Skip to main content
Version: 8.2607.x.x LTS

Appendix K - Groovy 5 upgrade

Action required

Groovy was upgraded from 4.x to 5.x in nevisAuth LTS-26 (NEVISAUTH-5382). Review all ScriptState Groovy scripts for Groovy 5 compatibility before upgrading.

nevisAuth LTS-26 upgrades the Groovy runtime from version 4 to version 5. All customers with custom ScriptState Groovy scripts must review their scripts for compatibility before upgrading.

What changed

Groovy 5 is a major release that introduces breaking changes relative to Groovy 4, particularly in the areas of:

  • Method resolution and overload selection
  • Closure and lambda interoperability with Java
  • Type coercion behavior
  • Removed or renamed standard library methods

For the complete list of changes in Groovy 5, see the official Groovy 5 release notes.

Impact on ScriptState scripts

Any Groovy script running inside a ScriptState in nevisAuth may be affected. See Writing scripts in Groovy for general ScriptState scripting guidance. The most common failure modes observed when migrating from Groovy 4 to Groovy 5 are:

Method resolution changes

Groovy 5 changed how it selects between overloaded methods when the argument type is ambiguous. Scripts that relied on implicit type coercion to select a particular overload may now call a different method or fail with an ambiguous method error.

Action: Review calls to Java methods that have multiple overloads with similar parameter types. Use explicit casts where necessary.

GString handling

Certain uses of GString (Groovy string interpolation) in contexts that previously accepted a java.lang.String may now require explicit conversion using .toString().

Action: If your script passes a GString to a nevisAuth API method that expects a String, add an explicit .toString() call.

Removed deprecated methods

Several deprecated Groovy standard library methods were removed in Groovy 5.

Action: Review your scripts for any use of deprecated Groovy methods. The Groovy 4 compiler will have emitted deprecation warnings for these. Check your build logs.

How to verify your scripts

Before upgrading nevisAuth to LTS-26, verify your Groovy scripts as follows:

  1. Obtain a local nevisAuth LTS-26 installation or Docker image.
  2. Copy your existing Groovy scripts to the test environment.
  3. Execute the relevant authentication flows end-to-end.
  4. Review the nevisAuth logs for any Groovy compilation errors or runtime exceptions.

Because Groovy scripts in nevisAuth are compiled at startup (unless recompileOnChange=true is set), compilation errors will appear in the logs when the nevisAuth instance starts or when the script is first loaded.

Alternatively, use the nevisAuth SDK to write unit tests for your ScriptState scripts. The SDK archive (available in the nevisAuth RPM at /opt/nevisauth/resources/nevisauth-sdk-<version>.tar.gz) includes a Maven archetype for bootstrapping an auth plugin project and the nevisauth-test-authstateharness-fat test harness. See Testing AuthStates and the ScriptState testing guide for details.

Groovy auto-reload behavior

As of nevisAuth 8.2511.0.5 (NEVISAUTH-5213), Groovy scripts are no longer automatically recompiled when the script file changes on disk. This is the default behavior in LTS-26 as well.

If you relied on automatic recompilation during development or in production, set recompileOnChange=true in the relevant ScriptState configuration to restore the previous behavior.

Auto-imports

nevisAuth automatically imports the following classes into every ScriptState Groovy script: HttpClient, Http, and HttpClients, as well as the most common classes from the java.time API. If this causes a naming conflict, set addAutoImports=false in the ScriptState configuration.