From adc39ac65d67f50002e1bf793ab297dbe51d28cb Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Thu, 2 May 2024 16:55:29 +0200 Subject: [PATCH 01/39] Migration Guide for CAP Java 3.0 (#890) --- java/developing-applications/configuring.md | 4 +- java/migration.md | 64 ++++++++++++++++----- 2 files changed, 52 insertions(+), 16 deletions(-) diff --git a/java/developing-applications/configuring.md b/java/developing-applications/configuring.md index a6b2e9817..6333114c7 100644 --- a/java/developing-applications/configuring.md +++ b/java/developing-applications/configuring.md @@ -28,10 +28,10 @@ Now, that you're familiar with how to configure your application, start to creat When running your application in production, it makes sense to strictly disable some development-oriented features. The production profile configures a set of selected property defaults, recommended for production deployments, at once. -To specify the production profile, set `cds.environment.production.profile` to a Spring profile used in production deployments. +By default the production profile is set to `cloud`. To specify a custom production profile, set `cds.environment.production.profile` to a Spring profile used in your production deployments. ::: tip Production profile = `cloud` -It is recommended to set `cds.environment.production.profile` to `cloud`. The Java Buildpacks set the `cloud` profile for applications by default. +The Java Buildpacks set the `cloud` profile for applications by default. Other active profiles for production deployments are typically set using the environment variable `SPRING_PROFILES_ACTIVE` on your application in your deployment descriptors (`mta.yaml`, Helm charts, etc.). ::: diff --git a/java/migration.md b/java/migration.md index 842a7c456..e52130f23 100644 --- a/java/migration.md +++ b/java/migration.md @@ -23,8 +23,57 @@ uacp: Used as link target from Help Portal at https://help.sap.com/products/BTP/ [[toc]] +## CAP Java 2.10 to CAP Java 3.0 { #two-to-three } -## CAP Java 1.34 to CAP Java 2.0 { #one-to-two} +::: warning +This is a **preview** of the changes planned for CAP Java 3.0 (planned to be released July 2024) +::: + +### Minimum Versions + +CAP Java 3.0 increased some minimum required versions: + +| Dependency | Minimum Version | +| --- | --- | +| Maven | 3.6.3 | +| Cloud SDK | 5.9.0 | + +### Production Profile `cloud` + +The Production Profile now defaults to `cloud`. This ensures that various property defaults suited for local development are changed to recommended secure values for production. + +[Learn more about the Production Profile.](developing-applications/configuring#production-profile){.learn-more} + +### Adjusted Property Defaults + +Some property defaults have been adjusted: + +| Property | Old Value | New Value | Explanation | +| --- | --- | --- | --- | +| `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | + +### Removed Properties + +TODO + +### Removed Java APIs + +TODO + +## Cloud SDK 4 to 5 { #cloudsdk5 } + +CAP Java `2.6.0` and higher is compatible with Cloud SDK in version 4 and 5. For reasons of backward compatibility, CAP Java assumes Cloud SDK 4 as the default. However, we highly recommend to use at least version `5.7.0` of Cloud SDK. To upgrade your CAP Java application to Cloud SDK 5, in most cases, you don't need to adapt any code if you rely on the Cloud SDK integration package (`cds-integration-cloud-sdk`). In these cases, it's sufficient to add the following maven dependency to your CAP Java application: + +```xml + + com.sap.cloud.sdk.cloudplatform + connectivity-apache-httpclient4 + +``` + +If you are using Cloud SDK APIs explicitly in your code consider the migration guide for Cloud SDK 5 itself: https://sap.github.io/cloud-sdk/docs/java/guides/5.0-upgrade-steps + +## CAP Java 1.34 to CAP Java 2.0 { #one-to-two } This section describes the changes in CAP Java between the major versions 1.34 and 2.0. It provides also helpful information how to migrate a CAP Java application to the new major version 2.0. @@ -1040,16 +1089,3 @@ After rebuilding and restarting your application, your Application Services are - -## Cloud SDK 4 to 5 { #cloudsdk5 } - -CAP Java `2.6.0` and higher is compatible with Cloud SDK in version 4 and 5. For reasons of backward compatibility, CAP Java assumes Cloud SDK 4 as the default. However, we highly recommend to use at least version `5.2.0` of Cloud SDK. To upgrade your CAP Java application to Cloud SDK 5, in most cases, you don't need to adapt any code if you rely on the Cloud SDK integration package (`cds-integration-cloud-sdk`). In these cases, it's sufficient to add the following maven dependency to your CAP Java application: - -```xml - - com.sap.cloud.sdk.cloudplatform - connectivity-apache-httpclient4 - -``` - - From 8987d7447344033efd9322dcd9158e97269da589 Mon Sep 17 00:00:00 2001 From: Markus Ofterdinger Date: Fri, 3 May 2024 08:15:39 +0200 Subject: [PATCH 02/39] Changes in cds-maven-plugin (#893) --- java/migration.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/java/migration.md b/java/migration.md index e52130f23..76dc54f20 100644 --- a/java/migration.md +++ b/java/migration.md @@ -60,6 +60,10 @@ TODO TODO +### Changes in `cds-maven-plugin` + +The goal `addSample` is removed from the `cds-maven-plugin` and replaced with the goal `add` and property `-Dfeature=TINY_SAMPLE`. + ## Cloud SDK 4 to 5 { #cloudsdk5 } CAP Java `2.6.0` and higher is compatible with Cloud SDK in version 4 and 5. For reasons of backward compatibility, CAP Java assumes Cloud SDK 4 as the default. However, we highly recommend to use at least version `5.7.0` of Cloud SDK. To upgrade your CAP Java application to Cloud SDK 5, in most cases, you don't need to adapt any code if you rely on the Cloud SDK integration package (`cds-integration-cloud-sdk`). In these cases, it's sufficient to add the following maven dependency to your CAP Java application: From 7627561c6766c308b3f9ec0758f735c29083344a Mon Sep 17 00:00:00 2001 From: Markus Ofterdinger Date: Mon, 13 May 2024 15:42:47 +0200 Subject: [PATCH 03/39] Update migration.md --- java/migration.md | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/java/migration.md b/java/migration.md index 76dc54f20..36f0cad29 100644 --- a/java/migration.md +++ b/java/migration.md @@ -52,13 +52,43 @@ Some property defaults have been adjusted: | --- | --- | --- | --- | | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | + +### Replaced Poperties + + - `cds.data-source.csvInitializationMode` -> `cds.data-source.csv.initializationMode` + - `cds.data-source.csvFileSuffix` -> `cds.data-source.csv.fileSuffix` + - `cds.data-source.csvPaths` -> `cds.data-source.csv.paths` + - `cds.data-source.csvSingleChangeset` -> `cds.data-source.csv.singleChangeset` + - `cds.remote.remoteServiceConfig.destination.type` -> `cds.remote.services..type` + - `cds.remote.remoteServiceConfig.destination.suffix` -> `cds.remote.services..http.suffix` + - `cds.remote.remoteServiceConfig.destination.service` -> `cds.remote.services..http.service` + - `cds.remote.remoteServiceConfig.destination.headers` -> `cds.remote.services..http.headers` + - `cds.remote.remoteServiceConfig.destination.queries` -> `cds.remote.services..http.queries` + - `cds.sql.search.useLocalizedView` -> `cds.sql.search.model` + - `cds.identity.authConfig.enabled` -> `cds.security.authentication.authConfig.enabled` + - `cds.xsuaa.authConfig.enabled` -> `cds.security.authentication.authConfig.enabled` + - `cds.odataV4.apply.inCqn.enabled` -> `cds.odataV4.apply.transformations.enabled` + - `cds.multiTenancy.healthCheck.intervalMillis` -> `cds.multiTenancy.healthCheck.interval` + - `cds.messaging.services..outbox.persistent.enabled` -> `cds.messaging.services..outbox.name` + - `cds.auditlog.outbox.persistent.enabled` -> `cds.auditlog.outbox.name` + ### Removed Properties -TODO +- `cds.sql.supportedLocales` +- `cds.security.mock.users..unrestricted` ### Removed Java APIs -TODO +- Removed deprecated classes: + - `com.sap.cds.services.environment.ServiceBinding` + - `com.sap.cds.services.environment.ServiceBindingAdapter` + +- Removed deprecated methods: + - `com.sap.cds.services.request.ModifiableUserInfo.setUnrestrictedAttributes` + - `com.sap.cds.services.request.ModifiableUserInfo.addUnrestrictedAttribute` + - `com.sap.cds.services.request.ModifiableUserInfo.removeUnrestrictedAttribute` + - `com.sap.cds.services.request.UserInfo.isUnrestrictedAttribute` + - `com.sap.cds.services.request.UserInfo.getUnrestrictedAttributes` ### Changes in `cds-maven-plugin` From c75f147824688caf409218d41e9bbf5fc75a2ff0 Mon Sep 17 00:00:00 2001 From: Markus Ofterdinger Date: Mon, 13 May 2024 16:44:26 +0200 Subject: [PATCH 04/39] Update java/migration.md Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 36f0cad29..88cdd67b5 100644 --- a/java/migration.md +++ b/java/migration.md @@ -53,7 +53,7 @@ Some property defaults have been adjusted: | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | -### Replaced Poperties +### Replaced Properies - `cds.data-source.csvInitializationMode` -> `cds.data-source.csv.initializationMode` - `cds.data-source.csvFileSuffix` -> `cds.data-source.csv.fileSuffix` From 9c4303b8c2a10b7cbdff00cc0736a001eda06c71 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Tue, 14 May 2024 09:07:04 +0200 Subject: [PATCH 05/39] Fix typo --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 88cdd67b5..2f7cc7e92 100644 --- a/java/migration.md +++ b/java/migration.md @@ -53,7 +53,7 @@ Some property defaults have been adjusted: | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | -### Replaced Properies +### Replaced Properties - `cds.data-source.csvInitializationMode` -> `cds.data-source.csv.initializationMode` - `cds.data-source.csvFileSuffix` -> `cds.data-source.csv.fileSuffix` From 4fc2a5108764e4d3d3320ae8d365d00c9902b7b9 Mon Sep 17 00:00:00 2001 From: Markus Ofterdinger Date: Wed, 15 May 2024 09:38:00 +0200 Subject: [PATCH 06/39] Update migration.md --- java/migration.md | 1 + 1 file changed, 1 insertion(+) diff --git a/java/migration.md b/java/migration.md index 2f7cc7e92..928e36068 100644 --- a/java/migration.md +++ b/java/migration.md @@ -71,6 +71,7 @@ Some property defaults have been adjusted: - `cds.multiTenancy.healthCheck.intervalMillis` -> `cds.multiTenancy.healthCheck.interval` - `cds.messaging.services..outbox.persistent.enabled` -> `cds.messaging.services..outbox.name` - `cds.auditlog.outbox.persistent.enabled` -> `cds.auditlog.outbox.name` + - `cds.outbox.services.` -> `cds.outbox.persistent` ### Removed Properties From 47dd561f7d479ab73e32dcb14d84ea37aeebe955 Mon Sep 17 00:00:00 2001 From: Markus Ofterdinger Date: Wed, 15 May 2024 09:46:10 +0200 Subject: [PATCH 07/39] Fixed wrong property order (#935) --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 928e36068..c3bd586cb 100644 --- a/java/migration.md +++ b/java/migration.md @@ -71,7 +71,7 @@ Some property defaults have been adjusted: - `cds.multiTenancy.healthCheck.intervalMillis` -> `cds.multiTenancy.healthCheck.interval` - `cds.messaging.services..outbox.persistent.enabled` -> `cds.messaging.services..outbox.name` - `cds.auditlog.outbox.persistent.enabled` -> `cds.auditlog.outbox.name` - - `cds.outbox.services.` -> `cds.outbox.persistent` + - `cds.outbox.persistent` -> `cds.outbox.services.` ### Removed Properties From 41ca6a963f4b12075cb966bc4c04de6d03066b01 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Wed, 15 May 2024 16:21:28 +0200 Subject: [PATCH 08/39] [CAP Java 3.0] Explain removal of classic MTX in migration guide (#942) --- java/migration.md | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/java/migration.md b/java/migration.md index c3bd586cb..6ae5fbc6f 100644 --- a/java/migration.md +++ b/java/migration.md @@ -44,6 +44,19 @@ The Production Profile now defaults to `cloud`. This ensures that various proper [Learn more about the Production Profile.](developing-applications/configuring#production-profile){.learn-more} +### Removed MTX Classic Support + +Support for classic MTX (@sap/cds-mtx) has been removed. For multitenancy using streamlined MTX (@sap/cds-mtxs) is mandatory. +If you are still using MTX Classic refer to the [multitenancy migration guide](../guides/multitenancy/old-mtx-migration). + +In addition the deprecated MtSubscriptionService API, which has been superseeded by the DeploymentService API, has been removed. +As part of this change the compatibility mode for the MtSubscriptionService API has been removed. Besides the removal of the Java APIs this includes the following behavioural changes: + +- During unsubscribe the tenant's content (e.g. HDI container) is now deleted by default when using the new DeploymentService API. +- The HTTP-based tenant upgrade APIs provided by the CAP Java app have been removed. This includes the following endpoints: + - `/mt/v1.0/subscriptions/deploy/**` (GET & POST) + - `/messaging/v1.0/em/` (PUT) + ### Adjusted Property Defaults Some property defaults have been adjusted: @@ -77,12 +90,26 @@ Some property defaults have been adjusted: - `cds.sql.supportedLocales` - `cds.security.mock.users..unrestricted` +- `cds.multiTenancy.mtxs.enabled` +- `cds.multiTenancy.compatibility.enabled` +- `cds.multiTenancy.security.deploymentScope` ### Removed Java APIs - Removed deprecated classes: - `com.sap.cds.services.environment.ServiceBinding` - `com.sap.cds.services.environment.ServiceBindingAdapter` + - `com.sap.cds.services.mt.MtSubscriptionService` + - `com.sap.cds.services.mt.MtGetDependenciesEventContext` + - `com.sap.cds.services.mt.MtSubscribeEventContext` + - `com.sap.cds.services.mt.MtAsyncSubscribeEventContext` + - `com.sap.cds.services.mt.MtAsyncSubscribeFinishedEventContext` + - `com.sap.cds.services.mt.MtDeployEventContext` + - `com.sap.cds.services.mt.MtAsyncDeployEventContext` + - `com.sap.cds.services.mt.MtAsyncDeployStatusEventContext` + - `com.sap.cds.services.mt.MtUnsubscribeEventContext` + - `com.sap.cds.services.mt.MtAsyncUnsubscribeEventContext` + - `com.sap.cds.services.mt.MtAsyncUnsubscribeFinishedEventContext` - Removed deprecated methods: - `com.sap.cds.services.request.ModifiableUserInfo.setUnrestrictedAttributes` From d12b2651ac9ae5cb4f60961adf85cad3d9e1832b Mon Sep 17 00:00:00 2001 From: Markus Ofterdinger Date: Wed, 15 May 2024 17:32:52 +0200 Subject: [PATCH 09/39] Added table for removed properties (#936) * Update migration.md * Update migration.md * Update migration.md * Update java/migration.md Co-authored-by: Marc Becker * Update java/migration.md Co-authored-by: Marc Becker * Update migration.md * Update java/migration.md * Update java/migration.md --------- Co-authored-by: Marc Becker --- java/migration.md | 51 ++++++++++++++++++++++++----------------------- 1 file changed, 26 insertions(+), 25 deletions(-) diff --git a/java/migration.md b/java/migration.md index 6ae5fbc6f..e64478e69 100644 --- a/java/migration.md +++ b/java/migration.md @@ -66,33 +66,34 @@ Some property defaults have been adjusted: | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | -### Replaced Properties - - - `cds.data-source.csvInitializationMode` -> `cds.data-source.csv.initializationMode` - - `cds.data-source.csvFileSuffix` -> `cds.data-source.csv.fileSuffix` - - `cds.data-source.csvPaths` -> `cds.data-source.csv.paths` - - `cds.data-source.csvSingleChangeset` -> `cds.data-source.csv.singleChangeset` - - `cds.remote.remoteServiceConfig.destination.type` -> `cds.remote.services..type` - - `cds.remote.remoteServiceConfig.destination.suffix` -> `cds.remote.services..http.suffix` - - `cds.remote.remoteServiceConfig.destination.service` -> `cds.remote.services..http.service` - - `cds.remote.remoteServiceConfig.destination.headers` -> `cds.remote.services..http.headers` - - `cds.remote.remoteServiceConfig.destination.queries` -> `cds.remote.services..http.queries` - - `cds.sql.search.useLocalizedView` -> `cds.sql.search.model` - - `cds.identity.authConfig.enabled` -> `cds.security.authentication.authConfig.enabled` - - `cds.xsuaa.authConfig.enabled` -> `cds.security.authentication.authConfig.enabled` - - `cds.odataV4.apply.inCqn.enabled` -> `cds.odataV4.apply.transformations.enabled` - - `cds.multiTenancy.healthCheck.intervalMillis` -> `cds.multiTenancy.healthCheck.interval` - - `cds.messaging.services..outbox.persistent.enabled` -> `cds.messaging.services..outbox.name` - - `cds.auditlog.outbox.persistent.enabled` -> `cds.auditlog.outbox.name` - - `cds.outbox.persistent` -> `cds.outbox.services.` - ### Removed Properties -- `cds.sql.supportedLocales` -- `cds.security.mock.users..unrestricted` -- `cds.multiTenancy.mtxs.enabled` -- `cds.multiTenancy.compatibility.enabled` -- `cds.multiTenancy.security.deploymentScope` +The following table gives an overview about the removed properties: + +| Removed Property | Replacement | Explanation | +| --- | --- | --- | +| `cds.dataSource.csvInitializationMode` | `cds.dataSource.csv.initializationMode` | | +| `cds.dataSource.csvFileSuffix` | `cds.dataSource.csv.fileSuffix` | | +| `cds.dataSource.csvPaths` | `cds.dataSource.csv.paths` | | +| `cds.dataSource.csvSingleChangeset` | `cds.dataSource.csv.singleChangeset` | | +| `cds.remote..destination.type` | `cds.remote.services..type` | | +| `cds.remote..destination.suffix` | `cds.remote.services..http.suffix` | | +| `cds.remote..destination.service` | `cds.remote.services..http.service` | | +| `cds.remote..destination.headers` | `cds.remote.services..http.headers` | | +| `cds.remote..destination.queries` | `cds.remote.services..http.queries` | | +| `cds.sql.search.useLocalizedView` | `cds.sql.search.model` | | +| `cds.identity.authConfig.enabled` | `cds.security.authentication.authConfig.enabled` | | +| `cds.xsuaa.authConfig.enabled` | `cds.security.authentication.authConfig.enabled` | | +| `cds.odataV4.apply.inCqn.enabled` | `cds.odataV4.apply.transformations.enabled` | | +| `cds.multiTenancy.healthCheck.intervalMillis` | `cds.multiTenancy.healthCheck.interval` | | +| `cds.messaging.services..outbox.persistent.enabled` | `cds.messaging.services..outbox.name` | | +| `cds.auditlog.outbox.persistent.enabled` | `cds.auditlog.outbox.name` | | +| `cds.outbox.persistent` | `cds.outbox.services.` | | +| `cds.sql.supportedLocales` | | All locales are supported by default for localized entities, as session variables can now be leveraged on all databases. | +| `cds.security.mock.users..unrestricted` | | Special handling of unrestricted attributes has been removed, in favor of [explicit modelling](../guides/security/authorization#unrestricted-xsuaa-attributes). | +| `cds.multiTenancy.mtxs.enabled` | | MTXS is enabled [by default](#removed-mtx-classic-support). | +| `cds.multiTenancy.compatibility.enabled` | | MtSubscriptionService API [has been removed](#removed-mtx-classic-support) and compatibility mode is no longer available. | +| `cds.multiTenancy.security.deploymentScope` | | HTTP-based tenant upgrade endpoints [have been removed](#removed-mtx-classic-support). | ### Removed Java APIs From 05a8f949eb57cd90f54f5551c9675c6292ea589a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20G=C3=B6rler?= Date: Wed, 5 Jun 2024 13:04:32 +0200 Subject: [PATCH 10/39] Update migration.md --- java/migration.md | 58 +++++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 27 deletions(-) diff --git a/java/migration.md b/java/migration.md index e64478e69..814008195 100644 --- a/java/migration.md +++ b/java/migration.md @@ -29,6 +29,10 @@ uacp: Used as link target from Help Portal at https://help.sap.com/products/BTP/ This is a **preview** of the changes planned for CAP Java 3.0 (planned to be released July 2024) ::: +### Supported CDS-DK Versions + +CAP Java 3.0 supports cds-dk ^7 and ^8. Cds-dk ^6 is not supported any longer. + ### Minimum Versions CAP Java 3.0 increased some minimum required versions: @@ -49,10 +53,10 @@ The Production Profile now defaults to `cloud`. This ensures that various proper Support for classic MTX (@sap/cds-mtx) has been removed. For multitenancy using streamlined MTX (@sap/cds-mtxs) is mandatory. If you are still using MTX Classic refer to the [multitenancy migration guide](../guides/multitenancy/old-mtx-migration). -In addition the deprecated MtSubscriptionService API, which has been superseeded by the DeploymentService API, has been removed. -As part of this change the compatibility mode for the MtSubscriptionService API has been removed. Besides the removal of the Java APIs this includes the following behavioural changes: +In addition the deprecated `MtSubscriptionService` API, which has been superseeded by the `DeploymentService` API, has been removed. +As part of this change the compatibility mode for the `MtSubscriptionService` API has been removed. Besides the removal of the Java APIs this includes the following behavioural changes: -- During unsubscribe the tenant's content (e.g. HDI container) is now deleted by default when using the new DeploymentService API. +- During unsubscribe the tenant's content (e.g. HDI container) is now deleted by default when using the new `DeploymentService` API. - The HTTP-based tenant upgrade APIs provided by the CAP Java app have been removed. This includes the following endpoints: - `/mt/v1.0/subscriptions/deploy/**` (GET & POST) - `/messaging/v1.0/em/` (PUT) @@ -72,52 +76,52 @@ The following table gives an overview about the removed properties: | Removed Property | Replacement | Explanation | | --- | --- | --- | -| `cds.dataSource.csvInitializationMode` | `cds.dataSource.csv.initializationMode` | | +| `cds.auditlog.outbox.persistent.enabled` | `cds.auditlog.outbox.name` | | | `cds.dataSource.csvFileSuffix` | `cds.dataSource.csv.fileSuffix` | | +| `cds.dataSource.csvInitializationMode` | `cds.dataSource.csv.initializationMode` | | | `cds.dataSource.csvPaths` | `cds.dataSource.csv.paths` | | | `cds.dataSource.csvSingleChangeset` | `cds.dataSource.csv.singleChangeset` | | -| `cds.remote..destination.type` | `cds.remote.services..type` | | -| `cds.remote..destination.suffix` | `cds.remote.services..http.suffix` | | -| `cds.remote..destination.service` | `cds.remote.services..http.service` | | -| `cds.remote..destination.headers` | `cds.remote.services..http.headers` | | -| `cds.remote..destination.queries` | `cds.remote.services..http.queries` | | -| `cds.sql.search.useLocalizedView` | `cds.sql.search.model` | | | `cds.identity.authConfig.enabled` | `cds.security.authentication.authConfig.enabled` | | -| `cds.xsuaa.authConfig.enabled` | `cds.security.authentication.authConfig.enabled` | | -| `cds.odataV4.apply.inCqn.enabled` | `cds.odataV4.apply.transformations.enabled` | | -| `cds.multiTenancy.healthCheck.intervalMillis` | `cds.multiTenancy.healthCheck.interval` | | | `cds.messaging.services..outbox.persistent.enabled` | `cds.messaging.services..outbox.name` | | -| `cds.auditlog.outbox.persistent.enabled` | `cds.auditlog.outbox.name` | | -| `cds.outbox.persistent` | `cds.outbox.services.` | | -| `cds.sql.supportedLocales` | | All locales are supported by default for localized entities, as session variables can now be leveraged on all databases. | -| `cds.security.mock.users..unrestricted` | | Special handling of unrestricted attributes has been removed, in favor of [explicit modelling](../guides/security/authorization#unrestricted-xsuaa-attributes). | -| `cds.multiTenancy.mtxs.enabled` | | MTXS is enabled [by default](#removed-mtx-classic-support). | | `cds.multiTenancy.compatibility.enabled` | | MtSubscriptionService API [has been removed](#removed-mtx-classic-support) and compatibility mode is no longer available. | +| `cds.multiTenancy.healthCheck.intervalMillis` | `cds.multiTenancy.healthCheck.interval` | | +| `cds.multiTenancy.mtxs.enabled` | | MTXS is enabled [by default](#removed-mtx-classic-support). | | `cds.multiTenancy.security.deploymentScope` | | HTTP-based tenant upgrade endpoints [have been removed](#removed-mtx-classic-support). | +| `cds.odataV4.apply.inCqn.enabled` | `cds.odataV4.apply.transformations.enabled` | | +| `cds.outbox.persistent` | `cds.outbox.services.` | | +| `cds.remote..destination.headers` | `cds.remote.services..http.headers` | | +| `cds.remote..destination.queries` | `cds.remote.services..http.queries` | | +| `cds.remote..destination.service` | `cds.remote.services..http.service` | | +| `cds.remote..destination.suffix` | `cds.remote.services..http.suffix` | | +| `cds.remote..destination.type` | `cds.remote.services..type` | | +| `cds.security.mock.users..unrestricted` | | Special handling of unrestricted attributes has been removed, in favor of [explicit modelling](../guides/security/authorization#unrestricted-xsuaa-attributes). | +| `cds.sql.search.useLocalizedView` | `cds.sql.search.model` | | +| `cds.sql.supportedLocales` | | All locales are supported by default for localized entities, as session variables can now be leveraged on all databases. | +| `cds.xsuaa.authConfig.enabled` | `cds.security.authentication.authConfig.enabled` | | ### Removed Java APIs - Removed deprecated classes: - `com.sap.cds.services.environment.ServiceBinding` - `com.sap.cds.services.environment.ServiceBindingAdapter` - - `com.sap.cds.services.mt.MtSubscriptionService` - - `com.sap.cds.services.mt.MtGetDependenciesEventContext` - - `com.sap.cds.services.mt.MtSubscribeEventContext` - - `com.sap.cds.services.mt.MtAsyncSubscribeEventContext` - - `com.sap.cds.services.mt.MtAsyncSubscribeFinishedEventContext` - - `com.sap.cds.services.mt.MtDeployEventContext` - `com.sap.cds.services.mt.MtAsyncDeployEventContext` - `com.sap.cds.services.mt.MtAsyncDeployStatusEventContext` - - `com.sap.cds.services.mt.MtUnsubscribeEventContext` + - `com.sap.cds.services.mt.MtAsyncSubscribeEventContext` + - `com.sap.cds.services.mt.MtAsyncSubscribeFinishedEventContext` - `com.sap.cds.services.mt.MtAsyncUnsubscribeEventContext` - `com.sap.cds.services.mt.MtAsyncUnsubscribeFinishedEventContext` + - `com.sap.cds.services.mt.MtDeployEventContext` + - `com.sap.cds.services.mt.MtGetDependenciesEventContext` + - `com.sap.cds.services.mt.MtSubscribeEventContext` + - `com.sap.cds.services.mt.MtSubscriptionService` + - `com.sap.cds.services.mt.MtUnsubscribeEventContext` - Removed deprecated methods: - - `com.sap.cds.services.request.ModifiableUserInfo.setUnrestrictedAttributes` - `com.sap.cds.services.request.ModifiableUserInfo.addUnrestrictedAttribute` + - `com.sap.cds.services.request.ModifiableUserInfo.setUnrestrictedAttributes` - `com.sap.cds.services.request.ModifiableUserInfo.removeUnrestrictedAttribute` - - `com.sap.cds.services.request.UserInfo.isUnrestrictedAttribute` - `com.sap.cds.services.request.UserInfo.getUnrestrictedAttributes` + - `com.sap.cds.services.request.UserInfo.isUnrestrictedAttribute` ### Changes in `cds-maven-plugin` From 1a8580cdc1ab1b329f0ac6c36db456300ecf397a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Jeglinsky?= Date: Thu, 6 Jun 2024 14:18:10 +0200 Subject: [PATCH 11/39] Update java/migration.md --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 814008195..1e7b5ab5c 100644 --- a/java/migration.md +++ b/java/migration.md @@ -26,7 +26,7 @@ uacp: Used as link target from Help Portal at https://help.sap.com/products/BTP/ ## CAP Java 2.10 to CAP Java 3.0 { #two-to-three } ::: warning -This is a **preview** of the changes planned for CAP Java 3.0 (planned to be released July 2024) +This is a **preview** of the changes planned for CAP Java 3.0 (planned to be released June 2024) ::: ### Supported CDS-DK Versions From a65d87d37bd7759261143e74621ae6dfaffb6768 Mon Sep 17 00:00:00 2001 From: Thomas Bonk <130759028+t-bonk@users.noreply.github.com> Date: Mon, 10 Jun 2024 14:14:27 +0200 Subject: [PATCH 12/39] describing new semantics of `cds.outbox.persistent.enabled` (#987) --- java/migration.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 1e7b5ab5c..ba3b8657f 100644 --- a/java/migration.md +++ b/java/migration.md @@ -69,6 +69,12 @@ Some property defaults have been adjusted: | --- | --- | --- | --- | | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | +### Adjusted Property Behavior + +| Property | New Behavior | +| --- | --- | +| `cds.outbox.persistent.enabled` | Disables all persistent outboxes independent of their specific configuration, if set to `false`. | + ### Removed Properties @@ -88,7 +94,9 @@ The following table gives an overview about the removed properties: | `cds.multiTenancy.mtxs.enabled` | | MTXS is enabled [by default](#removed-mtx-classic-support). | | `cds.multiTenancy.security.deploymentScope` | | HTTP-based tenant upgrade endpoints [have been removed](#removed-mtx-classic-support). | | `cds.odataV4.apply.inCqn.enabled` | `cds.odataV4.apply.transformations.enabled` | | -| `cds.outbox.persistent` | `cds.outbox.services.` | | +| `cds.outbox.persistent.maxAttempts` | `cds.outbox.services..maxAttempts` | | +| `cds.outbox.persistent.storeLastError` | `cds.outbox.services..storeLastError` | | +| `cds.outbox.persistent.ordered` | `cds.outbox.services..ordered` | | | `cds.remote..destination.headers` | `cds.remote.services..http.headers` | | | `cds.remote..destination.queries` | `cds.remote.services..http.queries` | | | `cds.remote..destination.service` | `cds.remote.services..http.service` | | From 9b226511b3186749407e370b0fef4b0369a99ed9 Mon Sep 17 00:00:00 2001 From: Markus Ofterdinger Date: Wed, 12 Jun 2024 14:54:14 +0200 Subject: [PATCH 13/39] Describe changes of goal generate (#993) * Update migration.md * Update migration.md --- java/migration.md | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index ba3b8657f..94efe5ee6 100644 --- a/java/migration.md +++ b/java/migration.md @@ -131,10 +131,21 @@ The following table gives an overview about the removed properties: - `com.sap.cds.services.request.UserInfo.getUnrestrictedAttributes` - `com.sap.cds.services.request.UserInfo.isUnrestrictedAttribute` -### Changes in `cds-maven-plugin` +## Changes in `cds-maven-plugin` The goal `addSample` is removed from the `cds-maven-plugin` and replaced with the goal `add` and property `-Dfeature=TINY_SAMPLE`. +### Adjusted POJO class generation + +Some parameter defaults of the goal `generate` have been adjusted: + +| Parameter | Old Value | New Value | Explanation | +| --- | --- | --- | --- | +| `sharedInterfaces` | `false` | `true` | Enables the usage of interfaces generated for the global types with inline anonymous arrayed types in the interfaces generated for actions and functions | +| `uniqueEventContexts` | `false` | `true` | Determines whether the event context interfaces should be unique for bound actions and functions. | + +Both changes are causing the generation of incompatible POJOs. The new defaults can be overwritten by setting the parameters to the old values to get the former POJOs. + ## Cloud SDK 4 to 5 { #cloudsdk5 } CAP Java `2.6.0` and higher is compatible with Cloud SDK in version 4 and 5. For reasons of backward compatibility, CAP Java assumes Cloud SDK 4 as the default. However, we highly recommend to use at least version `5.7.0` of Cloud SDK. To upgrade your CAP Java application to Cloud SDK 5, in most cases, you don't need to adapt any code if you rely on the Cloud SDK integration package (`cds-integration-cloud-sdk`). In these cases, it's sufficient to add the following maven dependency to your CAP Java application: From 0848cfcad131bd37c61a8a4567b7e949521267c9 Mon Sep 17 00:00:00 2001 From: Matthias Schur <107557548+MattSchur@users.noreply.github.com> Date: Mon, 17 Jun 2024 10:34:32 +0200 Subject: [PATCH 14/39] cds.sql.hana.optimizationMode: hex --- java/migration.md | 1 + 1 file changed, 1 insertion(+) diff --git a/java/migration.md b/java/migration.md index 94efe5ee6..99e057f1c 100644 --- a/java/migration.md +++ b/java/migration.md @@ -68,6 +68,7 @@ Some property defaults have been adjusted: | Property | Old Value | New Value | Explanation | | --- | --- | --- | --- | | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | +| `cds.sql.hana.optimizationMode` | `legacy` | `hex` | SQL for SAP HANA is optimized for the HEX engine. | ### Adjusted Property Behavior From cbf19259c61b34e24ce5433eba00b6a32c581e6a Mon Sep 17 00:00:00 2001 From: Matthias Schur <107557548+MattSchur@users.noreply.github.com> Date: Mon, 17 Jun 2024 11:12:32 +0200 Subject: [PATCH 15/39] Java 3 Migration: CqnSearchTermPredicate (#1015) --- java/migration.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/java/migration.md b/java/migration.md index 99e057f1c..df9d8bb0a 100644 --- a/java/migration.md +++ b/java/migration.md @@ -124,6 +124,7 @@ The following table gives an overview about the removed properties: - `com.sap.cds.services.mt.MtSubscribeEventContext` - `com.sap.cds.services.mt.MtSubscriptionService` - `com.sap.cds.services.mt.MtUnsubscribeEventContext` + - `com.sap.cds.ql.cqn.CqnSearchPredicate`, instead use `CqnSearchTermPredicate` - Removed deprecated methods: - `com.sap.cds.services.request.ModifiableUserInfo.addUnrestrictedAttribute` @@ -131,6 +132,7 @@ The following table gives an overview about the removed properties: - `com.sap.cds.services.request.ModifiableUserInfo.removeUnrestrictedAttribute` - `com.sap.cds.services.request.UserInfo.getUnrestrictedAttributes` - `com.sap.cds.services.request.UserInfo.isUnrestrictedAttribute` + - `com.sap.cds.ql.cqn.Modifier.search(String)`, instead use `searchTerm(CqnSearchTermPredicate)` ## Changes in `cds-maven-plugin` From e1396d8d7ac3f565637f573fb38a8f930f41cb34 Mon Sep 17 00:00:00 2001 From: Stefan Henke Date: Tue, 18 Jun 2024 08:12:19 +0200 Subject: [PATCH 16/39] [3.0] Removal of `cds-feature-xsuaa` (#918) Co-authored-by: Marc Becker --- java/migration.md | 13 +++++++++++++ java/security.md | 47 ----------------------------------------------- 2 files changed, 13 insertions(+), 47 deletions(-) diff --git a/java/migration.md b/java/migration.md index df9d8bb0a..ceef607de 100644 --- a/java/migration.md +++ b/java/migration.md @@ -48,6 +48,19 @@ The Production Profile now defaults to `cloud`. This ensures that various proper [Learn more about the Production Profile.](developing-applications/configuring#production-profile){.learn-more} +### Removed feature `cds-feature-xsuaa` + +The feature `cds-feature-xsuaa` has been removed. Support for XSUAA and IAS has been unified under the umbrella of `cds-feature-identity`. + +It utilizes [SAP´s `spring-security` library](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-security) instead of the deprecated [`spring-xsuaa` library](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-xsuaa). + +If your application relies on the standard security configuration by CAP Java and depend on one of the CAP starter bundles, it is expected that you don't need to adapt code. + +If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend to adopt one of our starter bundler `cds-starter-cloudfoundry` or `cds-starter-k8s`. + +[Learn more about the security configuration.](./security.md#configure-xsuaa-and-ias-authentication--xsuaa-ias){.learn-more} +[Learn more about migration to SAP´s `spring-security` library.](https://github.com/SAP/cloud-security-services-integration-library/blob/main/spring-security/Migration_SpringXsuaaProjects.md) + ### Removed MTX Classic Support Support for classic MTX (@sap/cds-mtx) has been removed. For multitenancy using streamlined MTX (@sap/cds-mtxs) is mandatory. diff --git a/java/security.md b/java/security.md index 85e9d70e1..c5ce5296e 100644 --- a/java/security.md +++ b/java/security.md @@ -63,53 +63,6 @@ CAP Java picks only a single binding of each type. If you have multiple XSUAA or Choose an appropriate XSUAA service plan to fit the requirements. For instance, if your service should be exposed as technical reuse service, make use of plan `broker`. ::: -### Transition from `cds-feature-xsuaa` to `cds-feature-identity`{ #transition-xsuaa-ias} -CAP also provides support for XSUAA-based authentication via the maven dependency `cds-feature-xsuaa` which is based on the [spring-xsuaa library](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-xsuaa). -We recommend to move to `cds-feature-identity`, as the spring-xsuaa library is deprecated. When moving to `cds-feature-identity`, please keep the following in mind: - -- As `cds-feature-xsuaa` still takes priority over `cds-feature-identity` for backward compatibility, remove all existing dependencies to `cds-feature-xsuaa` and `xsuaa-spring-boot-starter`. -- If you are using the `cds-starter-cloudfoundry` or the `cds-starter-k8s` starter bundle, make sure to **explicitly** exclude the mentioned dependencies using `...`. - -::: code-group - -```xml [srv/pom.xml (cds-starter-cloudfoundry)] - - com.sap.cds - cds-starter-cloudfoundry - - - com.sap.cds - cds-feature-xsuaa - - - com.sap.cloud.security.xsuaa - xsuaa-spring-boot-starter - - - -``` - -```xml [srv/pom.xml (cds-starter-k8s)] - - com.sap.cds - cds-starter-k8s - - - com.sap.cds - cds-feature-xsuaa - - - com.sap.cloud.security.xsuaa - xsuaa-spring-boot-starter - - - -``` - -::: - -Now follow the description in [Configure XSUAA and IAS Authentication](#xsuaa-ias). - ### Automatic Spring Boot Security Configuration { #spring-boot} Only if **both, the library dependencies and an XSUAA/IAS service binding are in place**, the CAP Java SDK activates a Spring security configuration, which enforces authentication for all endpoints **automatically**: From c4b476d317219eb5d2bd7fe0bacabfa740b445d3 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Tue, 18 Jun 2024 11:01:57 +0200 Subject: [PATCH 17/39] Add removed property --- java/migration.md | 1 + 1 file changed, 1 insertion(+) diff --git a/java/migration.md b/java/migration.md index 2ce49d455..7e66df0ae 100644 --- a/java/migration.md +++ b/java/migration.md @@ -108,6 +108,7 @@ The following table gives an overview about the removed properties: | `cds.multiTenancy.mtxs.enabled` | | MTXS is enabled [by default](#removed-mtx-classic-support). | | `cds.multiTenancy.security.deploymentScope` | | HTTP-based tenant upgrade endpoints [have been removed](#removed-mtx-classic-support). | | `cds.odataV4.apply.inCqn.enabled` | `cds.odataV4.apply.transformations.enabled` | | +| `cds.odataV4.serializer.enabled` | | The legacy serializer has been removed. | | `cds.outbox.persistent.maxAttempts` | `cds.outbox.services..maxAttempts` | | | `cds.outbox.persistent.storeLastError` | `cds.outbox.services..storeLastError` | | | `cds.outbox.persistent.ordered` | `cds.outbox.services..ordered` | | From fe7214b86ff98f0832bc7d292601ee8451390b34 Mon Sep 17 00:00:00 2001 From: Matthias Schur <107557548+MattSchur@users.noreply.github.com> Date: Tue, 18 Jun 2024 14:19:27 +0200 Subject: [PATCH 18/39] cqn(String) methods --- java/migration.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/java/migration.md b/java/migration.md index 7e66df0ae..52a7d8c89 100644 --- a/java/migration.md +++ b/java/migration.md @@ -146,6 +146,9 @@ The following table gives an overview about the removed properties: - `com.sap.cds.services.request.ModifiableUserInfo.removeUnrestrictedAttribute` - `com.sap.cds.services.request.UserInfo.getUnrestrictedAttributes` - `com.sap.cds.services.request.UserInfo.isUnrestrictedAttribute` + - `com.sap.cds.ql.Insert.cqn(String)` + - `com.sap.cds.ql.Update.cqn(String)` + - `com.sap.cds.ql.Upsert.cqn(String)` - `com.sap.cds.ql.cqn.Modifier.search(String)`, instead use `searchTerm(CqnSearchTermPredicate)` ## Changes in `cds-maven-plugin` From 45c9825b6d6190deebb6151bd6f10cce26fe8dfd Mon Sep 17 00:00:00 2001 From: Matthias Schur <107557548+MattSchur@users.noreply.github.com> Date: Tue, 18 Jun 2024 16:31:08 +0200 Subject: [PATCH 19/39] $user.tenant --- java/migration.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/java/migration.md b/java/migration.md index 52a7d8c89..4ec3de0ab 100644 --- a/java/migration.md +++ b/java/migration.md @@ -89,6 +89,13 @@ Some property defaults have been adjusted: | --- | --- | | `cds.outbox.persistent.enabled` | Disables all persistent outboxes independent of their specific configuration, if set to `false`. | +### Session Context Variables + +| Old Variable | Replacement | type | +| --- | --- | --- | +| `$user.tenant` | `$tenant` | removal | +| `$at.from` | `$valid.from` | deprecation | +| `$at.to` | `$valid.to` | deprecation | ### Removed Properties From 120aa0e2d89e13a391a13353ba701e5e5d9c1c2c Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Wed, 19 Jun 2024 12:02:16 +0200 Subject: [PATCH 20/39] 3.0: Lazy localization by default (#1023) --- java/migration.md | 42 ++++++++++++++++++++++++++++-------------- 1 file changed, 28 insertions(+), 14 deletions(-) diff --git a/java/migration.md b/java/migration.md index 4ec3de0ab..60b10a670 100644 --- a/java/migration.md +++ b/java/migration.md @@ -46,17 +46,21 @@ CAP Java 3.0 increased some minimum required versions: The Production Profile now defaults to `cloud`. This ensures that various property defaults suited for local development are changed to recommended secure values for production. +One of the effects of the production profile is that the index page is disabled by default. +If you are using the root path `/` as readiness or liveness probe in Kyma you will need to make adjustments. +It is recommended to use Spring Boot actuator's `/actuator/health` endpoint instead. + [Learn more about the Production Profile.](developing-applications/configuring#production-profile){.learn-more} ### Removed feature `cds-feature-xsuaa` -The feature `cds-feature-xsuaa` has been removed. Support for XSUAA and IAS has been unified under the umbrella of `cds-feature-identity`. +The feature `cds-feature-xsuaa` has been removed. Support for XSUAA and IAS has been unified under the umbrella of `cds-feature-identity`. It utilizes [SAP´s `spring-security` library](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-security) instead of the deprecated [`spring-xsuaa` library](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-xsuaa). If your application relies on the standard security configuration by CAP Java and depend on one of the CAP starter bundles, it is expected that you don't need to adapt code. -If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend to adopt one of our starter bundler `cds-starter-cloudfoundry` or `cds-starter-k8s`. +If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend to adopt one of our starter bundler `cds-starter-cloudfoundry` or `cds-starter-k8s`. [Learn more about the security configuration.](./security.md#configure-xsuaa-and-ias-authentication--xsuaa-ias){.learn-more} [Learn more about migration to SAP´s `spring-security` library.](https://github.com/SAP/cloud-security-services-integration-library/blob/main/spring-security/Migration_SpringXsuaaProjects.md) @@ -74,6 +78,26 @@ As part of this change the compatibility mode for the `MtSubscriptionService` AP - `/mt/v1.0/subscriptions/deploy/**` (GET & POST) - `/messaging/v1.0/em/` (PUT) +### Lazy Localization by default + +EDMX resources served by the OData V4 `/$metadata` endpoints are now localized lazily by default. +This significantly reduces EDMX cache memory consumption in case many languages are used. +Note, that this requires at least `@sap/cds-mtxs` in version `1.12.0`. + +The cds build no longer generates localized EDMX files by default anymore, but instead generates templated EDMX files and a `i18n.json` containing text bundles. +In case localized EDMX files are still required to be generated, set `--opts contentLocalizedEdmx=true` when calling `cds build`. + +### Adjusted POJO class generation + +Some parameter defaults of the goal `generate` have been adjusted: + +| Parameter | Old Value | New Value | Explanation | +| --- | --- | --- | --- | +| `sharedInterfaces` | `false` | `true` | Enables the usage of interfaces generated for the global types with inline anonymous arrayed types in the interfaces generated for actions and functions | +| `uniqueEventContexts` | `false` | `true` | Determines whether the event context interfaces should be unique for bound actions and functions. | + +Both changes are causing the generation of incompatible POJOs. The new defaults can be overwritten by setting the parameters to the old values to get the former POJOs. + ### Adjusted Property Defaults Some property defaults have been adjusted: @@ -82,6 +106,7 @@ Some property defaults have been adjusted: | --- | --- | --- | --- | | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | | `cds.sql.hana.optimizationMode` | `legacy` | `hex` | SQL for SAP HANA is optimized for the HEX engine. | +| `cds.odata-v4.lazy-i18n.enabled` | `null` | `true` | Lazy localization is now enabled by default in multitenant scenarios. | ### Adjusted Property Behavior @@ -158,21 +183,10 @@ The following table gives an overview about the removed properties: - `com.sap.cds.ql.Upsert.cqn(String)` - `com.sap.cds.ql.cqn.Modifier.search(String)`, instead use `searchTerm(CqnSearchTermPredicate)` -## Changes in `cds-maven-plugin` +### Removed goals in `cds-maven-plugin` The goal `addSample` is removed from the `cds-maven-plugin` and replaced with the goal `add` and property `-Dfeature=TINY_SAMPLE`. -### Adjusted POJO class generation - -Some parameter defaults of the goal `generate` have been adjusted: - -| Parameter | Old Value | New Value | Explanation | -| --- | --- | --- | --- | -| `sharedInterfaces` | `false` | `true` | Enables the usage of interfaces generated for the global types with inline anonymous arrayed types in the interfaces generated for actions and functions | -| `uniqueEventContexts` | `false` | `true` | Determines whether the event context interfaces should be unique for bound actions and functions. | - -Both changes are causing the generation of incompatible POJOs. The new defaults can be overwritten by setting the parameters to the old values to get the former POJOs. - ## Cloud SDK 4 to 5 { #cloudsdk5 } CAP Java `2.6.0` and higher is compatible with Cloud SDK in version 4 and 5. For reasons of backward compatibility, CAP Java assumes Cloud SDK 4 as the default. However, we highly recommend to use at least version `5.7.0` of Cloud SDK. To upgrade your CAP Java application to Cloud SDK 5, in most cases, you don't need to adapt any code if you rely on the Cloud SDK integration package (`cds-integration-cloud-sdk`). In these cases, it's sufficient to add the following maven dependency to your CAP Java application: From 6a7ce06cd8e0feed8637f1d0a496b91f82d96ed4 Mon Sep 17 00:00:00 2001 From: Matthias Schur <107557548+MattSchur@users.noreply.github.com> Date: Wed, 19 Jun 2024 15:54:13 +0200 Subject: [PATCH 21/39] $user.tenant deprecation --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 60b10a670..42aed8cdc 100644 --- a/java/migration.md +++ b/java/migration.md @@ -118,7 +118,7 @@ Some property defaults have been adjusted: | Old Variable | Replacement | type | | --- | --- | --- | -| `$user.tenant` | `$tenant` | removal | +| `$user.tenant` | `$tenant` | deprecation | | `$at.from` | `$valid.from` | deprecation | | `$at.to` | `$valid.to` | deprecation | From a2b18c24edbac4abfa77aa6fee36696f292dc6df Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Wed, 19 Jun 2024 16:09:24 +0200 Subject: [PATCH 22/39] document cds.auditLog.personalData.throwOnMissingDataSubject change --- java/migration.md | 1 + 1 file changed, 1 insertion(+) diff --git a/java/migration.md b/java/migration.md index 42aed8cdc..14bd5c241 100644 --- a/java/migration.md +++ b/java/migration.md @@ -107,6 +107,7 @@ Some property defaults have been adjusted: | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | | `cds.sql.hana.optimizationMode` | `legacy` | `hex` | SQL for SAP HANA is optimized for the HEX engine. | | `cds.odata-v4.lazy-i18n.enabled` | `null` | `true` | Lazy localization is now enabled by default in multitenant scenarios. | +| `cds.auditLog.personalData.throwOnMissingDataSubject` | `false` | `true` | Incomplete personal data annotations should result in an error by default. | ### Adjusted Property Behavior From e5a5f02167700039e7a59be75ba0c49a742a4cd1 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Wed, 19 Jun 2024 16:11:26 +0200 Subject: [PATCH 23/39] Update migration.md --- java/migration.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/java/migration.md b/java/migration.md index 14bd5c241..d6e8d84c2 100644 --- a/java/migration.md +++ b/java/migration.md @@ -29,19 +29,18 @@ uacp: Used as link target from Help Portal at https://help.sap.com/products/BTP/ This is a **preview** of the changes planned for CAP Java 3.0 (planned to be released June 2024) ::: -### Supported CDS-DK Versions - -CAP Java 3.0 supports cds-dk ^7 and ^8. Cds-dk ^6 is not supported any longer. - ### Minimum Versions CAP Java 3.0 increased some minimum required versions: | Dependency | Minimum Version | | --- | --- | +| @sap/cds-dk | ^7 | | Maven | 3.6.3 | | Cloud SDK | 5.9.0 | +CAP Java 3.0 no longer supports @sap/cds-dk ^6. + ### Production Profile `cloud` The Production Profile now defaults to `cloud`. This ensures that various property defaults suited for local development are changed to recommended secure values for production. @@ -106,7 +105,7 @@ Some property defaults have been adjusted: | --- | --- | --- | --- | | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | | `cds.sql.hana.optimizationMode` | `legacy` | `hex` | SQL for SAP HANA is optimized for the HEX engine. | -| `cds.odata-v4.lazy-i18n.enabled` | `null` | `true` | Lazy localization is now enabled by default in multitenant scenarios. | +| `cds.odataV4.lazyI18n.enabled` | `null` | `true` | Lazy localization is now enabled by default in multitenant scenarios. | | `cds.auditLog.personalData.throwOnMissingDataSubject` | `false` | `true` | Incomplete personal data annotations should result in an error by default. | ### Adjusted Property Behavior From e6d4d9dd54db88edec6e68399e05d33f989bfa02 Mon Sep 17 00:00:00 2001 From: Matthias Schur <107557548+MattSchur@users.noreply.github.com> Date: Thu, 20 Jun 2024 12:58:43 +0200 Subject: [PATCH 24/39] CqnSearchPredicate --- java/migration.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index d6e8d84c2..6b9d3fb00 100644 --- a/java/migration.md +++ b/java/migration.md @@ -170,7 +170,6 @@ The following table gives an overview about the removed properties: - `com.sap.cds.services.mt.MtSubscribeEventContext` - `com.sap.cds.services.mt.MtSubscriptionService` - `com.sap.cds.services.mt.MtUnsubscribeEventContext` - - `com.sap.cds.ql.cqn.CqnSearchPredicate`, instead use `CqnSearchTermPredicate` - Removed deprecated methods: - `com.sap.cds.services.request.ModifiableUserInfo.addUnrestrictedAttribute` @@ -181,6 +180,9 @@ The following table gives an overview about the removed properties: - `com.sap.cds.ql.Insert.cqn(String)` - `com.sap.cds.ql.Update.cqn(String)` - `com.sap.cds.ql.Upsert.cqn(String)` + +- Deprecations: + - `com.sap.cds.ql.cqn.CqnSearchPredicate`, instead use `CqnSearchTermPredicate` - `com.sap.cds.ql.cqn.Modifier.search(String)`, instead use `searchTerm(CqnSearchTermPredicate)` ### Removed goals in `cds-maven-plugin` From 18e625678d42f1b8823701a4a83313b5585659df Mon Sep 17 00:00:00 2001 From: Matthias Schur <107557548+MattSchur@users.noreply.github.com> Date: Thu, 20 Jun 2024 13:01:10 +0200 Subject: [PATCH 25/39] Session Context Variables --- java/migration.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/java/migration.md b/java/migration.md index 6b9d3fb00..c2bdefa92 100644 --- a/java/migration.md +++ b/java/migration.md @@ -114,13 +114,13 @@ Some property defaults have been adjusted: | --- | --- | | `cds.outbox.persistent.enabled` | Disables all persistent outboxes independent of their specific configuration, if set to `false`. | -### Session Context Variables +### Deprecated Session Context Variables -| Old Variable | Replacement | type | -| --- | --- | --- | -| `$user.tenant` | `$tenant` | deprecation | -| `$at.from` | `$valid.from` | deprecation | -| `$at.to` | `$valid.to` | deprecation | +| Old Variable | Replacement | +| --- | --- | +| `$user.tenant` | `$tenant` | +| `$at.from` | `$valid.from` | +| `$at.to` | `$valid.to` | ### Removed Properties From 72c0fe4aa021e4f1d1cb15e0d5666162b3e6f588 Mon Sep 17 00:00:00 2001 From: Vladimir Date: Thu, 20 Jun 2024 13:56:08 +0200 Subject: [PATCH 26/39] Prohibit star-expand and inline-all (#1039) --- java/migration.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/java/migration.md b/java/migration.md index c2bdefa92..87f9fe9d3 100644 --- a/java/migration.md +++ b/java/migration.md @@ -86,6 +86,18 @@ Note, that this requires at least `@sap/cds-mtxs` in version `1.12.0`. The cds build no longer generates localized EDMX files by default anymore, but instead generates templated EDMX files and a `i18n.json` containing text bundles. In case localized EDMX files are still required to be generated, set `--opts contentLocalizedEdmx=true` when calling `cds build`. +### Star-expand and inline-all are no longer permitted + +Previously, you could not use expand or inline without explicit paths on draft-enabled entities. Now they are rejected for all entities on application service level. + +For example, following statement will not be executed when submitted to an instance of [`ApplicationService`](https://www.javadoc.io/doc/com.sap.cds/cds-services-api/latest/com/sap/cds/services/cds/ApplicationService.html). + +```java +Select.from(Books_.class).columns(t -> t.expand()); +``` + +This does not impact the OData where the `expand=*` will be transformed to explicit association expand. + ### Adjusted POJO class generation Some parameter defaults of the goal `generate` have been adjusted: From cbf8639ab1cabe579cbcae9281197d03ddb467c5 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 21 Jun 2024 09:44:20 +0200 Subject: [PATCH 27/39] Apply suggestions from code review Co-authored-by: Matthias Schur <107557548+MattSchur@users.noreply.github.com> --- java/migration.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/java/migration.md b/java/migration.md index 87f9fe9d3..cbfa2479c 100644 --- a/java/migration.md +++ b/java/migration.md @@ -59,7 +59,7 @@ It utilizes [SAP´s `spring-security` library](https://github.com/SAP/cloud-secu If your application relies on the standard security configuration by CAP Java and depend on one of the CAP starter bundles, it is expected that you don't need to adapt code. -If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend to adopt one of our starter bundler `cds-starter-cloudfoundry` or `cds-starter-k8s`. +If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend to adopt one of our starter bundles `cds-starter-cloudfoundry` or `cds-starter-k8s`. [Learn more about the security configuration.](./security.md#configure-xsuaa-and-ias-authentication--xsuaa-ias){.learn-more} [Learn more about migration to SAP´s `spring-security` library.](https://github.com/SAP/cloud-security-services-integration-library/blob/main/spring-security/Migration_SpringXsuaaProjects.md) @@ -93,10 +93,10 @@ Previously, you could not use expand or inline without explicit paths on draft-e For example, following statement will not be executed when submitted to an instance of [`ApplicationService`](https://www.javadoc.io/doc/com.sap.cds/cds-services-api/latest/com/sap/cds/services/cds/ApplicationService.html). ```java -Select.from(Books_.class).columns(t -> t.expand()); +Select.from(BOOKS).columns(b -> b.expand()); ``` -This does not impact the OData where the `expand=*` will be transformed to explicit association expand. +This does not impact OData where `expand=*` is transformed into expands for all associations. ### Adjusted POJO class generation From 993eda3e66717325fe39f758cf8df560e4ae0261 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 21 Jun 2024 09:44:43 +0200 Subject: [PATCH 28/39] Remove warning --- java/migration.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/java/migration.md b/java/migration.md index cbfa2479c..3a6c79032 100644 --- a/java/migration.md +++ b/java/migration.md @@ -25,10 +25,6 @@ uacp: Used as link target from Help Portal at https://help.sap.com/products/BTP/ ## CAP Java 2.10 to CAP Java 3.0 { #two-to-three } -::: warning -This is a **preview** of the changes planned for CAP Java 3.0 (planned to be released June 2024) -::: - ### Minimum Versions CAP Java 3.0 increased some minimum required versions: From 0da0d0b6b139de3c31d73a3b8340affb198532f8 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 21 Jun 2024 14:16:11 +0200 Subject: [PATCH 29/39] Update minimum versions in general docs --- java/versions.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/java/versions.md b/java/versions.md index fd0832b1b..82ff50dd3 100644 --- a/java/versions.md +++ b/java/versions.md @@ -66,12 +66,12 @@ The following table lists these minimum versions for various common dependencies | Dependency | Minimum Version | Recommended Version | | --- | --- | --- | | JDK | 17 | 211 | -| Maven | 3.5.0 | 3.9.6 | -| @sap/cds-dk | 6 | latest | -| @sap/cds-compiler | 3 | latest | +| Maven | 3.6.3 | 3.9.8 | +| @sap/cds-dk | 7 | latest | +| @sap/cds-compiler | 4 | latest | | Spring Boot | 3.0 | latest | | XSUAA | 3.0 | latest | -| SAP Cloud SDK | 4.24 | latest | +| SAP Cloud SDK | 5.9 | latest | | Java Logging | 3.7 | latest | 1 When using the SAP Business Application Studio JDK 17 is recommended. From 68494d3f3f39069dae49c09e6013d486dd3a05f8 Mon Sep 17 00:00:00 2001 From: Stefan Henke Date: Tue, 25 Jun 2024 14:32:49 +0200 Subject: [PATCH 30/39] [3.0] IAS support in Remote Services and IAS migration guide (#1047) * ias scenarios * ias scenarios * ias scenarios * Apply suggestions from code review Co-authored-by: Marc Becker * extract details to security.md * bullet point list * Update java/cqn-services/remote-services.md Co-authored-by: Marc Becker * Update java/cqn-services/remote-services.md * Update java/cqn-services/remote-services.md * Update java/migration.md * Update java/security.md * Update java/security.md * Update java/security.md * Update java/security.md * Update java/security.md * fix syntax * added code block * fix formatting * cosmetics --------- Co-authored-by: Marc Becker Co-authored-by: Mahati Shankar <93712176+smahati@users.noreply.github.com> Co-authored-by: Mahati Shankar --- java/cqn-services/remote-services.md | 25 ++++++++++++++++++++++--- java/migration.md | 8 ++++++++ java/security.md | 14 ++++++++++++++ 3 files changed, 44 insertions(+), 3 deletions(-) diff --git a/java/cqn-services/remote-services.md b/java/cqn-services/remote-services.md index 3ca1b4774..1c7a47b8a 100644 --- a/java/cqn-services/remote-services.md +++ b/java/cqn-services/remote-services.md @@ -141,8 +141,8 @@ The class `SomeReuseServiceOAuth2PropertySupplier` needs to be provided by you e #### Binding to a Service with Shared Identity -If the remote API is available within the same SaaS application and using the same (shared) XSUAA service instance for authentication, no service broker-based reuse service is required. -The _Remote Service_ can be configured using the shared XSUAA service instance as binding (here: `shared-xsuaa`): +If the remote API is available within the same SaaS application and using the same (shared) service instance of XSUAA or Identity (IAS) for authentication, no service broker-based reuse service is required. +The _Remote Service_ can be configured using the shared service instance as binding (here: `shared-xsuaa`): ```yaml cds: @@ -154,9 +154,14 @@ cds: url: https://url-of-the-second-cap-application ``` -The plain XSUAA service binding does not contain the URL of the remote API. Therefore it needs to be explicitly configured in the `options` section. +The plain service binding of XSUAA or IAS does not contain the URL of the remote API. Therefore it needs to be explicitly configured in the `options` section. As the URL is typically not known at development time, it can be alternatively defined as an environment variable `CDS_REMOTE_SERVICES__OPTIONS_URL`. +:::tip +Remote APIs which require IAS-based authentication might expect certificate based client authentication in addition to the IAS-based JWT token (ie. [proof-of-possession](https://github.com/SAP/cloud-security-services-integration-library/tree/main/java-security#proofofpossession-validation)). +CAP _Remote Services_ automatically takes care of this by initiating a mutual TLS handshake with the remote API. +::: + #### Configuring the Authentication Strategy While service bindings typically provide authentication details, they don't predetermine the user propagation and authentication strategy, for example, technical user or named user flow. @@ -183,6 +188,20 @@ cds: name: s4-business-partner-api ``` +If your CAP application is using IAS and you want to call a _remote API_ that is provided by another IAS-based application (ie. Application2Application scenario), you can utilize a simplified security configuration in the destination. +As a pre-requisite, your CAP application and the called application need to trust the same IAS tenant and you need to define a dependency in IAS to consume the respective API provided by the _remote API_. + +Create a destination configuration with the following parameters: + +- _URL_: `` +- _Authentication_: `NoAuthentication` +- Additional Properties: + - _cloudsdk.ias-dependency-name_: `` + +At runtime, this destination configuration will use the bound `identity` service instance's credentials to request a token for the _remote API_. + +[Learn more about consuming APIs from Other IAS-Appications in the **SAP Cloud Identity Services documentation**.](https://help.sap.com/docs/cloud-identity-services/cloud-identity-services/consume-apis-from-other-applications){.learn-more} + The CAP Java SDK obtains the destination for a _Remote Service_ from the `DestinationAccessor` using the name that is configured in the _Remote Service_'s destination configuration. If you're using the SAP BTP Destination Service, this is the name you used when you defined the destination there. To properly resolve the destination from SAP BTP Destination Service [additional Cloud SDK dependencies](#cloud-sdk-dependencies) are required. diff --git a/java/migration.md b/java/migration.md index 3a6c79032..a1c2cbec7 100644 --- a/java/migration.md +++ b/java/migration.md @@ -197,6 +197,14 @@ The following table gives an overview about the removed properties: The goal `addSample` is removed from the `cds-maven-plugin` and replaced with the goal `add` and property `-Dfeature=TINY_SAMPLE`. +### Proof-Of-Possession enforced for IAS-based authentication + +In IAS scenarios, the [Proof-Of-Possession](https://github.com/SAP/cloud-security-services-integration-library/tree/main/java-security#proofofpossession-validation) is now enforced by default for incoming requests for versions starting from `3.5.1` of the [SAP BTP Spring Security Client](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-security). + +Because of this, applications calling a CAP Java application will need to send a valid client certificate in addition to the JWT token. In particular, applications using an Approuter have to set `forwardAuthCertificates: true` on the Approuter destination pointing to your CAP backend. + +[Learn more about Proof-Of-Possession.](./security.md#proof-of-possession){.learn-more} + ## Cloud SDK 4 to 5 { #cloudsdk5 } CAP Java `2.6.0` and higher is compatible with Cloud SDK in version 4 and 5. For reasons of backward compatibility, CAP Java assumes Cloud SDK 4 as the default. However, we highly recommend to use at least version `5.7.0` of Cloud SDK. To upgrade your CAP Java application to Cloud SDK 5, in most cases, you don't need to adapt any code if you rely on the Cloud SDK integration package (`cds-integration-cloud-sdk`). In these cases, it's sufficient to add the following maven dependency to your CAP Java application: diff --git a/java/security.md b/java/security.md index c5ce5296e..76405a7be 100644 --- a/java/security.md +++ b/java/security.md @@ -63,6 +63,20 @@ CAP Java picks only a single binding of each type. If you have multiple XSUAA or Choose an appropriate XSUAA service plan to fit the requirements. For instance, if your service should be exposed as technical reuse service, make use of plan `broker`. ::: +#### Proof-Of-Possession for IAS { #proof-of-possession} + +Proof-Of-Possession is a technique for additional security where a JWT token is **bound** to a particular OAuth client for which the token was issued. On BTP, Proof-Of-Possession is supported by IAS and can be used by a CAP Java application. + +Typically, a caller of a CAP application provides a JWT token issued by IAS to authenticate a request. With Proof-Of-Possession in place, a mutual TLS (mTLS) tunnel is established between the caller and your CAP application in addition to the JWT token. + +Clients calling your CAP application need to send the certificate provided by their `identity` service instance in addition to the IAS token. On Cloud Foundry, the CAP application needs to be exposed under an additional route utilizing the `.cert.` domain. + +The Proof-Of-Possession also affects approuter calls to a CAP Java application. The approuter needs to be configured to forward the certificate to the CAP application. This can be achieved by setting `forwardAuthCertificates: true` on the destination pointing to your CAP backend (for more details see [the `environment destinations` section on npmjs.org](https://www.npmjs.com/package/@sap/approuter#environment-destinations)). + +When authenticating incoming requests with IAS, the Proof-Of-Possession is activated by default. This requires using at least version `3.5.1` of the [SAP BTP Spring Security Client](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-security) library. + +You can disable the Proof-Of-Possession enforcement in your CAP Java application by setting the property `sap.spring.security.identity.prooftoken` to `false` in the `application.yaml` file. + ### Automatic Spring Boot Security Configuration { #spring-boot} Only if **both, the library dependencies and an XSUAA/IAS service binding are in place**, the CAP Java SDK activates a Spring security configuration, which enforces authentication for all endpoints **automatically**: From 80b9d04f3710c5f5b3d6ee20be2c3238f7c459a8 Mon Sep 17 00:00:00 2001 From: BraunMatthias <59841349+BraunMatthias@users.noreply.github.com> Date: Wed, 26 Jun 2024 13:10:24 +0200 Subject: [PATCH 31/39] Update java/migration.md Co-authored-by: Mahati Shankar <93712176+smahati@users.noreply.github.com> --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index c4ca23b73..82876d81a 100644 --- a/java/migration.md +++ b/java/migration.md @@ -100,7 +100,7 @@ Some parameter defaults of the goal `generate` have been adjusted: | Parameter | Old Value | New Value | Explanation | | --- | --- | --- | --- | -| `sharedInterfaces` | `false` | `true` | Enables the usage of interfaces generated for the global types with inline anonymous arrayed types in the interfaces generated for actions and functions | +| `sharedInterfaces` | `false` | `true` | Interfaces are generated for the global types with inline anonymous arrayed types, `sharedInterfaces` enables their usage in the interfaces generated for actions and functions as well. | | `uniqueEventContexts` | `false` | `true` | Determines whether the event context interfaces should be unique for bound actions and functions. | Both changes are causing the generation of incompatible POJOs. The new defaults can be overwritten by setting the parameters to the old values to get the former POJOs. From ced65c900160e126c999c56558ee9affbef248d4 Mon Sep 17 00:00:00 2001 From: Thomas Bonk Date: Wed, 26 Jun 2024 14:40:20 +0200 Subject: [PATCH 32/39] added new default value of message service structured flag --- java/migration.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 82876d81a..ab39f7c57 100644 --- a/java/migration.md +++ b/java/migration.md @@ -115,6 +115,7 @@ Some property defaults have been adjusted: | `cds.sql.hana.optimizationMode` | `legacy` | `hex` | SQL for SAP HANA is optimized for the HEX engine. | | `cds.odataV4.lazyI18n.enabled` | `null` | `true` | Lazy localization is now enabled by default in multitenant scenarios. | | `cds.auditLog.personalData.throwOnMissingDataSubject` | `false` | `true` | Incomplete personal data annotations should result in an error by default. | +| `cds.messaging..structured | `false` | `true` | [Enhanced message representation](./messaging#enhanced-messages-representation) is now eneabled by default. | ### Adjusted Property Behavior @@ -188,7 +189,7 @@ The following table gives an overview about the removed properties: - `com.sap.cds.ql.Insert.cqn(String)` - `com.sap.cds.ql.Update.cqn(String)` - `com.sap.cds.ql.Upsert.cqn(String)` - + - Deprecations: - `com.sap.cds.ql.cqn.CqnSearchPredicate`, instead use `CqnSearchTermPredicate` - `com.sap.cds.ql.cqn.Modifier.search(String)`, instead use `searchTerm(CqnSearchTermPredicate)` From 4265fe7a7c08f821987061d9cf94446f2c065946 Mon Sep 17 00:00:00 2001 From: Thomas Bonk Date: Wed, 26 Jun 2024 14:41:27 +0200 Subject: [PATCH 33/39] changed default value in java messaging docs --- java/messaging.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/messaging.md b/java/messaging.md index 399fead8a..cb9c00dc9 100644 --- a/java/messaging.md +++ b/java/messaging.md @@ -730,7 +730,7 @@ Besides these kinds of topic manipulations, additional topic manipulations might The configuration property `structured` determines if messages are represented as a plain String (`false`) or always structured as two separate maps, representing data and headers (`true`). Setting this property enables handling of message headers, like `cloudevents` headers, separately from the message itself. This works for all messaging brokers supported by CAP. If using a message broker that supports native headers, e.g. Kafka, the headers are separated from the business data. On incoming messages the flag determines the internal representation of the message either as a plain string or two maps of message data and message headers. Having header data separated, avoids adding extra information or metadata as part of the business data when sending them to the message broker. Additionally the header data is clearly separated on the consumer side, because they provided by different data and headers maps. -The default value for the configuration property `structured` is `false`. +The default value for the configuration property `structured` is `true`. Configuration example: From 063b1e0cff8e398a72b5de0730f6b187f8bf4f5a Mon Sep 17 00:00:00 2001 From: Thomas Bonk Date: Wed, 26 Jun 2024 14:41:55 +0200 Subject: [PATCH 34/39] fixed link --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index ab39f7c57..42a2bbe05 100644 --- a/java/migration.md +++ b/java/migration.md @@ -115,7 +115,7 @@ Some property defaults have been adjusted: | `cds.sql.hana.optimizationMode` | `legacy` | `hex` | SQL for SAP HANA is optimized for the HEX engine. | | `cds.odataV4.lazyI18n.enabled` | `null` | `true` | Lazy localization is now enabled by default in multitenant scenarios. | | `cds.auditLog.personalData.throwOnMissingDataSubject` | `false` | `true` | Incomplete personal data annotations should result in an error by default. | -| `cds.messaging..structured | `false` | `true` | [Enhanced message representation](./messaging#enhanced-messages-representation) is now eneabled by default. | +| `cds.messaging..structured | `false` | `true` | [Enhanced message representation](./messaging.md#enhanced-messages-representation) is now eneabled by default. | ### Adjusted Property Behavior From f130c8f99e2b362b92489406968b558abd57553b Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Wed, 26 Jun 2024 15:14:38 +0200 Subject: [PATCH 35/39] Update migration.md --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 42a2bbe05..7c1407ff9 100644 --- a/java/migration.md +++ b/java/migration.md @@ -115,7 +115,7 @@ Some property defaults have been adjusted: | `cds.sql.hana.optimizationMode` | `legacy` | `hex` | SQL for SAP HANA is optimized for the HEX engine. | | `cds.odataV4.lazyI18n.enabled` | `null` | `true` | Lazy localization is now enabled by default in multitenant scenarios. | | `cds.auditLog.personalData.throwOnMissingDataSubject` | `false` | `true` | Incomplete personal data annotations should result in an error by default. | -| `cds.messaging..structured | `false` | `true` | [Enhanced message representation](./messaging.md#enhanced-messages-representation) is now eneabled by default. | +| `cds.messaging.services..structured` | `false` | `true` | [Enhanced message representation](./messaging.md#enhanced-messages-representation) is now enabled by default. | ### Adjusted Property Behavior From a7850c1b56fd921630757228c52980e78bce1acc Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Wed, 26 Jun 2024 16:08:37 +0200 Subject: [PATCH 36/39] Update java/migration.md --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 7c1407ff9..9acd5e8f2 100644 --- a/java/migration.md +++ b/java/migration.md @@ -100,7 +100,7 @@ Some parameter defaults of the goal `generate` have been adjusted: | Parameter | Old Value | New Value | Explanation | | --- | --- | --- | --- | -| `sharedInterfaces` | `false` | `true` | Interfaces are generated for the global types with inline anonymous arrayed types, `sharedInterfaces` enables their usage in the interfaces generated for actions and functions as well. | +| `sharedInterfaces` | `false` | `true` | Interfaces for global arrayed types with inline anonymous type are now generated exactly once. `sharedInterfaces` ensures such types are not generated as inline interfaces again, if used in events, actions or functions. | | `uniqueEventContexts` | `false` | `true` | Determines whether the event context interfaces should be unique for bound actions and functions. | Both changes are causing the generation of incompatible POJOs. The new defaults can be overwritten by setting the parameters to the old values to get the former POJOs. From c3458aa5b64ed209abaad46eca2bb96117403d10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Jeglinsky?= Date: Thu, 27 Jun 2024 08:34:08 +0200 Subject: [PATCH 37/39] Update java/migration.md --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 9acd5e8f2..5568822f8 100644 --- a/java/migration.md +++ b/java/migration.md @@ -57,7 +57,7 @@ If your application relies on the standard security configuration by CAP Java an If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend to adopt one of our starter bundles `cds-starter-cloudfoundry` or `cds-starter-k8s`. -[Learn more about the security configuration.](./security.md#configure-xsuaa-and-ias-authentication--xsuaa-ias){.learn-more} +[Learn more about the security configuration.](./security.md#xsuaa-ias){.learn-more} [Learn more about migration to SAP´s `spring-security` library.](https://github.com/SAP/cloud-security-services-integration-library/blob/main/spring-security/Migration_SpringXsuaaProjects.md) ### Removed MTX Classic Support From 7cad9274e6baced8dc7e8651ac584b456a168462 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Jeglinsky?= Date: Thu, 27 Jun 2024 08:34:42 +0200 Subject: [PATCH 38/39] Update java/migration.md --- java/migration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java/migration.md b/java/migration.md index 5568822f8..62ae856ab 100644 --- a/java/migration.md +++ b/java/migration.md @@ -57,7 +57,7 @@ If your application relies on the standard security configuration by CAP Java an If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend to adopt one of our starter bundles `cds-starter-cloudfoundry` or `cds-starter-k8s`. -[Learn more about the security configuration.](./security.md#xsuaa-ias){.learn-more} +[Learn more about the security configuration.](./security#xsuaa-ias){.learn-more} [Learn more about migration to SAP´s `spring-security` library.](https://github.com/SAP/cloud-security-services-integration-library/blob/main/spring-security/Migration_SpringXsuaaProjects.md) ### Removed MTX Classic Support From 94ecf988583040f7b963b8f6330485d6e49e505c Mon Sep 17 00:00:00 2001 From: Mahati Shankar Date: Mon, 1 Jul 2024 16:04:28 +0200 Subject: [PATCH 39/39] cosmetics --- java/migration.md | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/java/migration.md b/java/migration.md index 62ae856ab..1c9e0e508 100644 --- a/java/migration.md +++ b/java/migration.md @@ -42,8 +42,8 @@ CAP Java 3.0 no longer supports @sap/cds-dk ^6. The Production Profile now defaults to `cloud`. This ensures that various property defaults suited for local development are changed to recommended secure values for production. One of the effects of the production profile is that the index page is disabled by default. -If you are using the root path `/` as readiness or liveness probe in Kyma you will need to make adjustments. -It is recommended to use Spring Boot actuator's `/actuator/health` endpoint instead. +If you are using the root path `/` for readiness or liveness probing in Kyma you will need to adjustment them, in this case +it is recommended to use Spring Boot actuator's `/actuator/health` endpoint instead. [Learn more about the Production Profile.](developing-applications/configuring#production-profile){.learn-more} @@ -53,19 +53,19 @@ The feature `cds-feature-xsuaa` has been removed. Support for XSUAA and IAS has It utilizes [SAP´s `spring-security` library](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-security) instead of the deprecated [`spring-xsuaa` library](https://github.com/SAP/cloud-security-services-integration-library/tree/main/spring-xsuaa). -If your application relies on the standard security configuration by CAP Java and depend on one of the CAP starter bundles, it is expected that you don't need to adapt code. +If your application relies on the standard security configuration by CAP Java and depend on one of the CAP starter bundles, it is expected that you won't need to adapt code. -If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend to adopt one of our starter bundles `cds-starter-cloudfoundry` or `cds-starter-k8s`. +If you have customized the security configuration, you need to adapt it to the new library. If your application had a direct dependency to `cds-feature-xsuaa`, we recommend using one of our starter bundles `cds-starter-cloudfoundry` or `cds-starter-k8s`. [Learn more about the security configuration.](./security#xsuaa-ias){.learn-more} [Learn more about migration to SAP´s `spring-security` library.](https://github.com/SAP/cloud-security-services-integration-library/blob/main/spring-security/Migration_SpringXsuaaProjects.md) ### Removed MTX Classic Support -Support for classic MTX (@sap/cds-mtx) has been removed. For multitenancy using streamlined MTX (@sap/cds-mtxs) is mandatory. -If you are still using MTX Classic refer to the [multitenancy migration guide](../guides/multitenancy/old-mtx-migration). +Support for classic MTX (@sap/cds-mtx) has been removed. Using streamlined MTX (@sap/cds-mtxs) is mandatory for multitenancy. +If you're still using MTX Classic refer to the [multitenancy migration guide](../guides/multitenancy/old-mtx-migration). -In addition the deprecated `MtSubscriptionService` API, which has been superseeded by the `DeploymentService` API, has been removed. +In addition, the deprecated `MtSubscriptionService` API, has been removed. It has now been superseeded by the `DeploymentService` API. As part of this change the compatibility mode for the `MtSubscriptionService` API has been removed. Besides the removal of the Java APIs this includes the following behavioural changes: - During unsubscribe the tenant's content (e.g. HDI container) is now deleted by default when using the new `DeploymentService` API. @@ -76,11 +76,11 @@ As part of this change the compatibility mode for the `MtSubscriptionService` AP ### Lazy Localization by default EDMX resources served by the OData V4 `/$metadata` endpoints are now localized lazily by default. -This significantly reduces EDMX cache memory consumption in case many languages are used. +This significantly reduces EDMX cache memory consumption when many languages are used. Note, that this requires at least `@sap/cds-mtxs` in version `1.12.0`. The cds build no longer generates localized EDMX files by default anymore, but instead generates templated EDMX files and a `i18n.json` containing text bundles. -In case localized EDMX files are still required to be generated, set `--opts contentLocalizedEdmx=true` when calling `cds build`. +If you need localized EDMX files to be generated, set `--opts contentLocalizedEdmx=true` when calling `cds build`. ### Star-expand and inline-all are no longer permitted @@ -103,7 +103,7 @@ Some parameter defaults of the goal `generate` have been adjusted: | `sharedInterfaces` | `false` | `true` | Interfaces for global arrayed types with inline anonymous type are now generated exactly once. `sharedInterfaces` ensures such types are not generated as inline interfaces again, if used in events, actions or functions. | | `uniqueEventContexts` | `false` | `true` | Determines whether the event context interfaces should be unique for bound actions and functions. | -Both changes are causing the generation of incompatible POJOs. The new defaults can be overwritten by setting the parameters to the old values to get the former POJOs. +Both these changes result in the generation of incompatible POJOs. To get the former POJOs, the new defaults can be overwritten by setting the parameters to the old values. ### Adjusted Property Defaults @@ -114,14 +114,14 @@ Some property defaults have been adjusted: | `cds.remote.services..http.csrf.enabled` | `true` | `false` | Most APIs don't require CSRF tokens. | | `cds.sql.hana.optimizationMode` | `legacy` | `hex` | SQL for SAP HANA is optimized for the HEX engine. | | `cds.odataV4.lazyI18n.enabled` | `null` | `true` | Lazy localization is now enabled by default in multitenant scenarios. | -| `cds.auditLog.personalData.throwOnMissingDataSubject` | `false` | `true` | Incomplete personal data annotations should result in an error by default. | +| `cds.auditLog.personalData.throwOnMissingDataSubject` | `false` | `true` | Raise errors for incomplete personal data annotations by default. | | `cds.messaging.services..structured` | `false` | `true` | [Enhanced message representation](./messaging.md#enhanced-messages-representation) is now enabled by default. | ### Adjusted Property Behavior | Property | New Behavior | | --- | --- | -| `cds.outbox.persistent.enabled` | Disables all persistent outboxes independent of their specific configuration, if set to `false`. | +| `cds.outbox.persistent.enabled` | When set to `false`, all persistent outboxes are disabled regardless of their specific configuration. | ### Deprecated Session Context Variables @@ -196,7 +196,7 @@ The following table gives an overview about the removed properties: ### Removed goals in `cds-maven-plugin` -The goal `addSample` is removed from the `cds-maven-plugin` and replaced with the goal `add` and property `-Dfeature=TINY_SAMPLE`. +The goal `addSample` from the `cds-maven-plugin` has been removed. Use the new goal `add` with the property `-Dfeature=TINY_SAMPLE` instead. ### Proof-Of-Possession enforced for IAS-based authentication @@ -208,7 +208,7 @@ Because of this, applications calling a CAP Java application will need to send a ## Cloud SDK 4 to 5 { #cloudsdk5 } -CAP Java `2.6.0` and higher is compatible with Cloud SDK in version 4 and 5. For reasons of backward compatibility, CAP Java assumes Cloud SDK 4 as the default. However, we highly recommend to use at least version `5.7.0` of Cloud SDK. To upgrade your CAP Java application to Cloud SDK 5, in most cases, you don't need to adapt any code if you rely on the Cloud SDK integration package (`cds-integration-cloud-sdk`). In these cases, it's sufficient to add the following maven dependency to your CAP Java application: +CAP Java `2.6.0` and higher is compatible with Cloud SDK in version 4 and 5. For reasons of backward compatibility, CAP Java assumes Cloud SDK 4 as the default. However, we highly recommend that you use at least version `5.7.0` of Cloud SDK. If you relied on the Cloud SDK integration package (`cds-integration-cloud-sdk`), you won't need to adapt any code to upgrade your CAP Java application to Cloud SDK 5. In these cases, it's sufficient to add the following maven dependency to your CAP Java application: ```xml