In Confluence 9.0, we will remove the ability for plugins to load many third-party libraries (aka “Gray APIs”) from the Confluence application. This means that plugins will need to start bundling their own copies of those libraries if they wish to continue using them.
There are a few exceptions to this. For example, Apache Struts 2 library will continue to be loadable by plugins and other third-party libraries that need to be shared between plugins and the application in order to function will also be loadable by plugins.
Additionally, starting from Confluence 8.7, most of these third-party libraries, as well as a few Atlassian-specific libraries, will no longer be exposed as a transitive Maven dependencies of the main confluence artefact. To compensate for this, plugins will need to explicitly declare those dependencies.
Note that prior to Confluence 9.0, there will be no runtime changes affecting the availability of these libraries, and binary compatibility will be maintained. The changes in 8.7 through 8.9 are build-time changes only, and will pave the way for the runtime removals in 9.0.
Confluence versions prior to 8.7 had a long list of transitive Maven dependencies exposed via the confluence Maven artefact. Most of these were present as part of the internal workings of Confluence, but plugins could make use of these without having to declare an explicit dependency on them.
From Confluence 8.7 onwards, most of these transitive dependencies have been removed, which means that plugins will need to declare explicit dependencies to compensate. It should only be necessary for plugins to declare explicit dependencies for those they are actually use.
Note that the versions of these dependencies are still managed via the confluence-plugins-platform-pom, so it’s not necessary to specify the version when adding explicit dependencies. These dependencies can be provided-scope, so that they’ll be loaded from the Confluence application at runtime, as before.
For example, if a plugin wishes to continue to use Apache Commons IO as before, then adding the following dependency will suffice:
1 2<dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> <scope>provided</scope> </dependency
The following list is the transitive dependencies available in Confluence 8.5, which are no longer available transitively starting with 8.7
1 2antlr:antlr:jar:2.7.7 biz.aQute.bnd:biz.aQute.bndlib:jar:3.5.0 cglib:cglib:jar:3.2.12 com.atlassian:atlassian-localhost:jar:1.2.0 com.fasterxml:classmate:jar:1.5.1 com.fasterxml.jackson.core:jackson-annotations:jar:2.15.3 com.fasterxml.jackson.core:jackson-core:jar:2.15.3 com.fasterxml.jackson.core:jackson-databind:jar:2.15.3 com.fasterxml.jackson.datatype:jackson-datatype-joda:jar:2.15.3 com.github.ben-manes.caffeine:caffeine:jar:2.9.3 com.github.gquintana.metrics:metrics-sql:jar:3.1.0-atlassian-4 com.github.oshi:oshi-core:jar:6.1.6 com.google.code.findbugs:findbugs-annotations:jar:3.0.1 com.google.code.gson:gson:jar:2.10.1 com.google.errorprone:error_prone_annotations:jar:2.17.0 com.google.guava:failureaccess:jar:1.0.1 com.google.guava:guava:jar:32.1.1-jre com.google.guava:listenablefuture:jar:9999.0-empty-to-avoid-conflict-with-guava com.google.j2objc:j2objc-annotations:jar:2.8 com.hazelcast:hazelcast-aws:jar:2.5-atlassian-1 com.ibm.icu:icu4j:jar:64.1 com.jhlabs:filters:jar:2.0.235 com.mchange:c3p0:jar:0.9.5.5 com.mchange:mchange-commons-java:jar:0.2.19 com.microsoft.azure:msal4j:jar:1.13.10 com.microsoft.sqlserver:mssql-jdbc:jar:7.4.1.jre8 commons-beanutils:commons-beanutils:jar:1.9.4 commons-codec:commons-codec:jar:1.15 commons-collections:commons-collections:jar:3.2.2 commons-digester:commons-digester:jar:2.1 commons-fileupload:commons-fileupload:jar:1.5 commons-httpclient:commons-httpclient:jar:3.1-atlassian-2 commons-io:commons-io:jar:2.11.0 commons-jrcs:commons-jrcs:jar:diff-0.1.7 commons-lang:commons-lang:jar:2.6 commons-validator:commons-validator:jar:1.5.1 com.nimbusds:content-type:jar:2.2 com.nimbusds:lang-tag:jar:1.6 com.nimbusds:nimbus-jose-jwt:jar:9.31 com.nimbusds:oauth2-oidc-sdk:jar:9.35 com.rometools:rome:jar:1.18.0 com.rometools:rome-utils:jar:1.18.0 com.sun.istack:istack-commons-runtime:jar:3.0.7 com.sun:jai_codec:jar:1.1.3 com.sun:jai_core:jar:1.1.3 com.sun.jersey:jersey-client:jar:1.19.5-atlassian-9 com.sun.jersey:jersey-core:jar:1.19.5-atlassian-9 com.sun.jersey:jersey-json:jar:1.19.5-atlassian-9 com.sun.xml.fastinfoset:FastInfoset:jar:1.2.15 com.sun.xml.messaging.saaj:saaj-impl:jar:1.5.3 com.sun.xml.stream.buffer:streambuffer:jar:1.5.10 com.sun.xml.ws:jaxws-rt:jar:2.3.5 com.sun.xml.ws:policy:jar:2.7.10 com.thoughtworks.xstream:xstream:jar:1.4.20 com.twelvemonkeys.common:common-image:jar:3.8.3 com.twelvemonkeys.common:common-io:jar:3.8.3 com.twelvemonkeys.common:common-lang:jar:3.8.3 com.twelvemonkeys.imageio:imageio-bmp:jar:3.8.3 com.twelvemonkeys.imageio:imageio-core:jar:3.8.3 com.twelvemonkeys.imageio:imageio-icns:jar:3.8.3 com.twelvemonkeys.imageio:imageio-jpeg:jar:3.8.3 com.twelvemonkeys.imageio:imageio-metadata:jar:3.8.3 com.twelvemonkeys.imageio:imageio-tiff:jar:3.8.3 com.zaxxer:HikariCP:jar:4.0.3 io.atlassian.fugue:fugue-deprecated:jar:5.0.0 io.atlassian.fugue:fugue-guava:jar:5.0.0 io.atlassian.fugue:fugue:jar:5.0.0 io.atlassian.fugue:fugue-optics:jar:5.0.0 io.atlassian.fugue:fugue-retry:jar:5.0.0 io.dropwizard.metrics:metrics-core:jar:4.0.7 io.dropwizard.metrics:metrics-jmx:jar:4.0.7 io.github.classgraph:classgraph:jar:4.8.164 io.github.x-stream:mxparser:jar:1.2.2 io.leopard.thirdparty:jcaptcha-api:jar:2.0.0 io.leopard.thirdparty:jcaptcha-core:jar:2.0.0 io.micrometer:micrometer-core:jar:1.7.12 io.micrometer:micrometer-registry-influx:jar:1.7.12 io.micrometer:micrometer-registry-jmx:jar:1.7.12 io.netty:netty-buffer:jar:4.1.100.Final io.netty:netty-codec-http2:jar:4.1.100.Final io.netty:netty-codec-http:jar:4.1.100.Final io.netty:netty-codec:jar:4.1.100.Final io.netty:netty-common:jar:4.1.100.Final io.netty:netty-handler:jar:4.1.100.Final io.netty:netty-resolver:jar:4.1.100.Final io.netty:netty-transport-classes-epoll:jar:4.1.100.Final io.netty:netty-transport:jar:4.1.100.Final io.netty:netty-transport-native-unix-common:jar:4.1.100.Final io.zipkin.brave:brave-instrumentation-httpclient:jar:5.13.11 io.zipkin.brave:brave-instrumentation-http:jar:5.13.11 io.zipkin.brave:brave-instrumentation-servlet:jar:5.13.11 io.zipkin.brave:brave:jar:5.13.11 io.zipkin.brave:brave-spring-beans:jar:5.13.11 io.zipkin.reporter2:zipkin-reporter-brave:jar:2.16.3 io.zipkin.reporter2:zipkin-reporter:jar:2.16.3 io.zipkin.reporter2:zipkin-reporter-spring-beans:jar:2.16.3 io.zipkin.zipkin2:zipkin:jar:2.23.2 jakarta.jws:jakarta.jws-api:jar:2.1.0 jakarta.validation:jakarta.validation-api:jar:2.0.2 jakarta.xml.soap:jakarta.xml.soap-api:jar:1.4.2 jakarta.xml.ws:jakarta.xml.ws-api:jar:2.3.3 javax.transaction:javax.transaction-api:jar:1.2 javax.ws.rs:jsr311-api:jar:1.1.1 jaxen:jaxen:jar:1.1.6 joda-time:joda-time:jar:2.12.5 net.bytebuddy:byte-buddy:jar:1.14.3 net.java.dev.jna:jna:jar:5.11.0 net.java.dev.jna:jna-platform:jar:5.11.0 net.jcip:jcip-annotations:jar:1.0 net.minidev:accessors-smart:jar:2.5.0 net.minidev:json-smart:jar:2.5.0 net.sf.cssbox:jstyleparser:jar:1.16-atlassian-1 net.sf.supercsv:super-csv:jar:2.1.0 net.sourceforge.jtds:jtds:jar:1.3.1 net.sourceforge.nekohtml:nekohtml:jar:1.9.22-atlassian-3 net.sourceforge.nekohtml:xerces-bridge-2-0:jar:1.9.22-atlassian-3 net.sourceforge.nekohtml:xerces-bridge-2-2:jar:1.9.22-atlassian-3 net.sourceforge.nekohtml:xerces-bridge-2-3:jar:1.9.22-atlassian-3 net.sourceforge.nekohtml:xerces-bridge:jar:1.9.22-atlassian-3 opensymphony:oscore:jar:2.3.0-atlassian-1 opensymphony:sitemesh:jar:2.5-atlassian-11 org.antlr:antlr-runtime:jar:3.5.2 org.apache.ant:ant:jar:1.10.14 org.apache.ant:ant-launcher:jar:1.10.14 org.apache.commons:commons-collections4:jar:4.4 org.apache.commons:commons-compress:jar:1.21 org.apache.commons:commons-lang3:jar:3.12.0 org.apache.commons:commons-pool2:jar:2.6.2 org.apache.commons:commons-text:jar:1.10.0 org.apache.felix:org.apache.felix.framework:jar:7.0.5 org.apache.httpcomponents.client5:httpclient5:jar:5.2.1 org.apache.httpcomponents.core5:httpcore5-h2:jar:5.2 org.apache.httpcomponents.core5:httpcore5:jar:5.2.3 org.apache.httpcomponents:httpclient-cache:jar:4.5.14 org.apache.httpcomponents:httpclient:jar:4.5.14 org.apache.httpcomponents:httpcore:jar:4.4.16 org.apache.httpcomponents:httpmime:jar:4.5.14 org.apache.logging.log4j:log4j-1.2-api:jar:2.19.0 org.apache.logging.log4j:log4j-core:jar:2.19.0 org.apache.lucene:lucene-analyzers-common:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-analyzers-kuromoji:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-analyzers-stempel:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-core:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-highlighter:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-memory:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-misc:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-queries:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-queryparser:jar:4.4.0-atlassian-11 org.apache.lucene:lucene-sandbox:jar:4.4.0-atlassian-11 org.apache.pdfbox:fontbox:jar:2.0.29 org.apache.pdfbox:pdfbox:jar:2.0.29 org.apache.pdfbox:xmpbox:jar:2.0.29 org.apache.tika:tika-core:jar:2.7.0 org.apache.xmlgraphics:batik-anim:jar:1.17 org.apache.xmlgraphics:batik-awt-util:jar:1.17 org.apache.xmlgraphics:batik-bridge:jar:1.17 org.apache.xmlgraphics:batik-codec:jar:1.17 org.apache.xmlgraphics:batik-constants:jar:1.17 org.apache.xmlgraphics:batik-css:jar:1.17 org.apache.xmlgraphics:batik-dom:jar:1.17 org.apache.xmlgraphics:batik-ext:jar:1.17 org.apache.xmlgraphics:batik-gvt:jar:1.17 org.apache.xmlgraphics:batik-i18n:jar:1.17 org.apache.xmlgraphics:batik-parser:jar:1.17 org.apache.xmlgraphics:batik-script:jar:1.17 org.apache.xmlgraphics:batik-shared-resources:jar:1.17 org.apache.xmlgraphics:batik-svg-dom:jar:1.17 org.apache.xmlgraphics:batik-svggen:jar:1.17 org.apache.xmlgraphics:batik-transcoder:jar:1.17 org.apache.xmlgraphics:batik-util:jar:1.17 org.apache.xmlgraphics:batik-xml:jar:1.17 org.apache.xmlgraphics:xmlgraphics-commons:jar:2.9 org.aspectj:aspectjweaver:jar:1.9.6 org.bouncycastle:bcmail-lts8on:jar:2.73.3 org.bouncycastle:bcpkix-lts8on:jar:2.73.3 org.bouncycastle:bcprov-lts8on:jar:2.73.3 org.bouncycastle:bcutil-lts8on:jar:2.73.3 org.codehaus.jackson:jackson-core-asl:jar:1.9.14-atlassian-6 org.codehaus.jackson:jackson-jaxrs:jar:1.9.14-atlassian-6 org.codehaus.jackson:jackson-mapper-asl:jar:1.9.14-atlassian-6 org.codehaus.jackson:jackson-xc:jar:1.9.14-atlassian-6 org.codehaus.jettison:jettison:jar:1.5.4 org.codehaus.mojo:animal-sniffer-annotations:jar:1.9 org.dom4j:dom4j:jar:2.1.4 org.eclipse.core:runtime:jar:20070801 org.freemarker:freemarker:jar:2.3.32 org.glassfish.external:management-api:jar:3.2.3 org.glassfish.gmbal:gmbal-api-only:jar:4.0.3 org.glassfish.ha:ha-api:jar:3.1.13 org.glassfish:jakarta.json:jar:1.1.6 org.glassfish.jaxb:jaxb-runtime:jar:2.3.1 org.glassfish.jaxb:txw2:jar:2.3.1 org.hdrhistogram:HdrHistogram:jar:2.1.12 org.hibernate.common:hibernate-commons-annotations:jar:5.1.2.Final org.hibernate:hibernate-c3p0:jar:5.6.10.Final org.hibernate:hibernate-core:jar:5.6.10.Final org.hibernate:hibernate-hikaricp:jar:5.6.10.Final org.hibernate:jtidy:jar:r8-20060801 org.hibernate.validator:hibernate-validator:jar:6.0.23.Final org.jboss:jandex:jar:2.4.2.Final org.jboss.logging:jboss-logging:jar:3.4.3.Final org.jdom:jdom2:jar:2.0.6.1 org.jdom:jdom:jar:1.1.3-atlassian-5 org.json:json:jar:20230618 org.jsoup:jsoup:jar:1.15.4 org.jvnet.staxex:stax-ex:jar:1.8 org.latencyutils:LatencyUtils:jar:2.0.3 org.outerj.daisy:daisydiff:jar:1.2.3-atlassian-hosted org.ow2.asm:asm:jar:9.5 org.postgresql:postgresql:jar:42.5.3 org.reactivestreams:reactive-streams:jar:1.0.3 org.slf4j:jcl-over-slf4j:jar:1.7.36 org.slf4j:jul-to-slf4j:jar:1.7.36 org.springframework.ldap:spring-ldap-core:jar:2.4.1 org.springframework.security:spring-security-core:jar:5.8.8 org.springframework.security:spring-security-crypto:jar:5.8.8 org.springframework:spring-context-support:jar:5.3.30 org.springframework:spring-jdbc:jar:5.3.30 org.springframework:spring-orm:jar:5.3.30 org.springframework:spring-web:jar:5.3.30 org.springframework:spring-webmvc:jar:5.3.30 org.tuckey:urlrewritefilter:jar:4.0.4 org.twdata.pkgscanner:package-scanner:jar:0.9.5 org.xerial.snappy:snappy-java:jar:1.1.10.5 org.yaml:snakeyaml:jar:2.0 oscache:oscache:jar:2.2 rome:rome:jar:1.0 software.amazon.awssdk:annotations:jar:2.20.38 software.amazon.awssdk:apache-client:jar:2.20.38 software.amazon.awssdk:arns:jar:2.20.38 software.amazon.awssdk:auth:jar:2.20.38 software.amazon.awssdk:aws-core:jar:2.20.38 software.amazon.awssdk:aws-query-protocol:jar:2.20.38 software.amazon.awssdk:aws-xml-protocol:jar:2.20.38 software.amazon.awssdk:crt-core:jar:2.20.38 software.amazon.awssdk:endpoints-spi:jar:2.20.38 software.amazon.awssdk:http-client-spi:jar:2.20.38 software.amazon.awssdk:json-utils:jar:2.20.38 software.amazon.awssdk:metrics-spi:jar:2.20.38 software.amazon.awssdk:netty-nio-client:jar:2.20.38 software.amazon.awssdk:profiles:jar:2.20.38 software.amazon.awssdk:protocol-core:jar:2.20.38 software.amazon.awssdk:regions:jar:2.20.38 software.amazon.awssdk:s3:jar:2.20.38 software.amazon.awssdk:sdk-core:jar:2.20.38 software.amazon.awssdk:sts:jar:2.20.38 software.amazon.awssdk:third-party-jackson-core:jar:2.20.38 software.amazon.awssdk:utils:jar:2.20.38 software.amazon.eventstream:eventstream:jar:1.0.1 xmlpull:xmlpull:jar:1.1.3.1 xmlrpc:xmlrpc:jar:2.0+xmlrpc61.1+sbfix
In addition to the build-time changes introduced in 8.7, starting from 9.0 these third-party libraries will not be able to be loaded by plugins from the Confluence application at all. This means that the provided-scope in the above example will no longer suffice.
Instead, plugins will need to start bundling their own copy of the required dependencies if they wish to continue to use them. This is done using compile or runtime-scope. In addition, plugins should start version-managing these dependencies themselves, rather than relying on the confluence-plugin-platform-pom.
All of the changes above are backwards compatible with previous versions. You can declare explicit dependencies on third-party libraries, as well as bundle them into the plugin by changing the dependency scope, in any Confluence version. In the interests of continuity, we advise making these changes early, and testing them against milestones of Confluence 9.0 when they become available.
In production mode, Confluence 8.8 and 8.9 will behave as before, but the system will log warnings whenever a deprecated Java package is used. From Confluence 9.0 onwards, accessing these packages will result in a failure.
In development mode, a failure will occur from Confluence 8.8 onwards unless the system property confluence.osgi.treatDeprecatedPackagesAsPublic is set to true.
Understand the changes: Familiarize yourself with the changes coming in Confluence 8.7 to 9.0. From 8.7 to 8.9, build-time changes will mean that plugins will need to explicitly declare dependencies. In 9.0, most third-party libraries will not be loadable from the Confluence application, requiring plugins to bundle these libraries themselves.
Declare explicit dependencies: Starting from Confluence 8.7, declare explicit dependencies for the third-party libraries and Atlassian-specific libraries you are using in your plugins. You do not need to specify the version when adding explicit dependencies as these are still managed via the confluence-plugins-platform-pom.
Prepare for runtime changes in 9.0: The changes in 8.7 pave the way for the runtime removals in 9.0. Prepare for this by planning to bundle your own copy of the required dependencies and start version-managing these dependencies, rather than relying on the confluence-plugin-platform-pom.
Review the list of libraries: Go through the list of libraries mentioned, and identify which are relevant to your plugins. Start planning how to manage these in your plugins for versions 8.7 to 9.0.
Provide feedback: Your input is invaluable to us. Please don't hesitate to raise any questions or concerns in our Developer Community. We are here to support you through these changes.
Rate this page: