Bumps [spotless-plugin-gradle](https://github.com/diffplug/spotless)
from 6.11.0 to 6.12.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a31bba3e5a"><code>a31bba3</code></a>
Published gradle/6.12.0</li>
<li><a
href="f2f8b08dd8"><code>f2f8b08</code></a>
Published lib/2.31.0</li>
<li><a
href="d7d7ecce6d"><code>d7d7ecc</code></a>
Fix publishing by bumping spotless-changelog to latest.</li>
<li><a
href="9ecec25cd0"><code>9ecec25</code></a>
Bump default <code>palantir-java-format</code> version to latest
<code>2.10</code> -> <code>2.28</code> (<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1329">#1329</a>)</li>
<li><a
href="fd70d743f4"><code>fd70d74</code></a>
Fix CI</li>
<li><a
href="82e0aa2230"><code>82e0aa2</code></a>
Merge branch 'main' into
renovate/com.palantir.javaformat-palantir-java-forma...</li>
<li><a
href="7f73ad277b"><code>7f73ad2</code></a>
Merge branch 'main' into
renovate/com.palantir.javaformat-palantir-java-forma...</li>
<li><a
href="14c304453d"><code>14c3044</code></a>
fix(deps): update dependency org.cqfn.diktat:diktat-rules to v1.2.4.2
(<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1393">#1393</a>)</li>
<li><a
href="b047275f1c"><code>b047275</code></a>
Merge branch 'main' into renovate/ver_diktat</li>
<li><a
href="12c88cf0b6"><code>12c88cf</code></a>
fix(deps): update dependency org.scalameta:scalafmt-core_2.13 to v3.6.1
(<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1373">#1373</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/diffplug/spotless/compare/gradle/6.11.0...gradle/6.12.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps com.diffplug.spotless from 6.11.0 to 6.12.0.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [logback-classic](https://github.com/qos-ch/logback) from 1.4.4 to
1.4.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34a6efc534"><code>34a6efc</code></a>
preparfe release 1.4.5</li>
<li><a
href="0d3ac63114"><code>0d3ac63</code></a>
fix LOGBACK-1698, [Nested appenders are not allowed] warning using
SiftingApp...</li>
<li><a
href="a64b8d43b4"><code>a64b8d4</code></a>
make jakarta.servlet-api as both provided and optional</li>
<li><a
href="114b3ded2d"><code>114b3de</code></a>
bump slf4j version</li>
<li><a
href="1df66621e4"><code>1df6662</code></a>
fix LOGBACK-1706</li>
<li><a
href="ea165fb023"><code>ea165fb</code></a>
fix LOGBACK-1703</li>
<li><a
href="9e07bd075a"><code>9e07bd0</code></a>
fix LOGBACK-1703</li>
<li><a
href="a871e9f1b5"><code>a871e9f</code></a>
minor edits in README.md</li>
<li><a
href="7dc0ce5118"><code>7dc0ce5</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/qos-ch/logback/issues/605">#605</a>
from Zardoz89/patch-1</li>
<li><a
href="7130dfe3a4"><code>7130dfe</code></a>
README.md MUST inform about Java & Jackarta EE support</li>
<li>Additional commits viewable in <a
href="https://github.com/qos-ch/logback/compare/v_1.4.4...v_1.4.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [logback-classic](https://github.com/qos-ch/logback) from 1.4.4 to
1.4.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34a6efc534"><code>34a6efc</code></a>
preparfe release 1.4.5</li>
<li><a
href="0d3ac63114"><code>0d3ac63</code></a>
fix LOGBACK-1698, [Nested appenders are not allowed] warning using
SiftingApp...</li>
<li><a
href="a64b8d43b4"><code>a64b8d4</code></a>
make jakarta.servlet-api as both provided and optional</li>
<li><a
href="114b3ded2d"><code>114b3de</code></a>
bump slf4j version</li>
<li><a
href="1df66621e4"><code>1df6662</code></a>
fix LOGBACK-1706</li>
<li><a
href="ea165fb023"><code>ea165fb</code></a>
fix LOGBACK-1703</li>
<li><a
href="9e07bd075a"><code>9e07bd0</code></a>
fix LOGBACK-1703</li>
<li><a
href="a871e9f1b5"><code>a871e9f</code></a>
minor edits in README.md</li>
<li><a
href="7dc0ce5118"><code>7dc0ce5</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/qos-ch/logback/issues/605">#605</a>
from Zardoz89/patch-1</li>
<li><a
href="7130dfe3a4"><code>7130dfe</code></a>
README.md MUST inform about Java & Jackarta EE support</li>
<li>Additional commits viewable in <a
href="https://github.com/qos-ch/logback/compare/v_1.4.4...v_1.4.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [byte-buddy-dep](https://github.com/raphw/byte-buddy) from 1.12.18
to 1.12.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/raphw/byte-buddy/releases">byte-buddy-dep's
releases</a>.</em></p>
<blockquote>
<h2>Byte Buddy 1.12.19</h2>
<ul>
<li>Avoid possible lock through circular class loading of
<code>TypeDescription</code> subtypes.</li>
<li>Avoid access error when using unsafe API on Java 17 with an active
security manager.</li>
<li>Close URL class loader used in Gradle plugin.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/raphw/byte-buddy/blob/master/release-notes.md">byte-buddy-dep's
changelog</a>.</em></p>
<blockquote>
<h2>Byte Buddy release notes</h2>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c93425a1e9"><code>c93425a</code></a>
[maven-release-plugin] prepare release byte-buddy-1.12.19</li>
<li><a
href="b1f4e9b4ee"><code>b1f4e9b</code></a>
[release] New release</li>
<li><a
href="8d17e3a2a3"><code>8d17e3a</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/raphw/byte-buddy/issues/1359">#1359</a>
from eyalkoren/protection-domain</li>
<li><a
href="c57139e69c"><code>c57139e</code></a>
Using explicit ProtectionDomain in dynamically loaded classes</li>
<li><a
href="ff8be9a91b"><code>ff8be9a</code></a>
Attempt cloning protection domain from accessible object to avoid
security ma...</li>
<li><a
href="6fe45f76ef"><code>6fe45f7</code></a>
Make s in message optional.</li>
<li><a
href="9023501243"><code>9023501</code></a>
Fix scope of summary variable.</li>
<li><a
href="02091f13f4"><code>02091f1</code></a>
Update codeql-analysis.yml</li>
<li><a
href="628b6a90c5"><code>628b6a9</code></a>
Close class loader in Gradle plugin, if possible.</li>
<li><a
href="9a81856525"><code>9a81856</code></a>
Remove unused import.</li>
<li>Additional commits viewable in <a
href="https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.18...byte-buddy-1.12.19">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Working PR to capture all the changes required to update to otel java
1.19.0. The new log API force allows
`:instrumentation-appender-api-internal` and
`:instrumentation-appender-sdk-internal`, but necessitates a decent
amount of refactoring as a result.
The PR points at the `1.19.0-SNAPSHOT`, which I'll update upon
publication.
Co-authored-by: Mateusz Rzeszutek <mrzeszutek@splunk.com>
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
Co-authored-by: Lauri Tulmin <ltulmin@splunk.com>
* Update dependencies
* Strictly pin slf4j and logback versions
* logback 1.3
* Only use slf4j 2.0.0 internally in the javaagent
* Pre-initialize slf4j provider
* Bump jackson version
* licenses
* Update gradle to 7.5
* Bump to 7.5.1
* gradle 7.5.1 with jdk17
* spotless
* one more --add-opens
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
Co-authored-by: Lauri Tulmin <ltulmin@splunk.com>
* Merge javaagent-instrumentation-api into javaagent-extension-api
* remove some leftover references to javaagent-instrumentation-api
* add missing instrumentation-api to distro example
* Sync gradle-plugins version with main project
* More fixes
* Can rely on examples build against all branches now?
* Use common version.gradle.kts
* Update doc
* Simplify
* Introduce stable property for external extensions
* Update docs to use stable extension property.
Also log a warning if deprecated otel.javaagent.experimental.exporter.jar is used.
* Format
* Format
* Polish
* Try to build examples against locally published snapshot
* Always build examples against latest snapshot
* Add Gradle init script to remove sonatype repo
* Build examples against locally published version only during nightly builds
* Update distro demo to the latest snapshot as well
* Muzzle code generation moved to a separate plugin
* Restored old MuzzleCodeGenerationPlugin to use until the new one is published
* The simplest dependency management possible
Co-authored-by: Anuraag Agrawal <aanuraag@amazon.co.jp>
* Support for multiple extension jars by scanning the given folder
* Support to embed extension jar right inside agent jar
* Support for multiple embedded extensions
* Create temp folder for embedded extensions only if they found
* ExtensionClassLoader skips agent jar when scanning folder
* Apply suggestions from code review
Co-authored-by: Mateusz Rzeszutek <mrzeszutek@splunk.com>
* Update examples/extension/build.gradle
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
Co-authored-by: Mateusz Rzeszutek <mrzeszutek@splunk.com>
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
* First POC for external extension loading
* Fix NPE
* Urlhandler
* Fix
* Polish
* Polish
* Urlhandler
* Trying Urlhandler
* Alternative way to load extensions
* Polish
* Add example extensions and smoke test for their usage
* Support for system property
* Polish
* Avoid doing remapping twice
* Polish after merge
* Update to latest changes in extentions api
* Polish
* No need for tooling
* Simplify
* Cleanup
* Better error handling
* Update to the latest API
* Pass jvm arguments from env var on windows payara
* enable more debug logging
* capture test output
* use the same fake backend as regular smoke test
* Remove outdated doc
* Remove unnecessary dependencies
* Formatting
* Rename TRACER to tracer
* Move WrappedFuture to top-level class
* Add missing shadow config
* Use simpler type
* Use simpler base class
Java 9 is commented out because there are some test failures that will be investigated later.
Some tests had to be excluded from Java 7 because they don’t have a Java 7 compatible version.
Trask Stalnaker
dependabot[bot]
Aaron Ai
OpenTelemetry Bot
jack-berg
Mateusz Rzeszutek
Lauri Tulmin
OpenTelemetry Java Bot
Lauri Tulmin
AndyChen
github-actions[bot]
Anuraag Agrawal
Ken Dombeck
Nikita Salnikov-Tarnovski
Anuraag Agrawal
Fabrizio Ferri-Benedetti
Jakub Wach
Christian Neumüller
Gábor Lipták
jason plumb
Tyler Benson
Tyler Benson
Andrew Kent
Gihad Murad