Open in app

Sign in

Write

Sign in

Boost Dev Efficiency & Security with Web3j’s Gradle 8.7 Upgrade

Nischal Sharma
Web3 Labs
Published in
3 min readJun 7, 2024

We are excited to announce that all Web3j repositories have been upgraded to the latest Gradle version 8.7. In addition, we have updated the dependency libraries to their latest versions to address vulnerabilities and deprecated code. This includes essential libraries such as BouncyCastle, jackson core, javaPoet, kotlinPoet, OkHttp, RxJava, slf4j, javaWebSocket, picocli, kzg4844, Logback, etc.

Web3j Key Updates

Gradle Upgrade to 8.7

Upgraded Gradle from version 7.6 to 8.7 in web3j. This will bring several benefits, including new features, performance improvements, and better compatibility with newer versions of dependencies and tools. Here are some key benefits you might expect:

1. Performance Improvements

  • Build Speed: Gradle 8.x introduces various performance enhancements that can speed up build times, including improvements in incremental builds, caching, and parallel execution.
  • Configuration Time: Enhanced performance during the configuration phase can reduce the overall build time, especially for large projects.

2. New Features and Enhancements

  • Dependency Management: Improved dependency management capabilities, including better support for version catalogs and dependency constraints.
  • Enhanced Tooling: Gradle 8.x brings enhancements to the Gradle tooling API, which can improve the integration with IDEs and other tools.

3. Improved Compatibility and Support

  • Java Compatibility: Better support for newer Java versions, ensuring compatibility with the latest language features and JVM improvements.
  • Library and Plugin Updates: Access to newer versions of Gradle plugins and libraries that may require Gradle 8.x for full compatibility.

4. Security and Bug Fixes

  • Security Patches: Upgrading to a newer version ensures you have the latest security patches, reducing vulnerabilities in your build process.
  • Bug Fixes: Gradle 8.x includes numerous bug fixes that address issues present in the 7.x versions.

Updated Dependency Libraries

As part of this upgrade, we have also updated several key dependency libraries:

  1. BouncyCastle: The latest version v1.78.1 fixes various security vulnerabilities — CVE-2024–34447, CVE-2024–30172, CVE-2024–30171, CVE-2024–29857, CVE-2023–33201 which were present in old v1.73 and deprecations. BouncyCastle is critical for cryptographic operations, and keeping it up-to-date ensures that our applications remain secure.
  2. Jackson Core: Upgrading Jackson Core ensures better JSON processing with improved performance and security.
  3. JavaPoet and KotlinPoet: These libraries, essential for generating Java and Kotlin source files, have been updated to enhance code generation capabilities and maintain compatibility with the latest language features.
  4. KZG4844: Thanks to the ConsenSys team, the KZG4844 library is now available on Maven Central, allowing us to remove the dependency on the ConsenSys repository or force users to add it to their projects while they were using Web3J.
  5. OkHttp: The updated OkHttp library provides better HTTP client functionalities with improved performance and security.
  6. RxJava, SLF4J, Java-WebSocket, PicoCLI, Logback, etc
  7. Other Dependencies: In addition to the above-stated libraries, we have updated various other dependencies to their latest versions to ensure compatibility and stability.

Removal of Dependency on ConsenSys Repo for KZG Library

We are also pleased to announce that we have removed the dependency on the ConsenSys repository for the KZG library. Thanks to the ConsenSys team for uploading their library, jc-kzg-4844, to Maven Central. This change simplifies our build process, enhances reliability, and helps users to stick to public repositories.

Kotlin Update

Updated Kotlin from 1.8.10 to 1.9.4 in Web3j projects, this will lead to improved performance and more efficient code through enhanced language features and compiler optimizations. It also ensures better integration with modern development tools and libraries, providing a smoother and more productive development experience.

Updated Junit 4 to Junit 5

We have updated all the remaining Junit 4 tests to Junit 5 which has resulted in more efficient, readable, and maintainable test code.

Latest Web3j Version: v4.12.0

With these updates, we are excited to announce that the latest main version of Web3j is now v4.12.0. This version includes all the updates and improvements mentioned above, providing a more secure, efficient, and stable foundation for your blockchain applications.

We encourage all developers to upgrade to the latest versions to take advantage of these improvements. As always, we appreciate your support and contributions to the Web3j ecosystem. If you have any questions or need assistance with the upgrade, please reach out to our Discord Channel — (Note: You will first need to join Hyperledger Server to access our Channel) or the Hyperledger Web3j GitHub repository.

Web3 Labs

Web3 Labs works with organisations to define and execute their Web3 strategy. We help blockchain companies and…

www.web3labs.com

Web3j
Gradle
Hyperledger
Blockchain Development
Kotlin

--

--

Nischal Sharma
Web3 Labs

Written by Nischal Sharma

9 Followers
Writer for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams