Documentation forSolarWinds Observability SaaS

Java Library release notes

These release notes describe the new features, improvements, and fixed issues in the SolarWinds Observability Java Library.

Learn more

2024 updates

2.9.0 - November 5, 2024

Return to top

OTel agent: 2.9.0

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_9_0:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.43.0

  • OpenTelemetry instrumentation 2.9.0

New features and improvements

  • Upgraded to upstream OTEL agent 2.9.0.

  • Added hibernate span creation to support better DBO integration.

  • Excluded stored procedure from context injection.

2.8.0 - September 30, 2024

Return to top

OTel agent: 2.8.0

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_8_0:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.42.1

  • OpenTelemetry instrumentation 2.8.0

New features and improvements

  • Upgrade to upstream OTel agent 2.8.0.
  • Added an ergonomic way to set up OTel metric exporting through the SW_APM_EXPORT_METRICS_ENABLED environment variable or the equivalent system property.

2.6.0 - August 21, 2024

Return to top

OTel agent: 2.6.0

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_6_0:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.40.0

  • OpenTelemetry instrumentation 2.6.0

New features and improvements

  • Upgrade to upstream OTel agent 2.6.0.

Fixes

  • The com.solarwinds.joboe:logging dependency has been removed from the solarwinds-otel-sdk module.

  • Profiling stops when the context expires to reduce memory pressure.

2.5.1 - July 30, 2024

Return to top

OTel agent: 2.5.0

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_5_1:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.39.0

  • OpenTelemetry instrumentation 2.5.0

New features and improvements

  • The automatic OTel log export is now opt-in only. To enable it, set SW_APM_EXPORT_LOGS_ENABLED to true.

Fixes

  • A malformed URL exception no longer occurs when a port number is included in a collector endpoint.

2.5.0 - July 15, 2024

Return to top

OTel agent: 2.5.0

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-v2_5_0:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.39.0

  • OpenTelemetry instrumentation 2.5.0

New features and improvements

  • When SW_APM_COLLECTOR is not specified for an OTel log export, na-01 is used as the default data cell.
  • Upstream OTel agent version 2.5.0, which comes with bug fixes and new features, has been integrated.

2.4.1 - June 28, 2024

Return to top

OTel agent: 2.4.0

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_4_1:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.38.0

  • OpenTelemetry instrumentation 2.4.0

New features and improvements

  • Logs are automatically exported when a supported logging framework is used by an instrumented service.
  • The environment variable SW_APM_EXPORT_LOGS_ENABLED can be used to enable or disable log export. It is set to true by default (export is enabled).

Fixes

  • An issue that caused trace context in queries not to work for some application frameworks is fixed.

2.4.0 - May 20, 2024

Return to top

OTel agent: 2.4.0

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_4_0:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.38.0

  • OpenTelemetry instrumentation 2.4.0

New features and improvements

  • Support for handler method as a transaction in spring-webmnc:6.x.x.
  • The SW_APM_SQL_TAG_DATABASES environment variable and its system property equivalent were added. They allow users to set the database drivers to tag. The value is a comma separated list of the JDBC driver names. For example, when the application is connecting to both MySQL and Postgres, the value of the variable will be mysql,postgresql.

2.3.0 - April 23, 2024

Return to top

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_3_0:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.37.0

  • OpenTelemetry instrumentation 2.3.0

Fixes

  • The disabling of the sw-jdbc instrumentation module in the lambda-build due to a runtime class mismatch is fixed.

2.2.0 - April 8, 2024

Return to top

AWS Lambda layer ARN 

arn:aws:lambda:<region>:851060098468:layer:solarwinds-apm-java-2_2_0:1

Upstream OpenTelemetry versions

  • OpenTelemetry API/SDK 1.36.0

  • OpenTelemetry instrumentation 2.2.0

Breaking changes

  • The bundled OTel instrumentation contains signification changes. See here. Note especially the attributes collected for HTTP are different due to the semantic convention changes.

Internal changes

  • Added separate lambda and normal agent builds.
  • Refactored joboe into a modular form that facilitates building the standalone lambda agent module.

2.0.0 - February 13, 2024

Return to top

Bundled OTel agent version

New features and improvements

  • This release introduces Lambda support, allowing for seamless integration and monitoring of AWS Lambda functions.

Breaking changes

  • The package names were renamed from com.appoptics.* to com.solarwinds.*. There are class renames as well. This change mainly affects anyone using the SDK and SolarWinds recommends that users always use agent and SDK of the same version.

Fixes

  • Addressed an issue related to the propagation of invalid SolarWinds trace state value. This fix ensures that traces are properly continued by downstream libraries.

1.2.0 - February 5, 2024

Return to top

Bundled OTel agent version

New features and improvements

  • Default Collector endpoint has been updated to apm.collector.na-01.cloud.solarwinds.com. This takes effect when neither the agent.collector config property or the SW_APM_COLLECTOR environment variable is set. SolarWinds recommends that one of the configurations be set because the default value is static and unaware of the user’s data cell.

  • For the Java trace context in logs feature, injection of resource attributes into system properties is removed. This means using the system property key lookup syntax in the logging framework setting will no longer work. The user is advised to use the upstream feature, which involves setting OTEL_INSTRUMENTATION_COMMON_MDC_RESOURCE_ATTRIBUTES or its system property equivalent otel.instrumentation.common.mdc.resource-attributes to the comma separated values of the resource attributes to be added to MDC. These attributes can then be looked up using MDC lookup syntax. The following example adds a service name to MDC:

    OTEL_INSTRUMENTATION_COMMON_MDC_RESOURCE_ATTRIBUTES=service.name

    Now the Log4j2 syntax becomes resource.service.name=%X{service.name} instead of resource.service.name=${sys:service.name} and the Logback syntax becomes resource.service.name=%X{service.name} instead of resource.service.name=${service.name}.

  • CVE-2023-44487 is addressed.

  • The size of the library is reduced by 5.8 MB, which is a 17% improvement.

Fixes

  • The transaction name session limit reset bug is fixed.

2023 updates

1.0.0 - November 20, 2023

Return to top

Bundled OTel agent version

Breaking changes

  • Support for old AppOptics agent arguments and configurations is removed. Your application will not start if any of the removed AppOptics configurations are in your solarwinds-apm-config.json. Remove the old configurations that are no longer supported.
  • Stable OTeL HTTP semantic attributes are adopted for spans. If you use the transaction naming scheme to set transaction names, the attribute key may have changed. See the OTel semconv v1.21.0 for relevant changes.

Fixes

  • Service names are defined with the accurate service identification; auto-generated names are now deprioritized.
  • Lettuce instrumentation no longer encounters an issue.

CVEs

SolarWinds would like to thank our Security Researchers for reporting on the issue in a responsible manner and working with our security, product, and engineering teams to fix the vulnerability.

  • CVE-2020-8908 - Sensitive Information Disclosure Vulnerability (3.3 Low)

    A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.

  • CVE-2023-2976 - Sensitive Information Disclosure Vulnerability (5.5 Medium)

    Use of Java's default temporary directory for file creation in 'FileBackedOutputStream' in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.

0.17.4 - October 23, 2023

Return to top

Bundled OTel agent version

New features and improvements

  • Custom transaction names are allowed when the trace isn't sampled.
  • The value for resource.service.name is resolved to the service name defined in the service key when resource.service.name is not set.
  • resource.service.name is exposed in the system properties, allowing it to be accessed by loggers and application code. The service name can be retrieved by reading the key service.name, using system property read API and from loggers using the following:
    • Log4j2: resource.service.name=${sys:service.name}
    • Logback: resource.service.name=${service.name}
  • Introduces the SW_APM_SQL_TAG_PREPARED config to allow enabling trace context injection into prepared statements. SW_APM_SQL_TAG is retained to enable the same for non-prepared statements.

Fixes

  • The service key does not leak via process commands and arguments.
  • IMDSv2 token request no longer has a bug.

0.17.3 - September 21, 2023

Return to top

Fixes

  • A bug that affects deployment on Windows is fixed.

0.17.2 - September 19, 2023

Return to top

Bundled OTel agent version

Fixes

  • A Netty bug that was introduced in version 0.17.0 is resolved. This bug probably affected only Netty versions 4.1.80+.

0.17.1 - September 18, 2023

Return to top

Bundled OTel agent version

New features and improvements

  • Automatically detect changes to configuration file without restarting application. Configuration properties that take effect after the configuration file is reloaded are listed below. Anything else will require application restart.
    • agent.configFileWatchPeriod
    • agent.logging
    • agent.tracingMode
    • agent.hostnameAlias
    • agent.transactionNameSchemes
    • agent.transactionSettings
    • agent.hostnameAlias
    • agent.sqlQueryMaxLength
    • transaction.prependDomain
    • agent.triggerTrace

0.17.0 - August 17, 2023

Return to top

Bundled OTel agent version

New features and improvements

  • Metrics that are sent to the AppOptics or SolarWinds Observability collectors automatically conform to the formats necessary for the collector.
  • Uses REST API when unable to retrieve UAMSClientID for the SolarWinds Observability Agent with default methods.
  • Transaction naming schemes are configurable

Fixes

  • HostID Cloud VM retrieval is no longer instrumented.

0.16.2 - July 11, 2023

Return to top

Bundled OTel agent version

New features and improvements

  • Gathers k8s metadata.
  • Gathers the container ID in different runtimes.
  • Adds otel.scope.name and otel.scope.version to spans.

0.16.1 - June 2, 2023

Return to top

Bundled OTel agent version

New features and improvements

  • Supports the collector setting in configuration file.
  • Ignores empty or null transaction names.

0.16.0 - June 1, 2023

Return to top

New features and improvements

  • PreparedStatement instrumentation is removed.

Breaking changes

  • SDK API now returns true when in No-op.

Fixes

  • There is no longer a memory leak when there are retained references to statement objects.

Support changes

  • Java OTel agent v1.26.0 is supported.

0.15.5 - May 22, 2023

Return to top

New features and improvements

  • AWS and Azure VM metadata is reported for Service and Host correlation.

Breaking changes

  • Custom components' names use solarwinds instead of appoptics.

Fixes

  • Non-deterministic requests do not timeout to the collector.

0.15.4 - April 26, 2023

Return to top

Fixes

  • X-Trace-Options is now added to the root span.
  • Attaching a custom sampler no longer hangs the application.
  • Database passwords are no longer inadvertently exposed (fix is implemented with the upgrade to the OTel agent).

Support changes

  • Java OTel agent v1.25.0 is supported.

0.15.3 - April 3, 2023

Return to top

New features

  • Filter transactions using full url and span layer.

Fixes

  • Unending trace is fixed.

Support changes

  • Bundled OTel agent is upgraded to 1.24.0.

0.15.2 - March 16, 2023

Return to top

New features

  • sw.is_error tag is added to the ResponseTime metric for both error and non-error transactions.

Fixes

  • The ResponseTime metric is not over-reported.

0.15.1 - March 8, 2023

Return to top

New features

  • AppOptics TLS certficates are bundled with the library, allowing AppOptics endpoints to be used.

Support changes

  • The Java Library is updated to use version 7.8.2 of the core library.

0.15.0 - February 23, 2023

Return to top

New features

  • The custom muzzle plugin is replaced with the official plugin.
  • __Init message is updated to support Service Instance.

Fixes

  • Trace context does not disappear after >11 requests.
  • Trace context in JBDC uses the specification format.
  • Reports error and info events correctly.

Support changes

  • The Java Library is updated to version 1.22.0 of the OTel agent.

2022 updates

0.14.0 - October 27, 2022

Return to top

New features

  • Improved custom transaction name SDK.
  • The SDK for the Java Library is published to Maven Central.

0.13.0 - September 22, 2022

Return to top

New features

  • Support for a new unified metrics format with an update to liboboe 10.6.1. See SolarWinds Observability SaaS October 2022 release notes for details of the unified metrics, why you should upgrade your library, and follow up actions that may be necessary after upgrading your library.
  • Fixed transaction name mismatch for Spring transactions.
  • Fixed JDBC span issue for DMLs.
  • Disable the library for unsupported JDK versions.

0.11.0 - August 9, 2022

Return to top

New features

  • The library now reports the SolarWinds Observability Agent's client ID so the relationship between the host entity and the services entity is detected and shown in SolarWinds Observability SaaS.
  • Several configuration options are no longer required in the config file.
  • Configuration options can now be set using system properties.

Fixes

  • The key name of a key/value pair in the Init message sent to the collector is changed from Java.AppOptics.Opentelemetry.Version to Java.SolarWindsAPM.Version.

0.10.0 - June 10, 2022

Return to top

New features

  • Java Library logs can be redirected to a file.
  • The Java Library is now disabled if the Service key is not configured properly.

Fixes

  • Fixed a NullPointerException when some settings are not available.

0.9.0 - May 25, 2022

Return to top

New features

Fixes

  • Internal clean-ups and dependency upgrades.

0.7.1 - April 29, 2022

Return to top

  • Initial SolarWinds Observability Java Library release.

Legal notices

Return to top

© 2024 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.