Migrate UserFront from Java 8 / Spring Boot 1.5.4 to Java 17 / Spring Boot 3.4.5

[devin-ai-integration]

Summary

Big-bang migration of the UserFront Spring Boot application from Java 8 / Spring Boot 1.5.4 to Java 17 / Spring Boot 3.4.5.

Changes

Build & Dependencies (pom.xml)

• Spring Boot parent: 1.5.4.RELEASE → 3.4.5
• Java version: 1.8 → 17
• MySQL connector: mysql:mysql-connector-java → com.mysql:mysql-connector-j
• Removed redundant spring-boot-starter-jdbc (transitively included by spring-boot-starter-data-jpa)

Configuration (application.properties)

• Removed deprecated hibernate.dialect = org.hibernate.dialect.MySQL5Dialect (Hibernate 6 auto-detects)
• Replaced deprecated datasource pool properties with HikariCP equivalents

Maven Wrapper

• Updated from Maven 3.5.0 → 3.9.9

Spring Security 6 (SecurityConfig.java)

• Removed WebSecurityConfigurerAdapter (deleted in Spring Security 6)
• @EnableGlobalMethodSecurity → @EnableMethodSecurity
• Rewrote to use @Bean SecurityFilterChain with lambda DSL
• antMatchers → requestMatchers, authorizeRequests → authorizeHttpRequests
• Removed manual AuthenticationManagerBuilder config (Spring Boot 3.x auto-discovers UserDetailsService + PasswordEncoder beans)

Jakarta EE namespace migration

• All javax.servlet → jakarta.servlet in RequestFilter.java
• All javax.persistence → jakarta.persistence in 9 domain entity files

Hibernate 6 compatibility

• GenerationType.AUTO → GenerationType.IDENTITY in all 8 entities (prevents table-based sequence emulation on MySQL)

Spring Data 3.x

• findOne(id) → findById(id).orElse(null) in AppointmentServiceImpl.java

Compilation verified: ./mvnw clean compile passes.

Review & Testing Checklist for Human

• Verify ./mvnw clean compile passes on your environment with Java 17+
• Deploy to a MySQL-backed environment and confirm the app starts without Hibernate schema errors
• Test login/logout flow (SecurityConfig rewrite changes auth configuration)
• Test appointment CRUD (uses the updated findById call)
• Verify CORS filter still works for Angular frontend requests

Notes

• Tests require a running MySQL instance so ./mvnw test was not run in CI (no DB available). Manual verification of compilation was done successfully.
• The RequestFilter CORS filter and all controllers/services compiled cleanly with no other javax → jakarta issues found.

Link to Devin session: https://app.devin.ai/sessions/db958b69c57a4220b7dcac0a91258669
Requested by: @stephencornwell

---

Devin Review

Status	Commit
⚪ Not started	—

💡 Connect your GitHub account to enable automatic code reviews.

---

[devin-ai-integration]

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

• Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
• Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

• Disable automatic comment and CI monitoring

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no potential bugs to report.

View in Devin Review to see 4 additional findings.