Move diagnostics package out of bootstrap module#3190
Merged
Conversation
fc5ae22 to
289c1df
Compare
trask
commented
Jul 11, 2023
Comment on lines
-19
to
-21
| // not using gson because it has dependency on java.sql.*, which is not available in Java 9+ bootstrap class loader | ||
| // only complaint so far about moshi is that it doesn"t give line numbers when there are json formatting errors | ||
| implementation("com.squareup.moshi:moshi") |
Member
Author
There was a problem hiding this comment.
this was what motivated moving this code out of the bootstrap module (in addition to it being a generally good thing to minimize amount of classes in the bootstrap module)
(although this comment is now very outdated, and we'll move to jackson)
289c1df to
a33abc5
Compare
79cdc18 to
be679e7
Compare
trask
commented
Jul 11, 2023
Comment on lines
+164
to
+167
| @SuppressFBWarnings( | ||
| value = "SECCRLFLOG", // CRLF injection into log messages | ||
| justification = | ||
| "Logging params cannot be controlled by an end user of the instrumented application") |
Member
Author
There was a problem hiding this comment.
no idea why this warning only started showing up with this change (https://find-sec-bugs.github.io/bugs.htm#CRLF_INJECTION_LOGS)
ec796b9 to
e34db74
Compare
trask
commented
Jul 12, 2023
Comment on lines
+78
to
+84
| // spring boot 2.x requires slf4j 1.x | ||
| val slf4jVersion = "1.7.36" | ||
| resolutionStrategy.force("org.slf4j:slf4j-api:${slf4jVersion}") | ||
| resolutionStrategy.force("org.slf4j:log4j-over-slf4j:${slf4jVersion}") | ||
| resolutionStrategy.force("org.slf4j:jcl-over-slf4j:${slf4jVersion}") | ||
| resolutionStrategy.force("org.slf4j:jul-to-slf4j:${slf4jVersion}") | ||
| resolutionStrategy.force("ch.qos.logback:logback-classic:1.2.12") |
Member
Author
There was a problem hiding this comment.
need to override dependencyManagement for slf4j version in smoke tests
trask
commented
Jul 12, 2023
| // resources (which is a known problem in the java agent world), and so the META-INF/services | ||
| // resource is not found | ||
| val slf4jVersion = "1.7.36" | ||
| val slf4jVersion = "2.0.7" |
trask
commented
Jul 12, 2023
Comment on lines
+112
to
111
| // unfortunately, this also excludes the same from our distro (which points to logback) | ||
| // and so we have to hackily re-add it via agent/agent/src/main/resources | ||
| exclude("inst/META-INF/services/io.opentelemetry.javaagent.slf4j.spi.SLF4JServiceProvider") |
8407aa9 to
3e3abf3
Compare
jeanbisutti
approved these changes
Jul 12, 2023
heyams
approved these changes
Jul 12, 2023
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bonus: also upgrades to SLF4J 2.x
This will also allow follow-up PR to remove moshi dependency