: 0132555 | |
| 2021-10-22 09:58 | hgbot | Note Added: 0132556 | |
| 2021-10-22 09:59 | cberner | Note Deleted: 0132556 | |
| 2021-11-03 10:59 | alostale | Summary | update to the latests 5.5.x Hibernate version => update to the latests 5.x Hibernate version |
| 2021-11-03 10:59 | alostale | Description Updated | bug_revision_view_page.php?rev_id=23262#r23262 |
| 2024-02-07 05:06 | emmausa | Note Added: 0160322 | |
| 2024-02-07 15:28 | shuehner | Note Deleted: 0160322 | |
|
Notes |
|
|
(0126430)
|
|
shuehner
|
2021-03-01 17:46
(edited on: 2021-05-27 11:48) |
|
Going through all release notes from 5.4.3 to current 5.4.28 (backwards) showed
following especially bigger topics as especially interesting (grouped by minor version)
- 24 security fix (probably doesn't apply to us)
- 23 'Save some memory'
retained
- 18 security fix (sql/hql injection via Criteria)
- 10 the ob issue re-found recently (extra left-join for computed columns)
- 5 'strong perf improvements' reduce overhead for trivial queries (up to 400%)
All 'maybe interesting for us' from the releases list:
5.4.32
- Update ByteBuddy to 1.10.22
5.4.28
- [HHH-14415] - Upgrade to Jandex 2.2.3.Final
- jdk16+ fixes to their own build-system
5.4.27 (and .26)
- The Micrometer integration with Hibernate ORM was now moved into the Hibernate ORM repository.
5.4.25
- [HHH-14334] - Make dom4j and jaxb-api optional if hibernate.xml_mapping_enabled=false
SHU comment: check if that could apply to our usage
5.4.24
- SECURITY-UPATE: fixing CVE-2020-25638.
hibernate.use_sql_comments=false
This property also happens to be disabled by default, so unless you had it enabled explicitly you are not affected.
- [HHH-14158] - Upgrade Javassist to the latest version
5.4.23
- Memory improvements
"this has shown to reduce memory consumption up to 50%"
- several jar dep updates
5.4.22
nothing
5.4.21
nothing
5.4.20
nothing
5.4.19
nothing
5.4.18
- SECURITY FIX: CVe-2019-14900
[HHH-14077] - CVE-2019-14900 SQL injection issue using JPA Criteria API
https://hibernate.atlassian.net/browse/HHH-14077 [^]
5.4.17
nothing
5.4.16
nothing
5.4.15
- several 3rd party jar updates (dom4j,jandex,bytebuddy)
- [HHH-13960] - Add SAXReader sec features to match the defaults
5.4.14
5.4.13
[HHH-13874] - Deprecate relevant methods that are supposed to be removed in v6.0
To see now what needs to be fixed for eventual 6.x udpate
5.4.12
- Janxdex based entity scanner
'Faster boot-up'
Note: we use explicitely mapped entities, unclear if applies
5.4.11
- https://hibernate.atlassian.net/browse/HHH-13704 [^]
make javassist really optional
could allow to drop that having having byte-buddy (which we have)
- https://hibernate.atlassian.net/browse/HHH-13821 [^]
Update Byte Buddy to 1.10.7
- https://hibernate.atlassian.net/browse/HHH-13833 [^]
Byte Buddy enhancer should use ASM7 opcodes to improve compatibility with code compiled for Java 11
5.4.10
- https://hibernate.atlassian.net/browse/HHH-12895 [^]
Extra LEFT JOIN generated with @ManyToOne and @JoinTable when projecting on main entity id
aka OB-Issue https://issues.openbravo.com/view.php?id=45922 [^]
- https://hibernate.atlassian.net/browse/HHH-8091 [^]
Hibernate produces SQL - "in ()" - which is invalid in at least Oracle, MySQL and Postgres
5.4.9
- https://hibernate.atlassian.net/browse/HHH-13730 [^]
Upgrade to Classmate 1.4.0
- https://hibernate.atlassian.net/browse/HHH-13731 [^]
Upgrade to Classmate 1.5.1
- https://hibernate.atlassian.net/browse/HHH-13733 [^]
Upgrade to Jandex 2.1.1.Final
5.4.8
none
5.4.7
- https://hibernate.atlassian.net/browse/HHH-13680 [^]
Upgrade to Byte Buddy 1.10.2
5.4.6
none
5.4.5
NEWS:
- Tested with jd13
- several strong performance improvements
A lot of 'reduce overhead' if hibernate used for 'tiny operations'
up to 400%
- https://hibernate.atlassian.net/browse/HHH-13249 [^]
Introduce an option to Log slow queries instead of all queries
SHU-note: maybe useful oracle (as missing log_min_duration_statement as we have easily as postgresql feature)
5.4.4
- https://hibernate.atlassian.net/browse/HHH-13504 [^]
Upgrade ByteBuddy to 1.9.11
5.4.3
none
|
|
|
|
(0131134)
|
|
hgbot
|
|
2021-08-16 10:37
|
|
|
|
|
(0132425)
|
|
hgbot
|
|
2021-10-18 18:36
|
|
|
|
|
(0132450)
|
|
hgbot
|
|
2021-10-19 13:43
|
|
|
|
|
(0132451)
|
|
hgbot
|
|
2021-10-19 13:43
|
|
Directly closing issue as related merge request is already approved.
Repository: https://gitlab.com/openbravo/product/openbravo [^]
Changeset: e6c865bc914cee8b667a8feec1ed60990d458a16
Author: Cristian Berner <cristian.berner@openbravo.com>
Date: 2021-10-19T09:39:56+02:00
URL: https://gitlab.com/openbravo/product/openbravo/-/commit/e6c865bc914cee8b667a8feec1ed60990d458a16 [^]
Fixes FR-45968: Update Hibernate to the latest 5.6 version
It also removes javaassist library, which is no longer a hibernate
dependency and after extensive testing, no usage has been found.
---
A lib/runtime/byte-buddy-1.11.20.jar
A lib/runtime/classmate-1.5.1.jar
A lib/runtime/hibernate-commons-annotations-5.1.2.Final.jar
A lib/runtime/hibernate-core-5.6.0.Final.jar
A lib/runtime/jandex-2.2.3.Final.jar
A lib/runtime/jboss-logging-3.4.2.Final.jar
M legal/Licensing.txt
R lib/runtime/byte-buddy-1.9.10.jar
R lib/runtime/classmate-1.3.4.jar
R lib/runtime/hibernate-commons-annotations-5.1.0.Final.jar
R lib/runtime/jandex-2.0.5.Final.jar
R lib/runtime/javassist-3.24.0-GA.jar
R lib/runtime/jboss-logging-3.3.2.Final.jar
---
|
|
|
|
(0132452)
|
|
hgbot
|
|
2021-10-19 13:43
|
|
|
|
|
(0132453)
|
|
hgbot
|
|
2021-10-19 13:43
|
|
|