Java Library release notes
These release notes describe the new features, improvements, and fixed issues in the SolarWinds Observability Java Library.
Learn more
- For release notes for all SolarWinds agents, libraries, and collectors, see SolarWinds Observability SaaS summary release notes.
- For currently known issues, see Known issues.
- For information about requirements, see SolarWinds Observability SaaS System Requirements.
2024 updates
2.10.0 - December 9, 2024
Java agent: 2.10.0
OTel agent: 2.10.0
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_10_0:1
Upstream OpenTelemetry versions
New features and improvements
-
Upgraded to upstream OTEL agent 2.10.0.
-
Export metrics using OTLP.
-
Export traces using OTLP.
Note
-
Customers should see new metrics being exported such as
http.client.request.duration
and others. If this is not desired, use this configuration to disable them.
2.9.0 - November 5, 2024
OTel agent: 2.9.0
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_9_0:1
Upstream OpenTelemetry versions
New features and improvements
-
Upgraded to upstream OTEL agent 2.9.0.
-
Added hibernate span creation to support better DBO integration.
-
Excluded stored procedure from context injection.
2.8.0 - September 30, 2024
OTel agent: 2.8.0
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_8_0:1
Upstream OpenTelemetry versions
New features and improvements
- Upgrade to upstream OTel agent 2.8.0.
- Added an ergonomic way to set up OTel metric exporting through the
SW_APM_EXPORT_METRICS_ENABLED
environment variable or the equivalent system property.
2.6.0 - August 21, 2024
OTel agent: 2.6.0
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_6_0:1
Upstream OpenTelemetry versions
New features and improvements
- Upgrade to upstream OTel agent 2.6.0.
Fixes
-
The
com.solarwinds.joboe:logging
dependency has been removed from thesolarwinds-otel-sdk
module. -
Profiling stops when the context expires to reduce memory pressure.
2.5.1 - July 30, 2024
OTel agent: 2.5.0
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_5_1:1
Upstream OpenTelemetry versions
New features and improvements
- The automatic OTel log export is now opt-in only. To enable it, set
SW_APM_EXPORT_LOGS_ENABLED
totrue
.
Fixes
-
A malformed URL exception no longer occurs when a port number is included in a collector endpoint.
2.5.0 - July 15, 2024
OTel agent: 2.5.0
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-v2_5_0:1
Upstream OpenTelemetry versions
New features and improvements
- When
SW_APM_COLLECTOR
is not specified for an OTel log export,na-01
is used as the default data cell. - Upstream OTel agent version 2.5.0, which comes with bug fixes and new features, has been integrated.
2.4.1 - June 28, 2024
OTel agent: 2.4.0
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_4_1:1
Upstream OpenTelemetry versions
New features and improvements
- Logs are automatically exported when a supported logging framework is used by an instrumented service.
- The environment variable
SW_APM_EXPORT_LOGS_ENABLED
can be used to enable or disable log export. It is set totrue
by default (export is enabled).
Fixes
-
An issue that caused trace context in queries not to work for some application frameworks is fixed.
2.4.0 - May 20, 2024
OTel agent: 2.4.0
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_4_0:1
Upstream OpenTelemetry versions
New features and improvements
- Support for handler method as a transaction in
spring-webmnc:6.x.x
. - The
SW_APM_SQL_TAG_DATABASES
environment variable and its system property equivalent were added. They allow users to set the database drivers to tag. The value is a comma separated list of the JDBC driver names. For example, when the application is connecting to both MySQL and Postgres, the value of the variable will bemysql,postgresql
.
2.3.0 - April 23, 2024
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_3_0:1
Upstream OpenTelemetry versions
Fixes
- The disabling of the sw-jdbc instrumentation module in the lambda-build due to a runtime class mismatch is fixed.
2.2.0 - April 8, 2024
AWS Lambda layer ARN
arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_2_0:1
Upstream OpenTelemetry versions
Breaking changes
- The bundled OTel instrumentation contains signification changes. See here. Note especially the attributes collected for HTTP are different due to the semantic convention changes.
Internal changes
- Added separate lambda and normal agent builds.
- Refactored joboe into a modular form that facilitates building the standalone lambda agent module.
2.0.0 - February 13, 2024
Bundled OTel agent version
-
Java OTel agent version 1.32.0
New features and improvements
- This release introduces Lambda support, allowing for seamless integration and monitoring of AWS Lambda functions.
Breaking changes
- The package names were renamed from
com.appoptics.*
tocom.solarwinds.*
. There are class renames as well. This change mainly affects anyone using the SDK and SolarWinds recommends that users always use agent and SDK of the same version.
Fixes
- Addressed an issue related to the propagation of invalid SolarWinds trace state value. This fix ensures that traces are properly continued by downstream libraries.
1.2.0 - February 5, 2024
Bundled OTel agent version
-
Java OTel agent version 1.32.0
New features and improvements
-
Default Collector endpoint has been updated to
apm.collector.na-01.cloud.solarwinds.com
. This takes effect when neither theagent.collector
config property or theSW_APM_COLLECTOR
environment variable is set. SolarWinds recommends that one of the configurations be set because the default value is static and unaware of the user’s data cell. -
For the Java trace context in logs feature, injection of resource attributes into system properties is removed. This means using the system property key lookup syntax in the logging framework setting will no longer work. The user is advised to use the upstream feature, which involves setting
OTEL_INSTRUMENTATION_COMMON_MDC_RESOURCE_ATTRIBUTES
or its system property equivalentotel.instrumentation.common.mdc.resource-attributes
to the comma separated values of the resource attributes to be added to MDC. These attributes can then be looked up using MDC lookup syntax. The following example adds a service name to MDC:OTEL_INSTRUMENTATION_COMMON_MDC_RESOURCE_ATTRIBUTES=service.name
Now the Log4j2 syntax becomes
resource.service.name=%X{service.name}
instead ofresource.service.name=${sys:service.name}
and the Logback syntax becomesresource.service.name=%X{service.name}
instead ofresource.service.name=${service.name}
. -
CVE-2023-44487 is addressed.
-
The size of the library is reduced by 5.8 MB, which is a 17% improvement.
Fixes
- The transaction name session limit reset bug is fixed.
2023 updates
1.0.0 - November 20, 2023
Bundled OTel agent version
-
Java OTel agent version 1.31.0
Breaking changes
- Support for old AppOptics agent arguments and configurations is removed. Your application will not start if any of the removed AppOptics configurations are in your
solarwinds-apm-config.json
. Remove the old configurations that are no longer supported. - Stable OTeL HTTP semantic attributes are adopted for spans. If you use the transaction naming scheme to set transaction names, the attribute key may have changed. See the OTel semconv v1.21.0 for relevant changes.
Fixes
- Service names are defined with the accurate service identification; auto-generated names are now deprioritized.
- Lettuce instrumentation no longer encounters an issue.
CVEs
SolarWinds would like to thank our Security Researchers for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.
-
CVE-2020-8908 - Sensitive Information Disclosure Vulnerability (3.3 Low)
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
-
CVE-2023-2976 - Sensitive Information Disclosure Vulnerability (5.5 Medium)
Use of Java's default temporary directory for file creation in 'FileBackedOutputStream' in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
0.17.4 - October 23, 2023
Bundled OTel agent version
-
Java OTel agent version 1.29.0
New features and improvements
- Custom transaction names are allowed when the trace isn't sampled.
- The value for
resource.service.name
is resolved to the service name defined in the service key whenresource.service.name
is not set. resource.service.name
is exposed in the system properties, allowing it to be accessed by loggers and application code. The service name can be retrieved by reading the keyservice.name
, using system property read API and from loggers using the following:- Log4j2:
resource.service.name=${sys:service.name}
- Logback:
resource.service.name=${service.name}
- Log4j2:
- Introduces the
SW_APM_SQL_TAG_PREPARED
config to allow enabling trace context injection into prepared statements.SW_APM_SQL_TAG
is retained to enable the same for non-prepared statements.
Fixes
- The service key does not leak via process commands and arguments.
- IMDSv2 token request no longer has a bug.
0.17.2 - September 19, 2023
Bundled OTel agent version
-
Java OTel agent version 1.29.0
Fixes
- A Netty bug that was introduced in version 0.17.0 is resolved. This bug probably affected only Netty versions 4.1.80+.
0.17.1 - September 18, 2023
Bundled OTel agent version
-
Java OTel agent version 1.29.0
New features and improvements
- Automatically detect changes to configuration file without restarting application. Configuration properties that take effect after the configuration file is reloaded are listed below. Anything else will require application restart.
agent.configFileWatchPeriod
agent.logging
agent.tracingMode
agent.hostnameAlias
agent.transactionNameSchemes
agent.transactionSettings
agent.hostnameAlias
agent.sqlQueryMaxLength
transaction.prependDomain
agent.triggerTrace
0.17.0 - August 17, 2023
Bundled OTel agent version
-
Java OTel agent version 1.26.0
New features and improvements
- Metrics that are sent to the AppOptics or SolarWinds Observability collectors automatically conform to the formats necessary for the collector.
- Uses REST API when unable to retrieve
UAMSClientID
for the SolarWinds Observability Agent with default methods. - Transaction naming schemes are configurable
Fixes
- HostID Cloud VM retrieval is no longer instrumented.
0.16.2 - July 11, 2023
Bundled OTel agent version
-
Java OTel agent version 1.26.0
New features and improvements
- Gathers k8s metadata.
- Gathers the container ID in different runtimes.
- Adds
otel.scope.name
andotel.scope.version
to spans.
0.16.1 - June 2, 2023
Bundled OTel agent version
-
Java OTel agent version 1.26.0
New features and improvements
- Supports the collector setting in configuration file.
- Ignores empty or null transaction names.
0.16.0 - June 1, 2023
New features and improvements
PreparedStatement
instrumentation is removed.
Breaking changes
- SDK API now returns true when in No-op.
Fixes
- There is no longer a memory leak when there are retained references to statement objects.
Support changes
- Java OTel agent v1.26.0 is supported.
0.15.5 - May 22, 2023
New features and improvements
- AWS and Azure VM metadata is reported for Service and Host correlation.
Breaking changes
- Custom components' names use
solarwinds
instead ofappoptics
.
Fixes
- Non-deterministic requests do not timeout to the collector.
0.15.4 - April 26, 2023
Fixes
X-Trace-Options
is now added to the root span.- Attaching a custom sampler no longer hangs the application.
- Database passwords are no longer inadvertently exposed (fix is implemented with the upgrade to the OTel agent).
Support changes
- Java OTel agent v1.25.0 is supported.
0.15.3 - April 3, 2023
New features
- Filter transactions using
full url
andspan
layer.
Fixes
- Unending trace is fixed.
Support changes
- Bundled OTel agent is upgraded to 1.24.0.
0.15.2 - March 16, 2023
New features
sw.is_error
tag is added to theResponseTime
metric for both error and non-error transactions.
Fixes
- The
ResponseTime
metric is not over-reported.
0.15.1 - March 8, 2023
New features
- AppOptics TLS certficates are bundled with the library, allowing AppOptics endpoints to be used.
Support changes
- The Java Library is updated to use version 7.8.2 of the core library.
0.15.0 - February 23, 2023
New features
- The custom muzzle plugin is replaced with the official plugin.
__Init
message is updated to support Service Instance.
Fixes
- Trace context does not disappear after >11 requests.
- Trace context in JBDC uses the specification format.
- Reports error and info events correctly.
Support changes
- The Java Library is updated to version 1.22.0 of the OTel agent.
2022 updates
0.14.0 - October 27, 2022
New features
- Improved custom transaction name SDK.
- The SDK for the Java Library is published to Maven Central.
0.13.0 - September 22, 2022
New features
- Support for a new unified metrics format with an update to liboboe 10.6.1. See SolarWinds Observability SaaS October 2022 release notes for details of the unified metrics, why you should upgrade your library, and follow up actions that may be necessary after upgrading your library.
- Fixed transaction name mismatch for Spring transactions.
- Fixed JDBC span issue for DMLs.
- Disable the library for unsupported JDK versions.
0.11.0 - August 9, 2022
New features
- The library now reports the SolarWinds Observability Agent's client ID so the relationship between the host entity and the services entity is detected and shown in SolarWinds Observability SaaS.
- Several configuration options are no longer required in the config file.
- Configuration options can now be set using system properties.
Fixes
- The key name of a key/value pair in the Init message sent to the collector is changed from
Java.AppOptics.Opentelemetry.Version
toJava.SolarWindsAPM.Version
.
0.10.0 - June 10, 2022
New features
- Java Library logs can be redirected to a file.
- The Java Library is now disabled if the Service key is not configured properly.
Fixes
- Fixed a
NullPointerException
when some settings are not available.
0.9.0 - May 25, 2022
New features
- The Java Library now uses the the SolarWinds APM collector's certificate instead of a built-in certificate. See SolarWinds Observability SaaS System Requirements for the SolarWinds Observability SaaS System Requirements.
- Added the library-ready checker API.
- Upgraded the Java Library to use OpenTelemetry v1.12.1.
- Updated to report data to the latest collector endpoint. See SolarWinds Observability SaaS System Requirements for the SolarWinds Observability SaaS System Requirements.
- Added a benchmark suite, based on the OpenTelemetry Java agent's benchmark-overhead suite.
- Reduced the artifact file size by half, from roughly 50 MB to 25 MB.
Fixes
- Internal clean-ups and dependency upgrades.
Legal notices
© 2024 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.