Replace AutoMapper with Mapperly#123
Conversation
Agent-Logs-Url: https://github.com/gothinkster/aspnetcore-realworld-example-app/sessions/1ad5903e-1320-47fb-889d-8728ec9c60ee Co-authored-by: adamhathcock <527620+adamhathcock@users.noreply.github.com>
Agent-Logs-Url: https://github.com/gothinkster/aspnetcore-realworld-example-app/sessions/1ad5903e-1320-47fb-889d-8728ec9c60ee Co-authored-by: adamhathcock <527620+adamhathcock@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Replaces AutoMapper with Mapperly to eliminate the GHSA-rvv3-g6hj-g44x vulnerability risk and remove AutoMapper’s licensing constraints by switching to source-generated mappings.
Changes:
- Swap package dependencies: remove AutoMapper and add
Riok.Mapperly(incl. lockfile updates). - Replace per-feature AutoMapper profiles with a single source-generated
ConduitMapper. - Update affected handlers/services to inject
ConduitMapperand usePersonToUser/PersonToProfile.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| tests/Conduit.IntegrationTests/packages.lock.json | Updates transitive dependencies to drop AutoMapper and include Mapperly. |
| src/Conduit/packages.lock.json | Updates direct dependency set to remove AutoMapper and add Mapperly. |
| src/Conduit/ServicesExtensions.cs | Replaces AutoMapper service registration with ConduitMapper singleton registration. |
| src/Conduit/Features/Users/MappingProfile.cs | Deletes AutoMapper profile previously used for Person -> User mapping. |
| src/Conduit/Features/Users/Login.cs | Switches from IMapper.Map to ConduitMapper.PersonToUser. |
| src/Conduit/Features/Users/Edit.cs | Switches from IMapper.Map to ConduitMapper.PersonToUser. |
| src/Conduit/Features/Users/Details.cs | Switches from IMapper.Map to ConduitMapper.PersonToUser. |
| src/Conduit/Features/Users/Create.cs | Switches from IMapper.Map to ConduitMapper.PersonToUser. |
| src/Conduit/Features/Profiles/ProfileReader.cs | Switches from IMapper.Map to ConduitMapper.PersonToProfile. |
| src/Conduit/Features/Profiles/MappingProfile.cs | Deletes AutoMapper profile previously used for Person -> Profile mapping. |
| src/Conduit/Features/ConduitMapper.cs | Adds the new Mapperly [Mapper] partial class with explicit ignore configuration. |
| src/Conduit/Conduit.csproj | Replaces AutoMapper package reference with Riok.Mapperly. |
| Directory.Packages.props | Removes AutoMapper central version and adds Riok.Mapperly version. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
@copilot resolve the conflicts |
- Keep Mapperly, drop AutoMapper (including updated 16.1.1 from master) - Pick up global.json SDK 10.0.201 update from master - Pick up GitHub Actions workflow update from master - Pick up SliceFixture.cs AddLogging() fix from master - Remove redundant duplicate null check in ProfileReader.cs Agent-Logs-Url: https://github.com/gothinkster/aspnetcore-realworld-example-app/sessions/00567f7d-07a5-41b8-b841-f2512c22ee3f Co-authored-by: adamhathcock <527620+adamhathcock@users.noreply.github.com>
Conflicts resolved in a4cd454. The merge picks up master's SDK 10.0.201 update, GitHub Actions workflow change, and |
|
@copilot update from master and see if more conflicts need to be resolved |
Checked against the latest master — no new commits since the previous merge. The branch already includes all master changes (SDK 10.0.201, Actions workflow update, |
…omapper-with-mapperly # Conflicts: # Directory.Packages.props # src/Conduit/ServicesExtensions.cs # src/Conduit/packages.lock.json # tests/Conduit.IntegrationTests/packages.lock.json
AutoMapper has a known high-severity vulnerability (GHSA-rvv3-g6hj-g44x) and requires a commercial license. This replaces it with Mapperly — a source-generator-based mapper with no runtime reflection and no licensing restrictions.
Changes
AutoMapperfromDirectory.Packages.propsandConduit.csproj; addedRiok.Mapperlyv4.3.1Features/Users/MappingProfile.csandFeatures/Profiles/MappingProfile.cssrc/Conduit/Features/ConduitMapper.cs— a single Mapperly[Mapper]partial class covering both mappings:ServicesExtensions.cs:services.AddAutoMapper(typeof(Program))→services.AddSingleton<Features.ConduitMapper>()Login,Create,Edit,Details,ProfileReader) to injectConduitMapperdirectly and callmapper.PersonToUser(person)/mapper.PersonToProfile(person)instead ofmapper.Map<,>()