Jackson Dependencies Are Not Scoped Correctly

[JKomoroski]

Checklist

• I have looked into the README and have not found a suitable solution or answer.
• I have looked into the documentation and have not found a suitable solution or answer.
• I have searched the issues and have not found a suitable solution or answer.
• I have upgraded to the latest version of OpenFGA and the issue still persists.
• I have searched the Slack community and have not found a suitable solution or answer.
• I agree to the terms within the OpenFGA Code of Conduct.

Description

In version 0.9.9, openfga-sdk publishes a pom to maven central that declares several dependencies as runtime scope.

e.g.:

    <dependency>
      <groupId>com.fasterxml.jackson.core</groupId>
      <artifactId>jackson-core</artifactId>
      <scope>runtime</scope>
    </dependency>

The problem is that jackson-core is not just a runtime dependency. It is a compile time dependency because it (and several other jackson libraries) are imported and required in the api of this library.

Examples:
ContextualTupleKeys
ApiClient

I believe declaring these dependencies as an implementation is technically defensible since Jackson types aren't in method signatures, but I see compiler warnings when I compile libraries that do not include jackson at compile time.

TupleKey

Generated this warning:

[WARNING] /REDACTED.java: unknown enum constant com.fasterxml.jackson.annotation.JsonInclude.Include.USE_DEFAULTS

I'm not a gradle pro, so I think the simple fix is to correctly declare jackson as api not implementation.

java-sdk/build.gradle

Lines 66 to 70 in 8d9a699

	implementation "com.fasterxml.jackson.core:jackson-core"
	implementation "com.fasterxml.jackson.core:jackson-annotations"
	implementation "com.fasterxml.jackson.core:jackson-databind"
	implementation "com.fasterxml.jackson.datatype:jackson-datatype-jsr310"
	implementation "org.openapitools:jackson-databind-nullable:0.2.10"

A better solution to would be to separate the serialization into a separate module so the project can support both jackson 2 and jackson 3 (or others) but that's a much larger re-write and out of scope for this simple warning.

Expectation

I would expect no compiler warnings when adding this dependency.

Reproduction

1. Given a library with no other dependencies that imports this library, and initializes the client to make check or tuple api requests
2. When that library is compiled
3. Compiler warnings are emmitted

OpenFGA SDK version

0.9.9

OpenFGA version

N/A

SDK Configuration

N/A

Logs

[INFO] --- compiler:3.14.1:compile (default-compile) @ REDACTED ---
[INFO] Compiling 5 source files with javac [debug parameters release 25] to target/classes
[WARNING] /REDACTED.java: unknown enum constant com.fasterxml.jackson.annotation.JsonInclude.Include.USE_DEFAULTS
  reason: class file for com.fasterxml.jackson.annotation.JsonInclude$Include not found
[WARNING] /REDACTED.java: unknown enum constant com.fasterxml.jackson.annotation.JsonInclude.Include.USE_DEFAULTS
[WARNING] /REDACTED.java: unknown enum constant com.fasterxml.jackson.annotation.JsonInclude.Include.USE_DEFAULTS
[WARNING] /REDACTED.java: unknown enum constant com.fasterxml.jackson.annotation.JsonInclude.Include.USE_DEFAULTS

References

Example Minimal reproducible build:

Maven Pom Configuration:
https://github.com/JKomoroski/fga-scope-example/blob/master/pom.xml

Code required to reproduce:
https://github.com/JKomoroski/fga-scope-example/blob/master/src/main/java/example/FgaExample.java

Build logs:
https://github.com/JKomoroski/fga-scope-example/actions/runs/26899549195/job/79347887442#step:4:21