refactor(framework): replace fastjson with jackson#120
refactor(framework): replace fastjson with jackson#120halibobo1205 wants to merge 1 commit intodevelopfrom
Conversation
|
CodeAnt AI is reviewing your PR. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
codeant-ai
Bot
added
the
size:XXL
![codeant-ai[bot]](https://avatars.githubusercontent.com/in/646884?s=60&v=4){kind=small}
|
CodeAnt AI finished reviewing your PR. |
…erministic fuzz - Use exact token_id/sell_token_id/buy_token_id byte assertions instead of non-empty checks in Exchange and Market servlet tests - Add account_id byte assertion in SetAccountIdServletTest - Switch fuzz test from non-deterministic SecureRandom to seeded Random for reproducible CI failures Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
@CodeAnt-AI: review |
|
CodeAnt AI is running the review. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
codeant-ai
Bot
added
size:XXL
Sequence DiagramThis PR replaces Fastjson with Jackson-backed JSON, JSONObject, and JSONArray wrappers and wires all HTTP servlets to use them, so request bodies are parsed and responses serialized via a shared, safely-configured ObjectMapper while preserving existing API contracts. sequenceDiagram
participant Client
participant HttpServlet
participant JSONWrapper
participant Wallet
participant Util
Client->>HttpServlet: POST transaction request (JSON body)
HttpServlet->>JSONWrapper: parseObject(requestBody) to JSONObject
HttpServlet->>Wallet: createTransactionCapsule(built from JSONObject fields)
Wallet-->>HttpServlet: Transaction object
HttpServlet->>Util: Serialize Transaction to JSON via JSON/JSONObject/JSONArray
Util-->>Client: 200 OK with transaction JSON response
Generated by CodeAnt AI |
|
CodeAnt AI finished running the review. Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
|
@codex: review |
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
halibobo1205
force-pushed
the
feat/jackjson2
branch
from
ef68a5d to
4ef0864
Compare
|
CodeAnt AI is running Incremental review Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
codeant-ai
Bot
added
size:XXL
|
CodeAnt AI Incremental review completed. |
|
@codex: review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 4ef086465c
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
CodeAnt AI is running Incremental review Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
codeant-ai
Bot
removed
the
size:XXL
codeant-ai
Bot
added
the
size:XXL
|
CodeAnt AI Incremental review completed. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 5227cca3d5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
… intent Two compatibility fixes from PR #120 review: 1. JSON.parse("null") now returns Java null instead of Jackson NullNode, matching Fastjson's observable behavior. This restores Util.isValidJson("null") to false (its prior behavior) and prevents subtle NPE/branch issues for downstream callers that compare the result against null. 2. JSONObject.put(key, null) intentionally removes the key. Verified that switching to node.putNull(key) would have the unintended side effect of emitting "key":null in serialized output (Jackson Include.NON_NULL does NOT filter NullNode children of ObjectNode), which would break the Fastjson WriteMapNullValue=OFF default that production HTTP responses rely on. Documented this in the JSONObject class javadoc to make the design choice explicit for future readers. Fuzz tests updated to assert Java-null result for JSON.parse("null"). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
CodeAnt AI is running Incremental review Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
codeant-ai
Bot
added
size:XXL
|
CodeAnt AI Incremental review completed. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 94a3955ec9
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
halibobo1205
force-pushed
the
feat/jackjson2
branch
from
94a3955 to
f2f0195
Compare
|
@codex: review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: f2f01952ba
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
halibobo1205
force-pushed
the
feat/jackjson2
branch
from
f2f0195 to
5e915bd
Compare
|
CodeAnt AI is running Incremental review Thanks for using CodeAnt! 🎉We're free for open-source projects. if you're enjoying it, help us grow by sharing. Share on X · |
codeant-ai
Bot
added
size:XXL
|
CodeAnt AI Incremental review completed. |
halibobo1205
force-pushed
the
feat/jackjson2
branch
from
5e915bd to
6ed5059
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6ed5059a86
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Remove the fastjson and replace it with Jackson-backed drop-in wrappers (JSON, JSONObject, JSONArray,JSONException). Motivation: - Fastjson has a history of critical CVEs and is no longer actively maintained for 1.x - Jackson-databind 2.18.6 addresses CVE GHSA-72hv-8253-57qq Core changes (common module): - Add org.tron.json.{JSON, JSONObject, JSONArray, JSONException} wrappers backed by a shared Jackson ObjectMapper configured to match Fastjson 1.x parsing/serialization. - Upgrade jackson-databind 2.18.3 → 2.18.6 HTTP servlet changes (framework module): - Swap import from com.alibaba.fastjson → org.tron.json across all HTTP API servlets, JSON-RPC layer, and event/log parsers Test changes: - Add BaseHttpTest base class managing Args lifecycle, Wallet mock, MINIMAL_TX constant, and request/response factory methods (postRequest, getRequest, newResponse) Build: - Remove fastjson from common/build.gradle dependencies - Update gradle/verification-metadata.xml for jackson 2.18.6
halibobo1205
force-pushed
the
feat/jackjson2
branch
from
6ed5059 to
a1417f1
Compare
|
@codex: review |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a1417f1da8
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
Summary
Committed on branch
Testing
|
1 participant
Remove the fastjson and replace it with
Jackson-backed drop-in wrappers (JSON, JSONObject, JSONArray,JSONException).
Motivation:
Core changes (common module):
wrappers backed by a shared Jackson ObjectMapper configured to
match Fastjson 1.x parsing/serialization.
HTTP servlet changes (framework module):
HTTP API servlets, JSON-RPC layer, and event/log parsers
Test changes:
MINIMAL_TX constant, and request/response factory methods
(postRequest, getRequest, newResponse)
Build: