I think this makes sense to keep servlet-3.0 and servlet-5.0 smoke test
apps as-is, since they can be used to test both older and newer app
server versions.
should resolve#7329 after this is merged and that is rebased
closes: #7028
For reasons explained in the linked issue, it might be handy to register
drivers directly against `OpenTelemetryDriver` rather than against
`DriverManager`. I decided to also go with static registry as drivers
are often instantiated connect pools (like Agroal) and it could be
difficult to use instance varibles. This PR adds additional `Driver`
collection where drivers can be registered. If driver is registered both
with `OpenTelemtryDriver` and `DriverManager`, drivers registered with
`OpenTelemetryDriver` are preferred.
I noticed that the smoke test projects weren't getting picked up by
dependabot. It seems that dependabot's `directory` configuration doesn't
really mean recursive, it means find the gradle file in that directory,
and follow any includes from it.
I tested this on my fork (temporarily bumping the dependabot limit to
100) and it only created 14 new PRs, so not too bad...
Bumps [spotless-plugin-gradle](https://github.com/diffplug/spotless)
from 6.11.0 to 6.12.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a31bba3e5a"><code>a31bba3</code></a>
Published gradle/6.12.0</li>
<li><a
href="f2f8b08dd8"><code>f2f8b08</code></a>
Published lib/2.31.0</li>
<li><a
href="d7d7ecce6d"><code>d7d7ecc</code></a>
Fix publishing by bumping spotless-changelog to latest.</li>
<li><a
href="9ecec25cd0"><code>9ecec25</code></a>
Bump default <code>palantir-java-format</code> version to latest
<code>2.10</code> -> <code>2.28</code> (<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1329">#1329</a>)</li>
<li><a
href="fd70d743f4"><code>fd70d74</code></a>
Fix CI</li>
<li><a
href="82e0aa2230"><code>82e0aa2</code></a>
Merge branch 'main' into
renovate/com.palantir.javaformat-palantir-java-forma...</li>
<li><a
href="7f73ad277b"><code>7f73ad2</code></a>
Merge branch 'main' into
renovate/com.palantir.javaformat-palantir-java-forma...</li>
<li><a
href="14c304453d"><code>14c3044</code></a>
fix(deps): update dependency org.cqfn.diktat:diktat-rules to v1.2.4.2
(<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1393">#1393</a>)</li>
<li><a
href="b047275f1c"><code>b047275</code></a>
Merge branch 'main' into renovate/ver_diktat</li>
<li><a
href="12c88cf0b6"><code>12c88cf</code></a>
fix(deps): update dependency org.scalameta:scalafmt-core_2.13 to v3.6.1
(<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1373">#1373</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/diffplug/spotless/compare/gradle/6.11.0...gradle/6.12.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps com.diffplug.spotless from 6.11.0 to 6.12.0.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [spotless-plugin-gradle](https://github.com/diffplug/spotless)
from 6.11.0 to 6.12.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a31bba3e5a"><code>a31bba3</code></a>
Published gradle/6.12.0</li>
<li><a
href="f2f8b08dd8"><code>f2f8b08</code></a>
Published lib/2.31.0</li>
<li><a
href="d7d7ecce6d"><code>d7d7ecc</code></a>
Fix publishing by bumping spotless-changelog to latest.</li>
<li><a
href="9ecec25cd0"><code>9ecec25</code></a>
Bump default <code>palantir-java-format</code> version to latest
<code>2.10</code> -> <code>2.28</code> (<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1329">#1329</a>)</li>
<li><a
href="fd70d743f4"><code>fd70d74</code></a>
Fix CI</li>
<li><a
href="82e0aa2230"><code>82e0aa2</code></a>
Merge branch 'main' into
renovate/com.palantir.javaformat-palantir-java-forma...</li>
<li><a
href="7f73ad277b"><code>7f73ad2</code></a>
Merge branch 'main' into
renovate/com.palantir.javaformat-palantir-java-forma...</li>
<li><a
href="14c304453d"><code>14c3044</code></a>
fix(deps): update dependency org.cqfn.diktat:diktat-rules to v1.2.4.2
(<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1393">#1393</a>)</li>
<li><a
href="b047275f1c"><code>b047275</code></a>
Merge branch 'main' into renovate/ver_diktat</li>
<li><a
href="12c88cf0b6"><code>12c88cf</code></a>
fix(deps): update dependency org.scalameta:scalafmt-core_2.13 to v3.6.1
(<a
href="https://github-redirect.dependabot.com/diffplug/spotless/issues/1373">#1373</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/diffplug/spotless/compare/gradle/6.11.0...gradle/6.12.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps com.diffplug.spotless from 6.11.0 to 6.12.0.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
I thought I was going to need this for #7293, but it seems like still a
good change, removes a bit of duplication across getHost and getPort,
and could be useful in the future if we want logic to grab both host and
port in a "single pass"
Currently our `WeakConcurrentMap` is only cleaned of stale entries when
it is accessed. There is an option to clean from a background thread,
but this creates a separate thread for every map. This pr introduces a
single background thread that cleans all maps.
I removed the option to create a thread per map as we don't use it, if
there is interest I could attempt to find a way to add it back.
Co-authored-by: Trask Stalnaker <trask.stalnaker@gmail.com>
When a webflux filter is added which throws an exception, the
instrumentation does not currently capture the `http.status_code`.
The fix is to move `WebClientTracingFilter` from the first to the last
filter in the chain, which I think(?) is the general strategy we've
taken for other client instrumentation, e.g. so that if a filter makes
another http call it won't be suppressed.
I don't love the test coverage I added, so let me know if you have any
better suggestions?
EDIT: btw, I did archaeology to confirm that behavior (adding to the
beginning of the chain) has been in place since the webflux
instrumentation was added originally
6f472a62a0 (diff-493ad89b5bde807c90387aa2bb67eb10d3bcef6b6a388bd31e11796a6d01ac38R36)
Run callbacks added to the `CompletableFuture` returned from `sendAsync`
with the context that was used when `sendAsync` was called.
Add test for capturing message headers.
Bumps [logback-classic](https://github.com/qos-ch/logback) from 1.4.4 to
1.4.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34a6efc534"><code>34a6efc</code></a>
preparfe release 1.4.5</li>
<li><a
href="0d3ac63114"><code>0d3ac63</code></a>
fix LOGBACK-1698, [Nested appenders are not allowed] warning using
SiftingApp...</li>
<li><a
href="a64b8d43b4"><code>a64b8d4</code></a>
make jakarta.servlet-api as both provided and optional</li>
<li><a
href="114b3ded2d"><code>114b3de</code></a>
bump slf4j version</li>
<li><a
href="1df66621e4"><code>1df6662</code></a>
fix LOGBACK-1706</li>
<li><a
href="ea165fb023"><code>ea165fb</code></a>
fix LOGBACK-1703</li>
<li><a
href="9e07bd075a"><code>9e07bd0</code></a>
fix LOGBACK-1703</li>
<li><a
href="a871e9f1b5"><code>a871e9f</code></a>
minor edits in README.md</li>
<li><a
href="7dc0ce5118"><code>7dc0ce5</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/qos-ch/logback/issues/605">#605</a>
from Zardoz89/patch-1</li>
<li><a
href="7130dfe3a4"><code>7130dfe</code></a>
README.md MUST inform about Java & Jackarta EE support</li>
<li>Additional commits viewable in <a
href="https://github.com/qos-ch/logback/compare/v_1.4.4...v_1.4.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [logback-classic](https://github.com/qos-ch/logback) from 1.4.4 to
1.4.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="34a6efc534"><code>34a6efc</code></a>
preparfe release 1.4.5</li>
<li><a
href="0d3ac63114"><code>0d3ac63</code></a>
fix LOGBACK-1698, [Nested appenders are not allowed] warning using
SiftingApp...</li>
<li><a
href="a64b8d43b4"><code>a64b8d4</code></a>
make jakarta.servlet-api as both provided and optional</li>
<li><a
href="114b3ded2d"><code>114b3de</code></a>
bump slf4j version</li>
<li><a
href="1df66621e4"><code>1df6662</code></a>
fix LOGBACK-1706</li>
<li><a
href="ea165fb023"><code>ea165fb</code></a>
fix LOGBACK-1703</li>
<li><a
href="9e07bd075a"><code>9e07bd0</code></a>
fix LOGBACK-1703</li>
<li><a
href="a871e9f1b5"><code>a871e9f</code></a>
minor edits in README.md</li>
<li><a
href="7dc0ce5118"><code>7dc0ce5</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/qos-ch/logback/issues/605">#605</a>
from Zardoz89/patch-1</li>
<li><a
href="7130dfe3a4"><code>7130dfe</code></a>
README.md MUST inform about Java & Jackarta EE support</li>
<li>Additional commits viewable in <a
href="https://github.com/qos-ch/logback/compare/v_1.4.4...v_1.4.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps dependency-check-gradle from 7.3.0 to 7.3.2.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [logback-classic](https://github.com/qos-ch/logback) from 1.3.4 to
1.3.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dd4a0a8de7"><code>dd4a0a8</code></a>
preparfe release 1.3.5</li>
<li><a
href="4313ecb74e"><code>4313ecb</code></a>
fix LOGBACK-1698, [Nested appenders are not allowed] warning using
SiftingApp...</li>
<li><a
href="f22b07ae7a"><code>f22b07a</code></a>
align with 1.4 ordering of optional directive</li>
<li><a
href="08348646eb"><code>0834864</code></a>
bump slf4j version</li>
<li><a
href="5769294367"><code>5769294</code></a>
fix LOGBACK-1706</li>
<li><a
href="d54ab44ff5"><code>d54ab44</code></a>
fix LOGBACK-1703</li>
<li><a
href="8a441b2c12"><code>8a441b2</code></a>
fix LOGBACK-1703</li>
<li><a
href="7461ebaa79"><code>7461eba</code></a>
fix LOGBACK-1699</li>
<li><a
href="8112c02466"><code>8112c02</code></a>
start work on 1.3.5-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.3.4...v_1.3.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
You can trigger a rebase of this PR by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Trask Stalnaker
dependabot[bot]
Michal Vavřík
Mateusz Rzeszutek
Peter Findeisen
Lauri Tulmin
Aaron Ai
OpenTelemetry Bot
jack-berg
Vasi Vasireddy