CHANGES

Platform 2.47

* Maven

  We now specify a version for the JaCoCo agent in the dependencyManagment section.

* Maven plugin upgrades

  - build-helper-maven-plugin to 3.2.0 (was 3.1.0)
  - maven-resources-plugin to 3.2.0 (was 3.1.0)
  - maven-assembly-plugin to 3.3.0 (was 3.2.0)
  - duplicate-finder-maven-plugin to 1.5.0 (was 1.4.0)
  - spotbugs-maven-plugin to 4.2.2 (was 4.0.0)
  - maven-site-plugin to 3.9.1 (was 3.9.0)
  - docker-maven-plugin to 0.35.0 (was 0.33.0)

Platform 2.46

* Library Upgrades

  - Jetty to 9.4.39 (was 9.4.38) (CVE-2021-28163, CVE-2021-28164, CVE-2021-28165)
  - Base Docker image to c15-java11:2.24 (was 2.22)

Platform 2.44

* Library Upgrades

  - slf4j to 1.7.30 (was 1.7.26)
  - Joda-Time to 2.10.10 (was 2.10.1)
  - Jackson to 2.12.2 (was 2.11.0)
  - hibernate-validator to 6.0.21.Final (was 6.0.18.Final)
  - assertj-core to 3.19.0 (was 3.12.2)
  - assertj-guava to 3.4.0 (was 3.2.1)
  - assertj-db to 2.0.2 (was 1.2.0)
  - Objenesis to 3.1 (was 3.0.1)
  - Mockito to 3.8.0 (was 2.28.2)
  - Hamcrest to 2.2 (was 1.3)
  - byte-buddy to 1.10.22 (was 1.9.13)

Platform 2.43

* Library Upgrades

  - auto-value to 1.7.4 (was 1.6.5)
  - Guava to 30.1 (was 30.0)
  - Guice to 5.0.1 (was 4.2.3)
  - Jetty to 9.4.38 (was 9.4.35)
  - Base Docker image to c15-java11:2.22 (was 2.21)

Platform 2.42

* Deprecation removals

  We have removed the empty OpenApiModule. Its functionality has long since
  been incorporated into JaxrsModule and references to it should be deleted.

  We removed the following deprecated APIs:

  - Logging.logToFile(String, int, DataSize, DataSize)
  - Logging.addShutdownHookToWaitFor(Thread)
  - Logging.removeShutdownHookToWaitFor(Thread)
  - RollingFileHander(String, int, DataSize, DataSize) constructor
  - ShutdownWaitingLogManager.addWaitForShutdownHook(Thread)
  - ShutdownWaitingLogManager.removeWaitForShutdownHook(Thread)
  - log.max-size-in-bytes configuration option

* Library Upgrades
  - Base Docker image to c15-java11:2.21 (was 2.17)

Platform 2.41

* HttpServer

  We changed the format of the JSON request log to take less space and omit
  less-used fields. The previous format may be selected by setting the
  "http-server.log.format" config option to "JSON_VERBOSE".

Platform 2.40

* We fixed an issue in the JMX module when running on a version of Java with
  a four-segment version number.

* We no longer replace a previous set of discovered instances when the
  discovery service returns an empty set of instances.

* Library Upgrades
  - Base Docker image to c15-java11:2.17 (was 2.13)

Platform 2.39

* Library Upgrades

  - Jetty to 9.4.35 (was 9.4.33)
  - Guava to 30.0 (was 29.0)
  - Base Docker image to repocache.nonprod.ppops.net/dev-docker-local/c15-java11:2.13
    Base image needs to have the "service" user and /service/var directory.

* Packaging

  We now exclude test-scope jar files from distribution tar files and
  Docker images.

Platform 2.38

* Library Upgrades
  - Jetty to 9.4.33 (was 9.4.32) (fixes CVE-2020-27216)
  - Base Docker image to proofpoint/platform-zulu-11:1.11
    based on 11.0.9. Pull image through repocache docker-remote.

Platform 2.37

* HTTP Server

  We now delay creating the listen sockets until the @AcceptRequests phase.

  We reduced the default accept queue size to 10 from 128 in order to shed
  load during connection storms.

* Library Upgrades
  - Jetty to 9.4.32 (was 9.4.24)
  - Base Docker image to proofpoint/platform-zulu-11:1.10
    update libx11-6 and libx11-data to 2:1.6.7-1+deb10u1 for CVE-2020-14363

Platform 2.36

* Library Upgrades
  - Base Docker image to proofpoint/platform-zulu-11:1.9
    based on 11.0.8

Platform 2.35

* Library Upgrades
  - Base Docker image to proofpoint/platform-zulu-11:1.8
    update libsystemd0 to 241-7~deb10u4 for CVE-2020-1712

Platform 2.34

* Build

  We now use the SONAR_HOST_URL instead of a .build-sonar file to enable
  SonarQube reporting.

Platform 2.33

* Build

  We now set the Sonar projectKey when Sonar is enabled.

Platform 2.32

* Library Upgrades
  - Base Docker image to proofpoint/platform-zulu-11:1.7
    updates libgnutls30 to 3.6.7-4+deb10u4 for CVE-2020-13777

Platform 2.30

* Library Upgrades

  - Guava to 29.0-jre (was 28.2-jre)
  - Jackson to 2.11.0 (was 2.10.0) (fixes deserialization vulnerabilities
    when using @JsonTypeInfo or "default typing")

Platform 2.29

* Build

  We now enable JaCoCo code coverage of (Maven) integration tests.

  If the project has a .build-sonar file we now report code coverage to
  SonarQube.

* Launcher

  We moved the StartLimitIntervalSecs setting back from [Unit] to [Service] and
  changed its name to StartLimitInterval.

Platform 2.28

* Library Upgrades

  - Base Docker image to proofpoint/platform-zulu-11:1.6
     based on azul/zulu-openjdk-debian:11.0.7-11.39.15
    (was proofpoint/platform-zulu-11:1.5)

Platform 2.27

* Library Upgrades

  - Guice to 4.2.3 (was 4.2.2)

* Maven plugin upgrades

  - jacoco-maven-plugin to 0.8.5 (was 0.8.4)
  - sonar-maven-plugin 3.7.0.1746 (previously unspecified)
  - build-helper-maven-plugin to 3.1.0 (was 3.0.0)
  - maven-assembly-plugin to 3.2.0 (was 3.1.1)
  - maven-javadoc-plugin to 3.2.0 (was 3.1.0)
  - maven-jar-plugin to 3.2.0 (was 3.1.0)
  - maven-source-plugin to 3.2.1 (was 3.1.0)
  - dependency-scope-maven-plugin to 0.10 (was 0.8)
  - spotbugs-maven-plugin to 4.0.0 (was 3.1.12)
  - maven-site-plugin to 3.9.0 (was 3.7.1)
  - plexus-compiler-javac-errorprone to 2.8.6 (was 2.8.5)
  - error_prone_core to 2.3.4 (was 2.3.3)
  - maven-dependency-plugin to 3.1.2 (was 3.1.1)
  - maven-invoker-plugin to 3.2.1 (was 3.2.0)
  - maven-shade-plugin to 3.2.2 (was 3.2.1)

Platform 2.26

* Configuration

  We added support for JSON-format configuration.

  If the file "etc/config/config.json" exists, then it will be read instead
  of the default "etc/config.properties" and "etc/secrets.properties".
  Additionally, files matching the glob "etc/*/config.json" will be read.

  In the read JSON, arrays and objects will be (recursively) flattened. Null
  values will be ignored. For example, the JSON:

      {
        "array": [ "value", null, 6 ],
        "object": { "a": "b", "c": false }
      }

  will be interpreted as:

     array.1=value
     array.3=6
     object.a=b
     object.c=false

* Logging

  We added support for JSON-format configuration of log levels. If the file
  "etc/config/log.json" exists, then it will be read instead of the default
  "etc/log.properties".

* Launcher

  We added support for JSON-format configuration of jvm arguments. If the file
  "etc/config/jvm.json" exists, then it will be read instead of the default
  "etc/jvm.properties" or "etc/jvm.config".

Platform 2.25

* HttpServer

  We added 100.64.0.0/10 to the default set of networks trusted for following
  the X-Forwarded-For: header.

* Docker

  We removed support for Sealights under Docker.

* JAX-RS

  We added a "testing.jaxrs.override-method-filter" config option (default "true")
  which can be set to "false" to disable the OverrideMethodFilter (allows overriding
  POST requests with PUT or DELETE via header or query param)

Platform 2.24

* Library Upgrades

  - Base Docker image to proofpoint/platform-zulu-11:1.5
    based on 11.0.6 (was proofpoint/platform-zulu-11:1.4)

* Maven plugin upgrades

  - docker-maven-plugin to 0.33.0 (was 0.30.0)

Platform 2.23

* Launcher

  We moved the StartLimitIntervalSecs setting from [Unit] to [Service] in
  order to fix an error on newer versions of systemd.

Platform 2.22

* HttpServer

  We fixed a regression in 2.19 when a Java keystore had multiple cert/key
  pairs.

* Library Upgrades
  - Guava to 28.2-jre (was 28.1-jre)
  - hibernate-validator to 6.0.18.Final (was 6.0.16.Final)

* Maven plugin upgrades

 - duplicate-finder-maven-plugin to 1.4.0 (was 1.3.0)

Platform 2.20

* HttpClient

  We fixed a bug
  bindDiscoveredHttpClient(String, Class<? extends Annotation>) that was
  introduced in 2.19.

Platform 2.19

* HttpClient

  We have deprecated @com.proofpoint.discovery.client.ServiceType in favor of
  @com.proofpoint.http.client.ServiceType.

  We created convenience HttpClientBinder methods
  bindBalancingHttpClient(String, String, String...) and
  bindKubernetesServiceHttpClient(String, String)

* Deprecation removals

  We removed the following deprecated APIs:

  - AnnotatedBindingBuilder constructor
  - PrefixBindingBuilder constructor
  - ConfigBindingBuilder constructor
  - ConfigurationProvider
  - HttpClientModule
  - http.client.Request constructors
  - RuntimeIOException
  - JettyHttpClient.getIoPoolStats()
  - JettyIoPoolConfig
  - ClientInfoUtils.clientAddressFor()
  - HttpServer constructors
  - HttpServerProvider, TestingHttpServer, and TestingAdminHttpServer
    constructors without a ClientAddressExtractor parameter
  - RequestStats.record(String, int, long, long, Duration, Duration)
  - TestingNodeModule constructors taking Guava Optional
  - http-client.max-threads configuration option
  - http-client.min-threads configuration option
  - http-client.timeout-concurrency configuration option
  - http-client.timeout-threads configuration option

* Library Upgrades
  - Jetty to 9.4.24 (was 9.4.21)

Platform 2.18

* Library Upgrades

  - Base Docker image to proofpoint/platform-zulu-11:1.4
    based on 11.0.5 (was proofpoint/platform-zulu-11:1.3)

Platform 2.17

* Audit Logging

  - The default value for "audit.log.path" has changed to "var/log/audit.log".
    This config option is no longer overridden by the launcher. To disable
    audit logging, for example when running in-IDE, use the new config option
    "audit.log.enable".

Platform 2.16

* Library Upgrades

  - Jackson to 2.10.0 (was 2.9.10) (fixes deserialization vulnerabilities
    when using @JsonTypeInfo or "default typing")

Platform 2.14

* Reporting

  We added a "reporting.pulse.include-host-tag" config option (default "true")
  which can be set to "false" in order to omit the "host" tag from metrics
  reported to Pulse.

* Library Upgrades

  - Jetty to 9.4.21 (was 9.4.20) (various HTTP/2 denial-of-service fixes)

Platform 2.13

* Library Upgrades

  - Jackson to 2.9.10 (was 2.9.9) (fixes deserialization vulnerabilities
    when using @JsonTypeInfo or "default typing")

Platform 2.12

* HttpClient and HttpServer

  We disabled TLS 1.1 and the ciphers TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
  TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, and
  TLS_RSA_WITH_AES_128_CBC_SHA.

* JMX

  - We fixed a bug preventing JMX from starting on Java 11.
  - We log a hint about necessary JVM config when JMX fails to start on Java 11
  - We skip starting the JMX agent on Java 11 if it is already configured.

* Library Upgrades

  - Guava to 28.1-jre (was 28.0-jre)

Platform 2.11

* Logging

  We added a "log.queue-size" configuration option. If nonzero, the main
  launcher.log will use asynchronous logging with an in-memory queue
  of the configured maximum size. The default is "0".

* Library Upgrades

  - Jetty to 9.4.20 (was 9.4.18)

Platform 2.10

* Library Upgrades

  - jackson-databind to 2.9.9.3 (was 2.9.9.2) (fix regression in Platform 2.09)

Platform 2.09

* Launcher

  Arguments in jvm.properties that start with "-XX:+Unlock" now get moved
  earlier than other arguments in jvm.properties.

* Library Upgrades

  - jackson-databind to 2.9.9.2 (was 2.9.9.1) (CVE-2019-14379 CVE-2019-14439)

Platform 2.08

* Library Upgrades

  - jackson-databind to 2.9.9.1 (was 2.9.9) (CVE-2019-12384 CVE-2019-12814)
  - Base Docker image to proofpoint/platform-zulu-11:1.3
    based on 11.0.4 (was proofpoint/platform-zulu-8:1.2)

Platform 2.07

* Docker

  Docker images built now specify their user numerically instead of by name.

* OpenApi

  We moved the OpenApi support into the jaxrs module. The openapi module no
  longer does anything and is deprecated

* Maven plugin upgrades

 - maven-compiler-plugin to 3.8.1 (was 3.8.0)
 - maven-assembly-plugin to 3.1.1 (was 3.1.0)
 - maven-surefire-plugin to 2.22.2 (was 2.22.1)
 - maven-javadoc-plugin to 3.1.0 (was 3.0.1)
 - maven-source-plugin to 3.1.0 (was 3.0.1)
 - duplicate-finder-maven-plugin to 1.3.0 (was 1.2.1)
 - spotbugs-maven-plugin to 3.1.12 (was 3.1.8)
 - jacoco-maven-plugin to 0.8.4 (was 0.8.2)
 - modernizer-maven-plugin to 1.8.0 (was 1.7.1)
 - docker-maven-plugin to 0.30.0 (was 0.27.2)
 - plexus-compiler-javac-errorprone to 2.8.5 (was 2.8.2)
 - error_prone_core to 2.3.3 (was 2.0.21)
 - maven-invoker-plugin to 3.2.0 (was 3.1.0)
 - maven-shade-plugin to 3.2.1 (was 3.1.1)

Platform 2.06

* Bean Validation

  We replaced Apache BVal with Hibernate Validator.

  Unit tests which assertFailsValidation with a message of "may not be null"
  will need to be changed to assert a message of "must not be null".

  Any use of org.apache.bval.jsr.ApacheValidationProvider will need to be
  replaced with org.hibernate.validator.HibernateValidator.

  Any Maven dependency of:

    <dependency>
        <groupId>org.apache.bval</groupId>
        <artifactId>bval-jsr</artifactId>
    </dependency>

  will need to be replaced with:

    <dependency>
        <groupId>org.hibernate.validator</groupId>
        <artifactId>hibernate-validator</artifactId>
    </dependency>

    <dependency>
        <groupId>org.glassfish</groupId>
        <artifactId>jakarta.el</artifactId>
    </dependency>

* Library Upgrades

  - Guava to 28.0-jre (was 27.1-jre)
  - AutoValue to 1.6.5 (was 1.6.2)
  - Mockito to 2.28.2 (was 2.23.0)
  - byte-buddy to 1.9.13 (was 1.9.4)
  - assertj-core to 3.12.2 (was 3.11.1) (Iterable assertions require .toIterable() to access)
  - assertj-guava to 3.2.1 (was 3.2.0)

Platform 2.05

* JAX-RS

  We added the JaxrsModule.withOptionsEnabled() method to enable the default
  support of the OPTIONS method.

* Library Upgrades
  - Jetty 9.4.18 (was 9.4.17) fixes server becomes unresponsive after sitting
    idle from a load spike.
  - Jackson to 2.9.9 (was 2.9.8) (CVE-2019-12086)

Platform 2.04

* Library Upgrades

  - Jetty to 9.4.17 (was 9.4.15) (CVE-2019-10241, -10246, -10247)
  - Base Docker image to proofpoint/platform-zulu-8:1.2
    based on 8u212 (was proofpoint/platform-zulu-8:1.1)

Platform 2.03

* TLS 1.3

  We now support TLS 1.3 with TLS_AES_256_GCM_SHA384 and
  TLS_AES_128_GCM_SHA256 ciphers when running on Java 11.0.3 or later.

* [Bug] Requests weren't logged when they threw exceptions before reading the
  body.

Platform 2.02

* Library Upgrades

  - Guava to 27.1-jre (was 27.0.1-jre)
  - Base Docker image to proofpoint/platform-zulu-8:1.1
    based on 8u202 (was proofpoint/platform-zulu-8:1.0)

Platform 2.01

* [Bug] Fixed deadlock during graceful shutdown.

* Library upgrades

  - Base Docker image to proofpoint/platform-zulu-8:1.0
    (was azul/zulu-openjdk-debian:8u192)
  
    Uses "dumb-init" to better handle pid 1 responsibilites   

Platform 2.00

* Launcher

  [Bug] When running in a Docker container, pass termination signals to the
  child server process.

* Library Upgrades

  - Jetty to 9.4.15 (was 9.4.14)
  - slf4j to 1.7.26 (was 1.7.25)

Platform 1.99

* JMX

  We now configure the "java.rmi.server.hostname" property to "127.0.0.1"
  when JMX is enabled. This permits enabling JMX inside containers.

* Docker

  The Sealights integration now copies the necessary files relative to the
  value of the "project.basedir" maven property, which defaults to ".". Maven
  subprojects that need Sealights integration in their generated Docker image
  will need to override that property in the subproject's pom.xml.

Platform 1.97

* JAX-RS

  We added a filter to attach the Strict-Transport-Security header
  to responses from all resources. We added configuration options
  "jaxrs.hsts.max-age", "jaxrs.hsts.include-sub-domains", and
  "jaxrs.hsts.preload" for configuring the contents of the header. The
  filter is enabled by configuring a value for the max age.

Platform 1.96

* Deprecation removals

  We removed the following deprecated APIs:

  - ConfigRecord.createConfigRecord()
  - ConfigurationValidator(ConfigurationFactory, WarningsMonitor) constructor
  - HttpServiceBalancerFactory.createHttpServiceBalancer(String,
    ServiceSelectorConfig, NodeInfo)
  - JsonEventSerializer.serialize(Object, String, JsonGenerator)
  - HttpServiceBalancerImpl(String, HttpServiceBalancerStats)
  - JsonMapperParsingException constructor

* We configured duplicate-finder-maven-plugin to ignore module-info classes
  that are in subdirectories.

* Library upgrades

  - Jackson to 2.9.8 (was 2.9.7) (fixes deserialization vulnerabilities
    CVE-2018-19360, -19361, and -19362 when using @JsonTypeInfo or
    "default typing". Fixes performance issue with malicious BigDecimal input
    CVE-2018-1000873.)

Platform 1.95

* HttpClient

 We renamed the HttpClient.IoPool.CONFIGPREFIX.FreeThreadCount metric to
 HttpClient.QUALIFIER.IoPool.FreeThreadCount. This was done in order to fix
 startup failures introduced in Platform 1.93 caused by a duplicate metric
 name when using a library that had two HttpClients bound with the same config
 prefix but different qualifiers (and filters).

 We also fixed a bug where non-balanced HttpClients did not report request
 metrics.

* Maven plugin upgrades

 - modernizer-maven-plugin to 1.7.1 (was 1.7.0)

Platform 1.94

* HttpServer

  We disabled support for SSL 2.0 compatible hello packets.

  We now log the TLS protocol version and cipher suite in the JSON
  http-request log. We also added a HttpServer.TlsRequest.Count metric broken
  down by protocolVersion and cipherSuite.

* JSON

  The @JsonProperty annotation is no longer necessary on parameters to
  @JsonCreator constructors and methods. If absent the parameter name will
  be used instead.

  [Bug] We fixed serialization to omit null map values. This had regressed in
  Platform 1.73.

* Maven

  We enabled the RequireUpperBoundDeps rule in maven-enforcer-plugin.

* Library upgrades

  - Guava to 27.0.1-jre (was 26.0-jre)
  - validation-api to 2.0.1 (was 1.1.0)
  - bval-jsr to 2.0.0 (was 1.1.2)
  - byte-buddy to 1.9.4 (was 1.8.15)

Platform 1.93

* HttpClient

  We removed support for the shared IO pool. Now each HttpClient has a private
  IO pool. The .withPrivateIOThreadPool() method of the HttpClient binding DSL
  is deprecated and no longer necessary. The configuration properties for the
  shared IO pool are likewise deprecated and no longer used.

  We added a Request.Builder.addHeaders() method for adding multiple request
  headers.

  We added a Request.Builder.setPreserveAuthorizationOnRedirect() method for
  preserving the Authorization header when following redirects. By default
  it is not preserved.

  We now preserve the User-Agent header when following redirects.

  We deprecated the Request constructors. Instead use a Request.Builder.

* HttpServer

  We added the "http-server.log.queue-size" configuration property to allow
  configuring the size of the in-memory buffer for http-request.log. It
  now defaults to 10,000 records.

  We added the "http-server.https.ssl-session-cache-size" and
  "http-server.https.ssl-session-timeout" configuration properties to allow
  configuring the TLS session cache.

  We added "protocolVersion", "timeToDispatch", "timeToRequestEnd",
  "timeResponseContent", "responseContentChunk", and "timeToLastByte"
  metrics to the JSON-format http-request.log. The "responseContentChunk"
  field is a map with two members: "count" and "max".

* Maven

  We enabled compiled metadata for reflection on method parameters.

  We configured maven-enforcer-plugin to prohibit duplicate dependencies
  in POMs.

* Discovery

  We decreased the timeout for the initial discovery service query from 30
  seconds to 1 second.

* Library upgrades

 - Jetty to 9.4.14 (was 9.4.12)
 - Guice to 4.2.2 (was 4.2.1)
 - Joda-time to 2.10.1 (was 2.9.9)
 - objenesis to 3.0.1 (was 2.6)
 - cglib to 3.2.8 (was 3.1)
 - javax.annotation-api to 1.3.1 (was 1.2)
 - spotbugs-annotations to 3.1.8 (was 3.1.6)

* Maven plugin upgrades

 - modernizer-maven-plugin to 1.7.0 (was 1.6.0)
 - maven-surefire-plugin to 2.22.1 (was 2.22.0)
 - spotbugs-maven-plugin to 3.1.8 (was 3.1.7)
 - docker-maven-plugin to 0.27.2 (was 0.26.1)

Platform 1.92

* Library upgrades

  - Base Docker image changed to azul/zulu-openjdk-debian:8u192
    (was azul/zulu-openjdk-debian:8u181)

Platform 1.91

* [Bug] Report collections didn't implement equals()/hashCode()/toString()

Platform 1.90

* Reporting

  We added a "ReportCollector.LogErrors.Count" metric counting the number
  of log lines at error level.

* HttpClient

  The HTTP client also supports HTTP/2 under TLS when running on Java 11.
  If HTTP/2 is enabled, however, the client will always use the HTTP/2
  protocol and thus can only communicate with HTTP/2 servers. Attempting to
  connect to an older server will result in "refused_stream_error".
  Thus, HTTP/2 is disabled by default.

* Library upgrades

  - Base Docker image changed to azul/zulu-openjdk-debian:8u181
    (was openjdk:8u181-jdk)
  - Guice to 4.2.1 (was 4.2.0)
  - Jackson to 2.9.7 (was 2.9.6) (fixes deserialization vulnerabilities
    CVE-2018-14718 and -14721 when using @JsonTypeInfo or "default typing")
  - auto-value to 1.6.2 (was 1.5)
    All Maven dependency sections that used to refer to
    <artifactId>auto-value</artifactId> must now be replaced with:

      <dependency>
          <groupId>com.google.auto.value</groupId>
          <artifactId>auto-value-annotations</artifactId>
          <optional>true</optional>
      </dependency>

  - AssertJ-core to 3.11.1 (was 3.5.2)
  - AssertJ-Guava to 3.2.0 (was 3.1.0)
  - AssertJ-Joda-time to 2.2.0 (was 2.0.0)
  - AssertJ-DB to 1.2.0 (was 1.1.1)
  - Mockito to 2.23.0 (was 2.21.0)

Platform 1.89

* Reporting

  ReportingPrometheusModule() no longer reports metrics using the Prometheus
  "counter" or "summary" types. All metrics are now reported as the Prometheus
  "gauge" type using names and values as close as possible to the way they
  are reported to KairosDB. This means that counts are reported as one-minute
  buckets, not total since startup.

  We added the ReportCollector_ServerStart metric to those reported by
  ReportingPrometheusModule().

* HTTP/2

  We now enable HTTP/2 under TLS in the server when running under Java 11.

* Trace tokens

  Trace token properties with keys starting with "_" are now no longer
  serialized to or deserialized from JSON. This permits setting properties
  which will be included in logs but not propagated to dependent services.

* Launcher

  Unless overridden in jvm.config or jvm.properties, the launcher will now set
  the -XX:+ExitOnOutOfMemoryError option instead of
  -XX:OnOutOfMemoryError="kill -9 %p"

  This means the minimum supported Java version has increased to 8u92.

Platform 1.88

* We now support Java 11.

* HttpClient

  The HTTP client also supports HTTP/2 cleartext. However, there is
  no upgrade mechanism, so if HTTP/2 is enabled, the client will always
  use the HTTP/2 protocol and thus can only communicate with HTTP/2
  servers. Attempting to connect to an older server will result in
  "refused_stream_error". Thus, HTTP/2 is disabled by default.

* Library upgrades

  - Jetty to 9.4.12 (was 9.3.24)
  - jaxb-api to 2.3.0 (was 2.2.6)

* Maven plugin upgrades

  - spotbugs-maven-plugin to 3.1.7 (was 3.1.6)

Platform 1.87

* Maven

  We replaced FindBugs with SpotBugs. SpotBugs may be disabled through the
  platform.check.skip-spotbugs Maven property. Failing the build on SpotBugs
  errors may be enabled with the platform.check.fail-spotbugs property.

  This required an incompatible change. Previously the dependency
  com.google.code.findbugs:jsr305 was banned, with projects requiring the JSR
  305 annotations depending on com.google.code.findbugs:findbugs-annotations.
  Now the findbugs-annotations dependency is banned and projects requiring the
  JSR 305 annotations must have the dependency:

    <dependency>
        <groupId>com.google.code.findbugs</groupId>
        <artifactId>jsr305</artifactId>
        <optional>true</optional>
    </dependency>

  Projects requiring the FindBugs annotations must have the dependency:

    <dependency>
        <groupId>com.github.spotbugs</groupId>
        <artifactId>spotbugs-annotations</artifactId>
        <optional>true</optional>
    </dependency>

* In-IDE testing

  We created a new configuration option for simplifying discovery when running
  servers in-IDE. If the configuration option "testing.discovery.static" is
  se to "true", then service discovery will be performed statically through
  configuration rather than querying the discovery service.

  Like the StaticDiscoveryModule(), this mode will use a comma-separated list
  of URIs from the "service-balancer.SERVICETYPE.uri" config option. This mode
  will also swallow Discovery announcements.

  This mode is not appropriate for production use. Instead use
  StaticDiscoveryModule() if a production service needs to run without a
  discovery service.

* HttpClient

  We removed support for setting the configuration property
  "http-client.max-requests-queued-per-destination" to "0".

* [Bug] JSON-format http-request.log time field would omit microseconds when
  they were ".000".

Platform 1.86

* Configuration

  We created ConfigBinder.bindConfig() with a slightly different interface
  than ConfigurationModule.bindConfig(). It looks like:

      bindConfig(binder).bind(FooConfig.class)
          .annotatedWith(Qualifer.class)
          .prefixedWith("prefix");

  We deprecated ConfigurationModule.bindConfig(). To migrate, use IDEA
  "Find/Replace Structurally..." with the following patterns:

    com.proofpoint.configuration.ConfigurationModule.bindConfig($b$).to($c$)
    com.proofpoint.configuration.ConfigBinder.bindConfig($b$).bind($c$)

    com.proofpoint.configuration.ConfigurationModule.bindConfig($b$).annotatedWith($a$).to($c$)
    com.proofpoint.configuration.ConfigBinder.bindConfig($b$).bind($c$).annotatedWith($a$)

    com.proofpoint.configuration.ConfigurationModule.bindConfig($b$).prefixedWith($p$).to($c$)
    com.proofpoint.configuration.ConfigBinder.bindConfig($b$).bind($c$).prefixedWith($p$)

    com.proofpoint.configuration.ConfigurationModule.bindConfig($b$).annotatedWith($a$).prefixedWith($p$).to($c$)
    com.proofpoint.configuration.ConfigBinder.bindConfig($b$).bind($c$).annotatedWith($a$).prefixedWith($p$)

  Then in each modified file optimize imports, statically import bindConfig(),
  and optimize imports again.

  We also deprecated the constructors in the ConfigurationModule.bindConfig()
  EDSL as they should not have been public.

* HttpClient and Discovery

  The HttpServiceBalancer used by the BalancingHttpClient now accepts multiple
  copies of the same destination URI, weighting it appropriately when
  balancing requests.

  We increased the defaults for http-client.max-connections-per-server
  and http-client.max-requests-queued-per-destination from 20 to 100.

  The Discovery client now interprets a "weight" property in an service
  descriptor as the number of copies of the destination URI to add to
  the HttpServiceBalancer.

* We now log the admin URI to the bootstrap log.

* We added a dependencyManagement section for guava-testlib to the library pom.

* [Bug] Specify permissions for SL_TOKEN_FILE

* Library Upgrades

  - Guava to 26.0-jre (was 25.0-jre)
    Removed several deprecated Futures methods which implicitly used
    directExecutor(). Code must explicitly pass directExecutor().
  - Jersey to 2.27 (was 2.25.1)
    Injected context objects, returned from a supplier bound with
    JaxrsBinder.bindInjectionProvider(), will no longer have @PostConstruct
    methods called.

* Maven plugin upgrades

  - build-helper-maven-plugin to 3.0.0 (was 1.10)
  - docker-maven-plugin to 0.26.1 (was 0.24.0)
  - duplicate-finder-maven-plugin to 1.3.0 (was 1.2.1)
  - jacoco-maven-plugin to 0.8.2 (was 0.8.1)
  - maven-assembly-plugin to 3.1.0 (was 2.6)
  - maven-clean-plugin to 3.1.0 (was 3.0.0)
  - maven-dependency-plugin to 3.1.1 (was 2.10)
  - maven-invoker-plugin to 3.1.0 (was 2.0.0)
  - maven-resources-plugin to 3.1.0 (was 2.7)
  - maven-shade-plugin to 3.1.1 (was 2.4.3)
  - maven-site-plugin to 3.7.1 (was 3.5.1)
  - maven-source-plugin to 3.0.1 (was 3.0.0)
  - modernizer-maven-plugin to 1.6.0 (was 1.5.0)
  - rpm-maven-plugin to 2.2.0 (was 2.1.5)

Platform 1.85

* We added support for Sealights under Docker

  If the project has a .build-docker file and the SL_TOKEN_FILE environment
  variable is set, then sl-test-listener.jar, buildSessionId.txt, and the
  token file that is the value of that environment variable are placed in
  the created Docker container.

* We added the "errorprone-compiler" Maven profile for compiling with the
  "Error Prone" compiler.

* We added dependency-scope-maven-plugin as a basic check. It may be disabled
  by setting the platform.check.skip-dependency-scope Maven property to true.
  Build failures may be turned into warnings by setting the
  platform.check.fail-dependency-scope Maven property to false.

* We configured the Maven duplicate finder to ignore Java 9 module-info.class
  files.

* We refactored the tests for the sample and skeleton servers to use AssertJ.

* We deprecated several methods in FileUtils.

* We deprecated HttpClientModule. This is an internal class.

* Library Upgrades

  - javax.ws.rs-api to 2.1 (was 2.0.1)
  - slf4j to 1.7.25 (was 1.7.16)

* Maven plugin upgrades

  - maven-enforcer-plugin to 3.0.0-M1 (was 1.4.1)
  - maven-javadoc-plugin to 3.0.1 (was 2.9)
  - maven-surefire-plugin to 2.22.0 (was 2.19.1)

Platform 1.84

* The "/admin/stop-announcing" resource on the admin port now accepts the
  "server.admin" role in the SecurityContext for authorization.

* JSON

  - We no longer write an explicit null value when serializing an empty
    value of type Optional.

* HttpClient

  - We deprecated RuntimeIOException and made it a subclass of
    UncheckedIOException. Users should switch the former to the latter.

* Logging

  We added an in-memory buffer to reduce locking contention around logging.

* Library Upgrades

  - Base docker image to 8u181-jdk (was 8u162-jdk)
  - mockito to 2.21.0 (was 2.2.28)
    - Added MockitoSession for strict mocking
  - objenesis to 2.6 (was 1.3)

Platform 1.83

* OpenApi

  We added to OpenApiModule the "/admin/openapi-admin.json" and
  "/admin/openapi-admin.yaml" resources on the admin port, returning the Open
  API Specification (OAS) description of the admin port's protocol.

* We removed the /admin/wadl resource from the admin port.

* HttpClient

  We modified HttpClient to avoid allocating a large byte array by buffering
  response data in chunks.

  We added BasicAuthRequestFilter, a request filter which performs basic
  authentication.

  [Bug] Request now correctly validates the URI scheme and that a URI with
  a scheme has a host.

* Stats

  We replaced the implementation of QuantileDigest with a more
  memory-efficient one.

  We fixed a thread safety issue in the Distribution copy constructor.

* Configuration

  We added ConditionalModule.installModuleIf() which conditionally installs
  a Guice module based on configuration.

  ConfigurationProvider has been marked as deprecated. It will no longer be
  public.

* JSON

  We improved the format of JsonCodec parsing exception messages.

  We added JsonCodec.toJsonWithLengthLimit().

* We extended the JaxrsBinder.bindInjectionProvider() DSL to accept a
  java.util.function.Supplier, not just its subclass
  com.google.common.base.Supplier.

* We added ThreadLocalCache, a ThreadLocal cache with a maximum cache size per
  thread.

* We added MoreFutures.unwrapCompletionException().

* We added TempFile for use with try-with-resources.

* We added EventDataType.INSTANT to support fields of type java.time.Instant

* We deprecated the TestingNodeModule constructors taking a Guava Optional
  in favor of newly created constructors taking a java.util.Optional.

* We changed ServiceDescriptorBuilder to generate a UUID in the build() call.
  Unless the ID is explicitly set each build() call will return a unique ID.

* Maven

  We added Modernizer as an extended checker. It may be disabled by setting
  the platform.check.skip-modernizer Maven property to true. Warnings may
  be turned into build failures by setting the platform.check.fail-modernizer
  maven property to true.

  We added dependencyManagement entries for assertj-core, assertj-guava,
  assertj-joda-time, and assertj-db.

  We removed the platform.test.fork-mode Maven property as the Surefire
  parameter it controlled is deprecated.

* Maven plugin upgrades

  - findbugs-maven-plugin to 3.0.5 (was 3.0.3)
  - maven-compiler-plugin to 3.8.0 (was 3.5.1)
  - maven-jar-plugin to 3.1.0 (was 2.6)

Platform 1.82

* HttpClient

  We ensured that JettyHttpClient propagates the trace token to callbacks
  added to the HttpResponseFuture returned from HttpClient.executeAsync().

* [Bug] JmxHttpModule() didn't work together with StaticDiscoveryModule().

Platform 1.81

* We added a "responseCodeFamily" tag containing the first digit of the
  response code to the HttpServer.RequestTimeByCode and JAX-RS
  ResourceClass.RequestTime metrics.

* Library Upgrades

  - Jackson to 2.9.6 (was 2.9.5) (fixes deserialization vulnerability
    CVE-2018-12022 and -12023 when using @JsonTypeInfo or "default typing")

Platform 1.80

* Reporting

  We fixed a bug with the Prometheus names of @Nested stats of summary
  type.

Platform 1.79

* Reporting

  We created ReportingPrometheusModule() for enabling Prometheus collection
  of the reporting metrics. The module may be used either in addition to or
  instead of ReportingClientModule() (which exports the metrics to KairosDB).

  ReportingPrometheusModule() exposes on the admin port a "/metrics" resource
  which returns the data in Prometheus format.

  This required making incompatible changes to Bucketed and BucketIdProvider.
  It is unlikely that code outside of Platform itself is directly using these
  classes.

* TestingHttpServer

  We changed TestingHttpServerModule and TestingAdminHttpServerModule to
  enable stack traces in error responses.

Platform 1.78

* Library Upgrades

  - Jetty to 9.3.24 (was 9.3.23)

Platform 1.77

* HttpServer

  We changed the default value of the "http-server.accept-queue-size"
  configuration option to 128 from 8000. The OS can truncate the accept queue
  size to the platform defaults. E.g. for linux, the effective server listen
  backlog queue size cannot be set greater than /proc/sys/net/core/somaxconn
  on the system. If you feel the need to increase httpAcceptQueueSize, increase
  the OS limit first.

* Docker

  We removed the "combine.children" attribute from the <images> array in the
  docker-maven-plugin configuration, allowing clients to add additional files
  into the created image.

Platform 1.76

* Discovery

  We delayed the check for HTTPS announcements with unqualified hostnames
  until the Announcer is asked to send an announcement. This was done to
  aid transition of services into Kubernetes.

* Maven plugin upgrades

- jacoco-maven-plugin to 0.8.1 (was 0.7.9)

Platform 1.75

* OpenApi

  We added OpenApiModule() in the "openapi" project. This exposes the
  "/admin/openapi.json" and "/admin/openapi.yaml" resources on the admin port,
  returning the Open API Specification (OAS) description of the service
  port's protocol.

Platform 1.74

* We added the "http-server.internal-networks" configuration property.
  This takes a comma-separated list of IPv4 CIDR blocks which are trusted
  (in addition to private networks) when processing the X-Forwarded-For:
  header on incoming requests.

* We disabled the TLS 1.0 protocol.

* Library Upgrades

  - Jetty to 9.3.23 (was 9.3.22)
  - Guava to 25.0-jre (was 23.3-jre)
  - joda-time to 2.9.9 (was 2.9)
  - testng to 6.14.3 (was 6.10)

Platform 1.73

* Library Upgrades

  - Jackson to 2.9.5 (was 2.8.4) (fixes deserialization vulnerability
    CVE-2018-7489 when using @JsonTypeInfo or "default typing")
  - Base docker image to 8u162-jdk

Platform 1.72

* Docker

  We made the .build-docker support no longer create or push a "latest" tag.

* Configuration

  We made the parsing for boolean configuration properties stricter,
  generating an error for values other than case-insensitive "true" or
  "false".

* Maven plugin upgrades

  - docker-maven-plugin to 0.24.0 (was 0.22.1)

Platform 1.71

* Health checks

  We added a @HealthCheckRestartDesired annotation, which may be placed
  on either a method with no arguments or a field of type AtomicReference.
  When the object is bound with HealthBinder, the method will be called or
  the field will be examined by the "/liveness" resource. A value of
  null indicates healthy; any other value indicates a critical problem, with
  the toString() used as the message.

Platform 1.70

* Launcher

  If an etc/secrets.properties file exists, it will be used as a default for
  --secrets-config.

Platform 1.69

* The systemd service file now limits restarts of the service to 5 per minute.

* Library Upgrades

  - Guice to 4.2.0 (was 4.0)

Platform 1.68

* Launcher

  We added support for an etc/jvm.properties file as an alternative for the
  jvm.config file. When the jvm.properties file is present it will be used
  instead of jvm.config. Each property in that Java properties file is used to
  construct a Java command-line argument by concatenating the property
  key and value (without the = in between). The "-classpath" key is handled
  as a special case, resulting in the key and value being separate arguments.

  If there is no -Xmx Java argument, the launcher now uses the
  -XX:UseCGroupMemoryLimitForHeap argument to set the heap size limit to the
  Docker container's memory limit.

  If running under Kubernetes and the javax.net.ssl.trustStore property has
  not been overridden in the jvm configuration, the launcher now adds the
  Kubernetes cluster CA to the trust store used by the launched process.

* BalancingHttpClient

  - We enabled retry budgets and failure accrual by default.

* Discovery

  We created a Announcer.startIfNotKubernetes() method which calls
  Announcer.start() only when not running under Kubernetes.

* We now allow the "-" character in the "node.pool" configuration option.

* Deprecation removals

  We removed the following deprecated features:

  - Implicitly bound JAX-RS resources. All JAX-RS resources must now be bound
    with JaxrsBinder.
  - The jaxrs.query-params-as-form-params configuration option
  - JaxrsBinder.bind(TypeLiteral<?>)
  - JaxrsBinder.bind(Key<?>)
  - JaxrsBinder.bindAdmin(TypeLiteral<?>)
  - JaxrsBinder.bind(Key<?>)
  - HttpRequestEvent
  - Logging.createFileAppender(String, int, long, Encoder<T>, Context)
  - Logging.logToFile(String, int, long)

Platform 1.66

* [Bug] Fix incorrect property name for --secrets-config.

Platform 1.65

* Configuration

  We added an optional --secrets-config flag to the launcher. If this is
  provided, Platform will read additional configuration properties from it.
  In a future version all properties in this file will be required to be
  consumed by a configuration attribute that is annotated with
  @ConfigSecuritySensitive.

* Docker

  - Default base image upgraded to openjdk:8u151-jdk

Platform 1.64

* Docker

  The uid of the "service" user may be specified by setting the
  project.docker.uid Maven property.

* Java 9

  We fixed some issues which prevented running Platform applications on Java
  9. To run under Java 9, the following options must be present in jvm.config:

  --add-modules
  java.xml.bind
  -Djdk.attach.allowAttachSelf=true

* Library Upgrades

  - Jetty to 9.3.22 (was 9.3.20)
  - Guava to 23.3-jre (was 23.1-jre)

Platform 1.63

* Docker

  Client projects that want to create a Docker image may now do so by creating
  a ".build-docker" file. The image name may be overridden by setting the
  project.docker.name Maven property. The name of the base image may be
  overridden by setting the project.docker.from Maven property.

  A client project that does not need a distribution RPM or tar file is not
  required to have a .build-distribution or .build-rpm file in order to create
  a Docker image.

  The image installs the service under the "/service" directory and runs the
  service as the user "service".

* Discovery

  If neither "service-inventory.uri" or "testing.discovery.uri" are configured
  then the discovery client will query Kubernetes for the discovery service by
  doing a DNS lookup on "discovery".

* The bootstrap.log is now configured independently of the launcher.log
  and will be written on a "launcher run".

Platform 1.61

* The launcher now works when specifying a GC other than the ConcMarkSweep
  in jvm.config.

* Library Upgrades

  - Guava to 23.1-jre (was 23.0)
  - Jersey to 2.25.1 (was 2.23.1)
  - auto-value to 1.5 (was 1.3)

* Maven plugin upgrades

  - jacoco-maven-plugin to 0.7.9 (was 0.7.6.201602180812)

Platform 1.60

* Launcher

  The launcher now issues a warning if the java.library.path property is
  set to a value that is not likely to work.

  [Bug] Disable console logging only in daemon mode

* Library Upgrades

  - Guava to 23.0 (was 22.0)

Platform 1.59

* We changed the format of the http-request.log to JSON. The old behavior
  may (for now) be retained by setting the configuration property
  "http-server.log.format" to "TSV".

* Audit Logging

  We created a new facility for logging auditable events in a new
  JSON-format log named "audit.log".

  An audit record is any Jackson-annotated class without top-level
  JSON properties named "time", type", or "traceToken".

  To log records, include AuditLogModule in the application's modules and
  use AuditLoggerBinder to Guice-bind an AuditLogger implementation for the
  particular record class. Then use the Guice-injected AuditLogger<T> to log
  records of that type.

  We also supply a TestingAuditLogModule which permits unit tests to retrieve
  representations of the logged records from a TestingAuditLog.

* We improved the error responses generated when parsing JSON fails.
  We also log JSON parse errors at info level.

* Library Upgrades

  - Jetty to 9.3.20 (was 9.3.19)
  - Jackson to 2.8.9 (was 2.7.9 and jackson-databind 2.7.9.1)

Platform 1.58

* BalancingHttpClient

  The BalancingHttpClient now implements retry budgets. Over a period
  configured from the "http-client.retry-budget.ratio-period" configuration
  option (default 10s) the number of retries attempted will be limited to a
  ratio (configured from "http-client.retry-budget.ratio") of requests
  submitted. A number of retries per second (configured from
  "http-client.retry-budget.min") will additionally be permitted.

  The number of retries that are not attempted due to the budget will be
  reported using the HttpClient.QUALIFIER.RetryBudgetExhausted.Count
  metric.

  This feature is currently effectively disabled with large configured ratios
  and minimums. Recommended values are 0.2 for ratio and 10 for minimum.
  This feature should only be enabled in combination with failure accrual.

* [Bug] The reporting client catches and logs exceptions thrown while
  collecting metrics.

* [Bug] Cleaned up configuration warnings exposed by the refactor in the
  previous release.

* Library Upgrades

  - logback to 1.2.3 (was 1.1.8)

Platform 1.57

* BalancingHttpClient

  The HttpServiceBalancer now implements failure accrual. Destinations
  that fail than a configurable number of times in a row will be removed from
  consideration for a configurable backoff. This is currently disabled by
  default and is configured with the
  "service-balancer.SERVICE.consecutive-failures" configuration option. A
  value of "5" is recommended.

* Discovery

  We created a StaticDiscoveryModule which does not talk to the discovery
  service. It instead obtains service location from configuration, using
  a comma-separated list of URIs from the "service-balancer.SERVICETYPE.uri"
  config option.

* Configuration

  Warnings from config objects built by a ConfigurationAwareProvider are now
  reported. Such objects are also enumerated by ConfigurationInspector and
  thus the corresponding configuration is logged upon startup.

  In order to permit a ConfigurationAwareProvider to inspect the application
  modules, we added a buildConfigObjects(Iterable<? extends Module>) method.

  We removed ConfigurationAwareProvider.setWarningsMonitor().

  We deprecated the
  ConfigurationValidator(ConfigurationFactory, WarningsMonitor) constructor.
  Use the new ConfigurationValidator(ConfigurationFactory) constructor.

  We deprecated the ConfigRecord.createConfigRecord(ConfigurationFactory)
  static factory method. Callers should not be creating their own ConfigRecord
  objects.

  ConfigRecord.getKey() can now return null and
  ConfigRecord.getComponentName() can now return the empty string
  (both if the config object was built by a ConfigurationAwareProvider).

* Library Upgrades

  - Guava to 22.0 (from 21.0)
    - [Bug] Fix LocalCache.compute() deadlock issue
    - HostAndPort.getHostText() removed (use HostAndPort.getHost())

Platform 1.56

* HttpClient and HttpServer

  [Bug] In some cases the Jetty HttpClient.execute() method would leave the
  request in progress after returning.

  HttpServer no longer sets the blocking timeout. That was an ineffective
  workaround.

* BalancingHttpClient

  The BalancingHttpClient now implements backoff between retries using
  decorrelated jitter. The minimum and maximum delays between attempts
  are configurable.

  We created HttpClientBinder.bindBalancingHttpClient(String, Annotation,
  String, Set<URI>) and bindBalancingHttpClient(String, Annotation, String,
  Key<? extends HttpServiceBalancer>) methods for binding static or custom
  BalancingHttpClients to a parameterized Annotation.

* Logging

  We added Level.TRACE and Level.ALL log levels.

* JAX-RS

  We added JaxrsModule.adminOnlyJaxrsModule() for servers that want to provide
  their own custom servlet but still have the admin port JAX-RS services.

* Library Upgrades

  - Jetty to 9.3.19 (from 9.3.15)

Platform 1.55

* RPM packaging

  The rpm-maven-plugin upgrade in 1.53 created RPMs with an empty classifier.
  We restored the previous classifier of "rpm".

* Library Upgrades

  - Jackson to 2.7.9 (was 2.6.4)
    - jackson-databind to 2.7.9.1 (fixes deserialization vulnerability
      when using @JsonTypeInfo or "default typing")
    - ObjectMapper default timezone now UTC, not GMT
    - JsonInclude.Include.NON_EMPTY now only applies to Collection, Map,
      array, and String (not default scalar values)

Platform 1.54

* Configuration

  We improved the error message when a required configuration property is
  missing.

* Trace tokens

  Since the trace token is (as of Platform 1.43) included in the thread name,
  it was being included in the launcher.log twice. We removed it from its old
  location.

* [Bug] Set the blocking timeout to be more than the idle timeout.

* [Bug] Fix the blocking timeout to apply independently to each read call.

Platform 1.53

* Library Upgrades

  - commons-math removed (was 2.2)

* Maven plugin upgrades

  - rpm-maven-plugin 2.1.5 (from 2.1-alpha-4)
    Configuration changed to make RPM version and release attributes available
    as properties.

Platform 1.52

* DiscoveryBinder.bindHttpAnnouncement() will include the admin port URL in a
  new "admin" property of the service announcement.

* JAX-RS

  JAX-RS resource method parameters may now be annotated with
  @com.proofpoint.reporting.Key annotations. The metrics generated
  by such method calls will then be broken down by the toString of the
  corresponding parameter values, similar to a report collection.

* Reporting

  We created TestingReportingModule for unit tests that need to test the
  reported metrics that are generated. It provides a ReportingTester that
  can be used to collect and return reported metrics.

* HttpClient

  The HttpClient.IoPool.*.FreeThreadCount metric now uses the HttpClient's
  config prefix, with lower-hyphen converted to upper-camel, instead of the
  qualifer as the third component in its name. This was because previously
  multiple BalancingHttpClients would generate multiple metrics with the same
  name, leading to exceptions.

* [Bug] Fixed the Platform-provided ExceptionMapper classes to not pick up
  media types from the resource method annotations.

Platform 1.51

* Trace tokens

  We extended TraceTokenManager to support adding additional properties to the
  trace token state. To this end, we created a new TraceToken class and
  deprecated TraceTokenManager.getCurrentRequestToken() in favor of the new
  TraceTokenManager.getCurrentTraceToken().

  We changed the format of trace token ids created by the HTTP server so that
  they start with an encoding of the server's and client's IPs.

* We increased the default HttpClient connection timeout to 2 seconds.

* We suppress logging the thread dump when Bootstrap is in quiet mode.

* [Bug] The HttpServer.BusyThreads.Max metric leaked counts for calls
  that threw uncaught exceptions.

* Library Upgrades

  - Guava to 21.0 (from 20.0)
    - Objects.firstNonNull() and Objects.toStringHelper() removed
      (use MoreObjects)
    - MoreExecutors.sameThreadExecutor() removed
      (use directExecutor() or newDirectExecutorService())
    - MapConstraint and MapConstraints removed

Platform 1.50

* Deprecation removals

  We removed the following deprecated features:

  - @ConfigMap
  - ConfigurationModule.registerConfigurationClasses(Module)
  - The TestingHttpClient constructors taking Function
  - The public TestingResponse constructors
  - TestingResponse.mockResponse(HttpStatus, MediaType, String)
  - AsyncHttpClientModule
  - HttpClientAsyncBindingBuilder
  - The unused http-client.keep-alive-interval config option

* Version numbers

  We added the application and Platform version numbers to NodeInfo.

  The ReportCollector.ServerStart and ReportCollector.NumMetrics metrics
  now carry applicationVersion and platformVersion tags.

  The admin port now has an /admin/version resource which returns the
  application name, version, and Platform version.

* We added an /admin/jstack resource on the admin port to dump the thread
  stacks.

* Bootstrap

  Bootstrap now sets a default uncaught exception handler that logs the
  exception.

* Events

  The event client now supports sending events that are implemented with
  AutoValue (or other subclasses of the event class).

Platform 1.49

* HttpServer sets the blocking timeout in order to work around a Jetty bug.

* Library Upgrades

  - Jetty to 9.3.15 (from 9.3.14)
    - [Bug] fixes deadlocks in HttpServer

Platform 1.48

* We dump the thread stacks upon shutdown.

* Bootstrap

  We created Bootstrap.bootstrapTest() to simplify using Bootstrap in unit
  tests. We deprecated Bootstrap.setRequiredConfigurationProperty() and
  Bootstrap.setRequiredConfigurationProperties() when not using
  Bootstrap.bootstrapTest().

* HttpClient

  HttpClient implementations now forward trace tokens by default. We added
  a .withoutTracing() method to the binding builders to disable this and
  deprecated the .withTracing() method.

  We added an HttpClient.IoPool.Shared.FreeThreadCount metric to track
  the count how much unused thread capacity is in the shared client IO pool.
  There are also corresponding metrics for private client IO pools.

  We changed the BalancingHttpClient to call the ResponseHandler with the
  Request as made to the selected instance instead of the Request that was
  passed to the BalancingHttpClient. That way, the ResponseHandler may inspect
  the Request URI to determine which instance was used. In the case where the
  HttpServiceBalancer threw an exception (such as ServiceUnavailableException)
  the BalancingHttpClient will call the ResponseHandler with the Request that
  was passed to the BalancingHttpClient.

* JAX-RS

  We disabled processing of query parameters as form parameters for resources
  that consume application/x-www-form-urlencoded content. We added a
  configuration option "jaxrs.query-params-as-form-params" for re-enabling
  this behavior.

* We fixed warnings caused by how the library pom was invoking the Surefire
  plugin.

* [Bug] Ensure LifeCycleManager shutdown methods can log.

* [Bug] Catch and log exceptions thrown by LifeCycleManager shutdown methods.

* Library Upgrades

  - bval-jsr 1.1.2 (from bval-jsr303 0.5)
    - Code will need to change any references to the org.apache.bval.jsr303
      package to org.apache.bval.jsr
  - mockito to 2.2.28 (from 1.10.8)
    - Hamcrest matchers, such as Matchers.argThat(), have moved to
      MockitoHamcrest (MockitoHamcrest.argThat())
    - anyX() and any(SomeType.class) matchers now reject nulls and check type.
  - testng to 6.10 (from 6.9.6)
  - auto-value to 1.3 (from 1.1)
  - logback to 1.1.8 (from 1.1.7)

Platform 1.47

* We made the server refuse to start if the discovery client is configured to
  announce an HTTPS service with an unqualified hostname.

* We added TraceTokenCopyingExecutor, which wraps an ExecutorService to copy
  trace tokens into the destination thread for the duration of the call.

* HttpClient will periodically log a dump of its state upon getting a
  ClosedByInterruptException.

* Library Upgrades

  - Jetty to 9.3.14 (from 9.3.12)
  - Guava to 20.0 (from 19.0)

Platform 1.46

* We disabled JAX-RS resolution of relative URIs in the Location header, as
  it was preventing redirecting to URIs with less-than-strict quoting

Platform 1.45

* Reverted bval-jsr 1.1.1 back to bval-jsr303 0.5

Platform 1.44

* JAX-RS

  The JaxrsBinder EDSL now supports a .withApplicationPrefix() method which
  causes the reported metrics to have names prefixed with the application
  name.

  We deprecated the nonsensical JaxrsBinder.bind(TypeLiteral<?>),
  JaxrsBinder.bind(Key<?>), and their corresponding bindAdmin methods.

* HTTP/2 support

  The HTTP server now has experimental support for the HTTP/2
  protocol for HTTP only (not HTTPS). The server supports the HTTP/2
  cleartext upgrade mechanism (h2c) which allows running both versions
  of the protocol on the same port. Both versions are always enabled.

* HTTP Client API changes for Case-Insensitive Headers

  HTTP header field names are always lowercase in HTTP/2. They should
  always be treated as case insensitive, but the previous HTTP client
  API made that difficult by returning a map of strings.

  The .getHeaders() method of the Response interface and various
  ResponseHandler response objects, as well as the object constructors
  now use the new case-insensitive HeaderName class. Additionally,
  these objects now have a getHeaders() method that takes a field name
  and returns a list of field values.

* Logging

  We have created new configuration options "log.max-total-size" and
  "http-server.log.max-total-size" for limiting the total amount of
  space taken by archived log files.

  As part of this change, we deprecated the existing Logging.logToFile() and
  Logging.createFileAppender() methods for versions which take this new option
  as an additional parameter.

* HttpClient

  HttpClient will periodically log a dump of its state upon getting a
  RejectedExecutionException.

  We added configuration options for specifying the certificate trust store.

* Configuration

  We added a AbstractConfigurationAwareModule.build(Class<T>, String) method
  for building prefixed config objects.

* Library Upgrades

  - Jetty to 9.3.12 (from 9.3.11)
  - bval-jsr 1.1.1 (from bval-jsr303 0.5)
  - logback to 1.1.7 (from 1.1.5)

Platform 1.43

* We now disable use of the /admin/stop-announcing resource on the admin port
  when HTTPS is not enabled.

* We modified TraceTokenManager to put the trace token in the thread name.

* We disabled the following TLS ciphers:

  - TLS_RSA_WITH_AES_256_CBC_SHA256
  - TLS_RSA_WITH_AES_128_CBC_SHA256
  - TLS_RSA_WITH_AES_256_GCM_SHA384
  - TLS_RSA_WITH_AES_128_GCM_SHA256
  - TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
  - SSL_RSA_WITH_3DES_EDE_CBC_SHA

* JAX-RS

  We added support for a ClientInfo @Context parameter for getting the client
  IP address, following the X-Forwarded-For: header.

  We created the @AccessDoesNotRequireAuthentication annotation for use by
  JAX-RS request filters which would otherwise require authentication to
  access a JAX-RS resource. We annotated several Platform-provided JAX-RS
  resources with this annotation.

* We deprecated HttpRequestEvent.

* Library Upgrades

  - Jetty to 9.3.11 (from 9.3.7)

Platform 1.42

* Due to reports of random client request corruption, we reverted jetty
  to 9.3.7.

* We reverted the .withApplicationPrefix() method of the JaxrsBinder EDSL.
  While this change was source compatible, it was not binary compatible.
  This change will be made in a later version of Platform.

Platform 1.41

* We re-enabled http-server support for the SSLv2Hello protocol that Jetty
  disabled in Platform 1.39.

* AsyncSemaphore now uses JDK Function instead of Guava Function. This change
  is generally source-compatible but not binary-compatible.

* HttpServer

  We replaced the deprecated GzipFilter with GzipHandler.

* HttpClient

  We added a FullJsonResponseHandler.getResponseSize() method.

* We removed all usage of ThreadGroup.

* Library Upgrades

  - jmxutils to 1.19 (from 1.18) fixes the server not starting when LogJmxModule
    is used due to a Java 8 compatibility issue with jmxutils.
  - Jersey to 2.23.1 (from 2.22)

Platform 1.40

* We re-enabled the SHA1 ciphers that Jetty disabled in the http client
  in Platform 1.39.

* Logging configuration

  We added the "http-server.log.enabled" configuration option for disabling
  the HttpServer request log.

  We renamed the "log.output-file" configuration option to "log.path" to make
  it consistent with "http-server.log.path".

Platform 1.39

* Library Upgrades

  - Jetty to 9.3.11 (from 9.3.10)

Platform 1.38

* JAX-RS

  We deprecated the implicit JaxrsModule() constructor.
  Use JaxrsModule.explicitJaxrsModule() and explicitly bind JAX-RS resources
  using JaxrsBinder.

  The JaxrsBinder EDSL now supports a .withApplicationPrefix() method which
  causes the reported metrics to have names prefixed with the application
  name.

* HttpClient

  We improved the buffering of data from DynamicBodySource, reducing the
  overhead of chunked encoding.

  We added a BodySource.getLength() method, permitting DynamicBodySource
  and InputStreamBodySource implementations to specify the content length
  up front.

* [Bug] We allow '-' characters in the node.hostname config property.

* Library Upgrades

  - Jetty to 9.3.10 (from 9.3.7)

Platform 1.37

* We changed the logging of configuration upon startup to sort by property.

* We modified the launcher to refuse to start as root.

Platform 1.36

* We made AdminServerCredentialVerifier public.

* Maven release plugin

  We have reconfigured the maven-release-plugin to run tests during the
  release:prepare phase. Projects that configure the maven-release-plugin
  might need to adjust that configuration to account for these changes to
  the library POM.

* Fixed use of deprecated ignoredResources duplicate-finder-maven-plugin
  configuration option.

* [Bug] LoggingOutputStream incorrectly treated log lines as format strings.

Platform 1.35

* Maven plugin upgrades

  We have upgraded from the com.ning.maven.plugins
  maven-duplicate-finder-plugin 1.0.6 to the org.basepom.maven
  duplicate-finder-maven-plugin 1.2.1. Any client pom files that adjust the
  duplicate-finder configuration will need to do so using the new groupId and
  artifactId.

  - maven-deploy-plugin 2.8.2 (from 2.7)
  - maven-clean-plugin 3.0.0 (from 2.5)
  - maven-install-plugin 2.5.2 (from 2.4)
  - build-helper-maven-plugin 1.10 (from 1.8)
  - maven-enforcer-plugin 1.4.1 (from 1.2)
  - maven-compiler-plugin 3.5.1 (from 3.0)
  - maven-assembly-plugin 2.6 (from 2.5.3)
  - maven-surefire-plugin 2.19.1 (from 2.14)
  - maven-release-plugin 2.5.3 (from 2.5)
  - maven-jar-plugin 2.6 (from 2.4)
  - maven-source-plugin 3.0.0 (from 2.2.1)
  - findbugs-maven-plugin 3.0.3 (from 3.0.1)
  - jacoco-maven-plugin 0.7.6 (from 0.7.4)
  - maven-site-plugin 3.5.1 (from 3.2)
  - maven-gpg-plugin 1.6 (from 1.4)
  - maven-shade-plugin 2.4.3 (from 2.3)
  - maven-antrun-plugin 1.8 (from 1.7)

* [Bug] Allow lifecycle.stop-traffic.delay config option to be specified
  in config.properties.

* [Bug] The request.log omitted the URI query string.

Platform 1.34

* We demoted a dependency from the log module to the testing module to test
  scope. Projects that were inadvertently using this dependency to pull in
  the testing module will need to add their own dependency on testing in their
  pom.xml

* Health checks

  We added a @HealthCheckRemoveFromRotation annotation, which may be placed
  on either a method with no arguments or a field of type AtomicReference.
  When the object is bound with HealthBinder, the method will be called or
  the field will be examined by the "/inrotation.txt" resource. A value of
  null indicates healthy; any other value indicates a critical problem, with
  the toString() used as the message.

* Reporting

  Objects exported to the reporting subsystem (using ReportBinder,
  ReportExporter, or report collections) are no longer also exported to JMX.
  If you need them to continue to be exported to JMX, add corresponding calls
  to either ExportBinder or MBeanExporter.

  We have added easier to use ReportBinder.export() and
  ReportBinder.bindReportCollection() EDSLs. See the
  ReportBinder class JavaDoc for details. We have deprecated the
  ObjectName-based .as() methods.

  We have deprecated the .withGeneratedName() methods of the
  ReportBinder.export() and ReportBinder.bindReportCollection() EDSLs as
  they are no longer necessary.

  We have added an easier to use ReportExporter.export() method (and
  corresponding ReportExporter.unexportObject() method). See the method
  JavaDoc for details. We have deprecated the ObjectName-based
  ReportExporter.export() and ReportExporter.unexport() methods.

  We have added support for prefixing the metric name with the application
  name.

  We have added an easier to use
  ReportCollectionFactory.createReportCollection() method. See the method
  JavaDoc for details. We have deprecated the ObjectName-based
  ReportCollectionFactory.createReportCollection() method.

  We added support for report collection methods which take no arguments.
  The singleton object returned from such methods is constructed and exported
  when the report collection implementation is created. Such methods should
  normally be declared to return the non-sparse stats objects.

  We have added to TestingReportCollectionFactory .getArgumentVerifier(T)
  and .getReportCollection(T) methods that take the testing report collection
  returned from .createReportCollection(...) as their argument. These are now
  the preferred methods--the previous .getArgumentVerifier(Class) and
  .getReportCollection(Class) methods have been deprecated.

* Packaging

  Client projects that want to create a distribution tar file may do so by
  creating a ".build-distribution" file and inheriting directly or indirectly
  from the library pom, instead of inheriting directly from the
  rest-server-base pom. Client projects that want to create an rpm may now
  do so by inheriting directly or indirectly from the library pom (and
  creating a ".build-rpm" file).

* We re-enabled the RSA-SHA1 ciphers that Jetty disabled in the http client
  in Platform 1.32.

* [Bug] We fixed the skeleton server archetype to provide a blank README.txt

Platform 1.33

* RPM Packaging

  In order to support CentOS 7, the RPM created for a Platform service now
  includes a systemd service file.

Platform 1.32

* Bootstrap

  We added support to LifeCycleManager for a new @StopTraffic annotation. Upon
  server shutdown, methods annotated with @StopTraffic are called first, then
  shutdown waits for the duration in the "lifecycle.stop-traffic.delay"
  configuration option (default "0s"), then shutdown continues with calling
  methods annotated with @PreDestroy.

  We changed the Discovery service de-announcement to @StopTraffic.

* Reporting

  reportBinder.bindReportCollection() can now bind a report collection to an
  annotation.

  Report collections now handle java.util.Optional values.

* Maven

  We have configured maven-duplicate-finder-plugin to ignore duplicate
  javac.sh resources from Jetty packages.

* Library Upgrades

  - Jetty to 9.3.7 (from 9.3.6)
  - SLF4J to 1.7.16 (from 1.7.12)
  - Logback to 1.1.5 (from 1.1.3)

Platform 1.31

* The following deprecated features have been removed:

  - TraceTokenModule
  - The TraceTokenManager constructor has been made private.
  - BodyGenerator
  - StaticBodyGenerator implements BodySource instead of BodyGenerator.
  - Request.getBodyGenerator()
  - EventClient.post(EventGenerator), EventGenerator, and EventPoster.
  - NodeInfo.getBinarySpec(), NodeInfo.getConfigSpec(),
    NodeInfo.getInstanceId(), and the NodeInfo constructor that takes
    a binarySpec and configSpec.
  - The "http-client.max-connections" and "http-server.log-retention-time"
    configuration options.
  - The "etc/log.config" file. Use "etc/log.properties" instead.

  Additionally, Request.Builder.setBodyGenerator(BodyGenerator) changed to
  Request.Builder.setBodyGenerator(StaticBodyGenerator) (and remains
  deprecated).

Platform 1.30

* Skeleton server

  We have updated the skeleton server to run HTTPS by default.

* Library Upgrades

  - Guava to 19.0
  - Jackson to 2.6.4

Platform 1.29

* HttpClient

  The "http-client.max-requests-queued-per-destination" configuration option
  may now be set to the value "0". This permits as many outstanding requests
  as configured by the "http-client.max-connections-per-server" option, but
  will reject new requests once all those connections have been assigned
  requests.

* Library Upgrades

  - Jetty to 9.3.6

Platform 1.28

* JAX-RS

  We disabled on the main service port Jersey's automatic generation of WADL
  and default support of the OPTIONS method.

  We added an /admin/wadl resource to the admin port which returns the server
  port's WADL.

* Configuration

  Configuration objects are no longer treated as singletons, in order
  to avoid action at a distance.

  We deprecated ConfigurationFactory.registerConfigurationClasses(Module)

* HttpServer

  We created the http-server.stop-timeout configuration option to allow
  changing the amount of time upon server shutdown that requests are allowed
  to complete before being interrupted.

  We created new defaults for existing configuration options:

  http-server.https.keystore.path=etc/keystore.jks
  http-server.https.keystore.key=keystore

* Launcher

  The amount of time the launcher will wait for a server to gracefully stop
  before sending it a SIGKILL is now configurable through the
  launcher.stop-timeout-seconds system property. The default is "60".

* We added a "ci" Maven profile that builds Javadoc.

* We removed the dbpool sub-project.

* Library Upgrades

  - Jetty to 9.2.13
  - Jersey to 2.22
  - slf4j to 1.7.12
  - joda-time to 2.9 (Fixes a compatibility issue with Java 8u60.)
  - testng to 6.9.6
  - Jacoco to 0.7.4

Platform 1.27

* TestingResponse

  We created a new builder for TestingResponse and deprecated most of
  the previous methods of creating TestingResponse. For example:

      TestingResponse.mockResponse()
          .header("X-Foo", "bar")
          .jsonBody(object)
          .build();

* Skeleton server and Sample server

  The Maven archetypes now supply a gitignore file. This file should be
  renamed to ".gitignore" (it is impractical to get an archetype to create
  a file named ".gitignore").

  We have updated the skeleton and sample servers to reflect current practice.

  - The skeleton server Main class includes code to override the default value
    of http-server.http.port.
  - TestServer initializes and tears down the HttpClient once for the class.
  - Resource classes are tested only through TestServer.
  - TestServer no longer uses resource files to supply JSON.
  - The sample server no longer uses events

* Admin port

  We added an /admin/configuration resource to the admin port which permits
  retrieving the redacted configuration settings.

* HttpServer

  We created TestingAdminHttpServer and TestingAdminHttpServerModule for
  testing of admin port resources.

* Launcher

  We added the "-XX:HeapDumpPath=var" option to the set of default JVM options.

* [Bug] Fix connection hang when ResponseHandler throws without reading large
  response.

* Library Upgrades

  - AutoValue to 1.1

* Maven plugin upgrades
  - maven-resources-plugin to 2.7
  - maven-invoker-plugin to 2.0.0

Platform 1.26

* HttpServer

  We added a HttpServer.BusyThreads.Max metric that reports the maximum number
  of busy threads in the http-server pool.

* Library Upgrades

  - Jersey to 2.21

Platform 1.25

* BalancingHttpClient

  The balancer now reports a ServiceClient.Concurrency.Max metric that reports
  the maximum number of concurrent requests to any instance in the pool.

* Stats

  We created a MaxGauge stats class for reporting the maximum value, over the
  one minute reporting interval, value of a metric.

Platform 1.24

* Logging

  Platform applications with log.output-file configured now also write a
  bootstrap.log file in the same directory. The bootstrap.log file contains
  a copy of messages logged from Bootstrap and is truncated on every startup.
  This is intended to make the (redacted) configuration and other startup
  information more accessible when troubleshooting.

  We added Logging.addLogTester() and Logging.resetLogTesters() methods for
  writing unit tests that verify logging.

* TestingHttpClient

  We created a default constructor for TestingHttpClient. The constructed
  TestingHttpClient needs a call to setProcessor(Processor) before it can
  be effectively used.

  We added TestingHttpClient.getRequestCount().

* TestingTicker and SerialScheduledExecutorService

  We added TestingTicker.elapseTime() and deprecated TestingTicker.increment()
  for consistency with SerialScheduledExecutorService.

  We added elapseTimeNanosecondBefore() methods to TestingTicker and
  SerialScheduledExecutorService.

* Library Upgrades

  - jnr-posix to 3.0.17

Platform 1.23

* BalancingHttpClient

  When a ResponseHandler throws an exception, the ServiceClient.Failure.Count
  metric incremented is given an additional "handlerException" tag with a
  value of that exception's class.

* [Bug] Fixed the request log's logic for when to use addresses in the
  X-Forwarded-For: header.

  - Ignore X-Forwarded-For: if the connection is from an external IP address.
  - Use the closest (last-listed) external IP address, if any.
  - Use the furthest (first-listed) IP address if all addresses are internal.

* Library Upgrades

  - Jetty to 9.2.12

Platform 1.22

* BalancingHttpClient

  We a created HttpClientBinder.bindBalancingHttpClient(String name,
  Class<? extends Annotation> annotation, Set<URI> baseUris) method for
  binding a BalancingHttpClient with a fixed set of destination URIs.

  We a created HttpClientBinder.bindBalancingHttpClient(String name,
  Class<? extends Annotation> annotation,
  Key<? extends HttpServiceBalancer> balancerKey) method for
  binding a BalancingHttpClient with a custom HttpServiceBalancer.

  We added 499, 598, and 599 to the set of retryable response codes.

* Library Upgrades

  - Joda-time to 2.8

Platform 1.21

* DHE disabled

  We disabled all default-enabled DHE ciphers in both HttpServer and
  JettyHttpClient.

* Future Utilities

  We've added MoreFutures class which contains utility methods for Future and
  the new Java8 CompletableFuture.  For basic future, there are methods for
  fetching the future value with minimal exception handling.  For
  CompletableFuture, there are methods for easily creating futures.  Finally,
  we have added methods for converting to and from Guava ListenableFuture to
  ease the transition to CompletableFuture.

* HttpServer

  We changed the default value of the "http-server.accept-queue-size"
  configuration option to 8000.

* Library Upgrades

  - Jetty to 9.2.11

Platform 1.20

* TestingHttpClient

  We have deprecated the TestingHttpClient constructors that take a
  Function<Request, Response> in order to remove ambiguity when using
  a lambda. Use the Processor variants instead.

  We have added a TestingHttpClient.setProcessor() method.

* HttpClient

  We renamed the "http-client.read-timeout" configuration option to
  "http-client.idle-timeout".

  We added the "http-client.request-timeout" configuration option.

  We deprecated the unused "http-client.keep-alive-interval" configuration
  option.

* HttpServer

  We added the "http-server.accept-queue-size" configuration option.

* Threads

  Thread factories provided by the Threads utility class now add threads to a
  ThreadGroup.  Some tools organize threads by ThreadGroup which makes it
  easier to work with servers with lots of threads.  The ThreadGroup is named
  using:

    String.format(nameFormat, "group")

  This means the nameFormat must expect a String argument instead of an int.
  To ease migration, the code adapts formats with a single %d, but this may
  be removed in a future release.

* Discovery

  We have added an /admin/stop-announcing resource to the admin port.
  When a PUT request, using Basic authentication with the username and
  password configured as admin-server.username and admin-server.password,
  is sent to this resource then the discovery announcer will revoke all
  announcements and shut down.

  This change adds a dependency from JmxHttpModule to Discovery, which
  might break TestServer. TestServer usually doesn't need JmxHttpModule,
  so it can be removed.

* Logging

  We have replaced use of SLF4J in the logging backend with a custom logging
  implementation directly connected to Java util logging.  This eases
  management of logging dependencies as the core codebase no longer depends
  directly on any third party logging frameworks.

* Library Upgrades
  - Guice to 4.0

Platform 1.19

* Java 8 is now required

* JSON

  We added JSON serialization support for the JDK 8 Optional and JSR 310
  date/time classes.

* Library Upgrades
  - Jackson to 2.4.4

* Maven plugin upgrades
  - findbugs-maven-plugin to 3.0.1
  - maven-dependency-plugin to 2.10

Platform 1.18

* Bootstrap

  We added a new @AcceptRequests annotation for methods that start accepting
  requests into the application. The methods will be invoked after all
  @PostConstruct methods have been invoked. Upon shutdown, any @PreDestroy
  methods in the class will be invoked before those in non-@AcceptRequests
  classes.

* HttpServer

  We changed HttpServer.start() to be an @AcceptRequests method in order to
  ensure all dependencies are initialized before accepting client requests.

  This adds a dependency from HttpServerModule to Bootstrap, which might break
  unit tests that use HttpServerModule without Bootstrap. Such unit tests
  should be modified to use Bootstrap--see the sample server's TestServer.

* Reporting

  We now report upon startup a ReportCollector.ServerStart metric with a value
  of 1. This may be used to track server restarts.

* Library Upgrades

  - Jersey to 2.17
  - logback to 1.1.3

Platform 1.17

* Maven 3.2.3 required

  We increased the minimum version of Maven to 3.2.3.

* Deprecated APIs removed

  - AsyncHttpClient
  - BalancingAsyncHttpClient

* Deprecations

  - HttpClientAsyncBindingBuilder has been deprecated. Use
    HttpClientBindingBuilder instead.
  - AsyncHttpClientModule has been deprecated. Use HttpClientModule instead.

* Packaging

  maven-assembly-plugin is now configured to generate Posix tar files instead
  of Gnu tar files.

* [Bug] Report correct values for the HttpClient WrittenBytes metrics.

* Library Upgrades

  - Jetty to 9.2.10

Platform 1.16

* RC4 disabled

  We disabled all RC4 ciphers in both HttpServer and JettyHttpClient.

* Launcher

  The launcher jar now shades its jnr-posix and asm dependencies.

* Maven plugin upgrades
  - maven-assembly-plugin to 2.5.3

Platform 1.15

* Jetty security vulnerability fix

  Platform versions 1.07 through 1.14 have a critical information bleed
  vulnerability in the Jetty server.

* RelativeUriBuilder

  We created RelativeUriBuilder for building the relative URIs needed by
  BalancingHttpClient.

* Bootstrap

  We created Bootstrap.bootstrapApplication(Class<T>, Function<T, String>)
  for setting the application name based on configuration.

* We reimplemented SmileBodyGenerator to be a StaticBodyGenerator.

* Library Upgrades

  - Jetty to 9.2.9

Platform 1.14

* JAX-RS

  We created JaxrsBinder.bindInjectionProvider() to support JAX-RS Custom
  Injection Providers. Use this to bind a type to a Supplier of that type.
  The objects returned from the Supplier will be field and method injected
  by Jersey and any PostConstruct and PreDestroy methods will be called at
  the appropriate time.

  We now enable the JAX-RS MIME Multipart support.

Platform 1.13

* HttpClient

  Using a BodyGenerator that is not a StaticBodyGenerator with JettyHttpClient
  when there are more concurrent requests than half the maximum threads in the
  thread pool can lead to deadlocks. To mitigate this, we have made the
  following changes:

  - We created a new marker interface BodySource.
  - BodyGenerator extends BodySource.
  - We created the interface DynamicBodySource to replace BodyGenerator.
  - We deprecated BodyGenerator. Consumers should use BodySource instead.
    Producers should recode to use DynamicBodySource.
  - We deprecated StaticBodyGenerator.write(OutputStream).
    StaticBodyGenerator is not deprecated, but after the deprecation period
    it may extend BodySource instead of BodyGenerator.
  - We deprecated Request.getBodyGenerator(). Use the newly created
    Request.getBodySource() instead.
  - We deprecated Request.Builder.setBodyGenerator(BodyGenerator). Use
    Request.Builder.setBodySource(BodySource) instead. This change will
    probably have a longer than usual deprecation period.
  - We replaced SingleUseBodyGenerator with the LimitedRetryable interface.
  - We created InputStreamBodySource for reading the body from an
    InputStream. HttpClient implementations will not call close() on the
    InputStream.
  - We created BodySourceTester to help test BodySource implementations.
  - We changed the reporting client to use DynamicBodySource.

* BalancingHttpClient

  - The RetryingResponseHandler used by BalancingHttpClient will only include
    an exception's stack in the log once per 30 seconds per exception class.
  - If a Request has a BodySource that implements LimitedRetryable, the
    BalancingHttpClient will not retry a request unless
    LimitedRetryable.isRetryable() returns true.

* Events

  - We changed the HttpEventClient to use a private IO pool. We recommend
    that applications remove HttpEventModule from their Bootstrap invocation
    unless they have a need to send events.
  - We deprecated EventClient.post(EventGenerator) and EventGenerator.
    This interface effectively required implementation on top of
    BodyGenerator. No replacement is currently planned.
  - We changed the HttpEventClient.post(Iterable) and .post(T...)
    implementations to use DynamicBodySource.

Platform 1.12

* We improved the previous BodyGenerator bug fix to remove a race condition.

Platform 1.11

* SingleUseBodyGenerator

  We created SingleUseBodyGenerator, an abstract class implementing
  BodyGenerator that enforces only being called once. The BalancingHttpClient
  will not retry a request once a SingleUseBodyGenerator has been called.

* Trace Token improvements
  - TraceTokenManager.registerRequestToken() now returns a TraceTokenScope
    which can be used with try-with-resources to restore the thread's previous
    token state.
  - TraceTokenManager methods are now all static.
  - TraceTokenModule is no longer needed and has been deprecated.
  - HttpClient now propagates the trace token to BodyGenerator and
    ResponseHandler calls.

* Library Upgrades

  - AutoValue to 1.0
  - Jetty to 9.2.7
  - jnr-posix to 3.0.9

* [Bug] Interrupt the BodyGenerator thread on write failure. This might have
  been the cause of HttpClient hangs.

* [Bug] Fixed status code for JAX-RS query parameter parse error

  When a query parameter cannot be parsed (for example in Integer parameter
  whose supplied value could not be converted to an Integer), a
  400 BAD REQUEST will be issued instead of the Jersey default 404 NOT FOUND.

Platform 1.10

* [Bug] NPE if config class bound both with and without a config prefix.

* [Bug] DiscoveryBinder.bindDiscoveredHttpClient() exporting HttpClient
  metrics with wrong name.

Platform 1.09

* Deprecated APIs removed

  - Bootstrap public constructors
  - ConfigAssertions.assertDefaults()
  - ConfigAssertions.assertDeprecatedEquivalence()
  - "node.binary-spec" and "node.config-spec" configuration options
  - MeterStat
  - TimedStat
  - Duration.convertTo()

* Guava 17 compatibility

  We reverted use of features preventing running with Guava 17.

* Library upgrades

  - slf4j to 1.7.8

Platform 1.08

* Configuration module defaults

  Guice modules may now override default configuration values by implementing
  ConfigurationDefaultingModule.getConfigurationDefaults(). Such defaults
  override those in the config classes but are themselves overridden by
  Bootstrap.withApplicationDefaults().

* AsyncSemaphore

  AsyncSemaphore is a non-blocking concurrency throttler for asynchronous
  tasks. It guarantees that no more than a fixed number of asynchronous tasks
  will be outstanding at any point in time without blocking any submission
  threads. Task completion is determined by a ListenableFuture returned by the
  supplied submitter function.

* Discovery read timeout

  We reduced the discovery client's default read timeout to 5 seconds. This
  is to avoid announcements timing out of Discovery when one or more
  Discovery servers hang.

* HttpClient request queue size default change

  We reduced the http-client.max-requests-queued-per-destination default to
  20. We recommend this be set to the same value as
  http-client.max-connections-per-server as larger values can cause requests
  to queue for inordinate amounts of time.

* Stack traces in HTTP error responses

  The HTTP server now shows stack traces in error responses if
  "http-server.show-stack-trace" is set to "true".

* Node ID logged on startup

* [Bug] HttpClient metric names now start with "HttpClient" instead of
  "AsyncHttpClient".

* [Bug] Fixed JettyHttpClient IllegalStateException when handling an exception
  thrown from a BodyGenerator.

* Library upgrades

  - Jetty to 9.2.6

Platform 1.07

* AbstractConfigurationAwareModule

  Extending this module makes it easy to access configuration at binding time,
  which allows conditionally installing modules or bindings based on config.

* Library upgrades

  - Jetty to 9.2.3
  - slf4j to 1.7.7
  - logback to 1.1.2
  - Jackson to 2.4.3
  - Jersey to 2.13
  - Joda-time to 2.5
  - Mockito to 1.10.8
  - cglib to 3.1

Platform 1.06

* SSLv3 disabled in both http-client and http-server

* AutoValue support

  The libarary pom now specifies a version and excludes for Google AutoValue.
  Google AutoValue <https://github.com/google/auto/tree/master/value> simplifies
  the creation of immutable value classes.

  The sample server has been updated to demonstrate AutoValue.

* Smile support in http-client

  We added SmileBodyMapper, SmileResponseHandler, and
  FullSmileResponseHandler classes to the http-client sub-project.

* SetThreadName

  The SetThreadName class takes advantage of try-with-resources to safely rename a
  thread and restore its original name when it goes out of scope.

  Here's a usage example:

      try (SetThreadName ignored = new SetThreadName("query-%s", queryId)) {
          ...
      }

* Rack moved to separate project

  We moved the rack packaging support into the platform-rack project.

* We changed the Logger API to work directly against Java's built-in logging APIs.

* HttpClient

  - Name and group Jetty HTTP client threads
  - Always use daemon threads in HTTP client
  - Add getResponseBytes() and getResponseBody() to FullJsonResponseHandler

* We added Announcer.forceAnnounce() to immediately send a discovery announcement.

* We added more utility methods to Closeables

* We changed Duration.nanosSince() to convert to the most succinct unit.

* Library upgrades
  - Guava to 18.0

Platform 1.05

* Findbugs run by default

  Findbugs is now hooked into the verify lifecycle phase. (The previous
  attempt was missing a step.) Failing the build on Findbugs failures is
  now disabled by default.

* Reporting

  We added support for reporting string values to KairosDB. Reported values
  that are not Number or Boolean have their toString() reported as a string.

* MaxDataSize and MinDataSize

  We added MaxDataSize and MinDataSize Bean validations.

* HttpClient

  We added a "http-client.max-requests-queued-per-destination" config option
  (default 1024).

* Thread Factory

  We have changed the thread factory implementations to capture the thread
  context class loader during factory creation and set this class loader on
  threads created by the factory.

* Smile mapper

  We have added a JAX-RS mapper encoding responses using Smile.  Smile is a
  highly efficient binary encoding of JSON data.  For more information on
  Smile see: http://wiki.fasterxml.com/SmileFormatSpec

* Library upgrades
  - joda-time to 2.4
  - Jersey to 2.12
  - Jetty to 9.2.2
  - Jackson to 2.4.2

* Maven plugin upgrades
  - findbugs-maven-plugin to 3.0.0

* [Bug] Don't unannounce from discovery if Announcer never started.

Platform 1.04

* RPM packaging

  We added support to rest-server-base for packaging projects into RPMs.
  This profile is activated on Linux by creating a file .build-rpm in
  the root of the module or submodule. This file can be empty. The RPM
  is attached as an additional artifact.

  The username used to run the server defaults to ${project.artifactId}
  and can be changed by setting the property ${project.rpm.username}.

  The RPM will stop the server upon upgrade or removal and will refuse
  to install if the server username does not exist.

* Maven 3.2.2 required

  In order to support RPM packaging, we increased the minimum version of
  Maven to 3.2.2.

* Library upgrades
  - Guava to 17.0

* Maven plugin upgrades
  - findbugs-maven-plugin to 2.5.2
  - maven-release-plugin to 2.5

Platform 1.03

* JAX-RS 2

  We have upgraded to Jersey 2.9.1 which implements the JAX-RS 2 specification.
  Platform clients need to change the dependency:

    <groupId>com.sun.jersey</groupId>
    <artifactId>jersey-core</artifactId>

  to:

    <groupId>javax.ws.rs</groupId>
    <artifactId>javax.ws.rs-api</artifactId>

  As part of this upgrade we have introduced an explicit binder for JAX-RS
  resources. For example, the following registers the person JAX-RS resource:

    JaxrsBinder.jaxrsBinder(binder).bind(PersonResource.class)

  The new explicit binding code is backwards compatible with the "binding
  scraping" code, so you do not need to immediately update your code. The new
  JaxrsModule will print a warning for each resource that was not explicitly
  bound, so it is easy to find update existing code. Once you have updated
  everything, use JaxrsModule.explicitJaxrsModule() to prevent regressions.
  In a future version we will remove the backwards compatibility, so please
  update soon.

  We have removed JaxrsBinder.bindResourceFilterFactory(). Users of this  will
  have to convert their ResouceFilterFactory implementations to JAX-RS 2
  server filters.

Platform 1.02

* BalancingHttpClient

  We added DiscoveryBinder.bindDiscoveredHttpClient(String) and
  DiscoveryBinder.bindDiscoveredHttpClient(String, ServiceType) methods which
  bind the HttpClient with the @ServiceType(type) annotation.

* Library updates
  - jacoco to 0.7.1 (fixes failures when compiling with JDK 8)

Platform 1.01

* Change packaging to not include zip file dependencies

* Library updates
  - jmxutils to 1.18
  - findbugs-annotations to 2.0.3

* [Bug] Fix Discovery announcer client to handle zero announcements

* [Bug] Fix inadvertent masking of errors when detecting jmx agent

Platform 1.00

* HttpServer

  We restored support for compressed request bodies. This had been removed in
  the Jetty 9 upgrade in Platform 0.91.

* JsonCodec

  We added JsonCodec.withoutPretty() which returns a JsonCodec that doesn't
  add whitespace to the encoded JSON.

* Assertions

  We added Assertions.assertNotContains() methods.

Platform 0.99

* HTTPClient

  - We have disabled following HTTP redirects by default. Redirects may be
    enabled per-request using Request.Builder.setFollowRedirects(true).

* HttpServiceSelector

  HttpServiceSelector is now deprecated. Code using it should be rewritten
  to use a BalancingHttpClient instead.

Platform 0.98

* JaCoCo replaces Cobertura

  We replaced Cobertura with JaCoCo. JaCoCo is now run by default in projects
  that use library or rest-server-base as a parent POM.

* TimeStat and SparseTimeStat

  - TimeStat and SparseTimeStat now export a Total metric.

  - We added a BlockTimer.timeTo() method for changing the stat object used
    to record the time.

* BoundedExecutor

  We added BoundedExecutor, which guarantees that no more than maxThreads will
  be used to execute tasks.

Platform 0.97

* Events

  - The event client now retries failed requests.
  - The Future returned from EventClient.post() now fails with
    UnexpectedResponseException when the collector service returns a failure
    response code.

Platform 0.96

* JMX

  - We no longer announce the "jmx" service to discovery.

  - We no longer enable remote JMX by default. Remote JMX may be enabled with
    the "jmx.enabled" config option.

* HttpClient

  This release fixes a couple of performance issues and bugs in the HttpClient:
    - The client was inadvertently requesting GZIP responses. We've disabled this
      behavior since it affects CPU utilization.
    - We've fixed an issue in the way the response buffers are managed that
      affects performance due to unnecessary resizing.
    - The maximum response size was hard-coded instead of using the existing
      config option.

* Library upgrade
  - Jetty to 9.1.4

Platform 0.95

* Reporting

  - We changed some metric names:

    - RequestStats.* renamed to HttpServer.*
    - DetailedRequestStats.RequestTime.* renamed to HttpServer.RequestTimeByCode.*
    - Failure.Count renamed to ServiceClient.Failure.Count
    - ResponseTime.* renamed to ServiceClient.RequestTime.*

  - We no longer report a MaxError metric from TimeStat and DistributionStat.

  - We no longer include a "package" tag in reported metrics.

  - We removed the HttpClient._BindingAnnotation_.Count metric as redundant.

* Stats

  We have deprecated CounterStat.update(long), replacing it by CounterStat.add(long)

  We created SparseCounterStat, etc. for use with report collections. These stats
  objects do not report any metrics for minutes in which no data were added to the
  object. They also do not export any attributes to JMX.

* Configuration

  The @ConfigMap annotation is no longer necessary and is deprecated.

Platform 0.94

* The launcher now invokes the JVM with the following default switches:

    -server
    -XX:+UseConcMarkSweepGC
    -XX:+ExplicitGCInvokesConcurrent
    -XX:+HeapDumpOnOutOfMemoryError
    -XX:+AggressiveOpts
    -XX:+DoEscapeAnalysis
    -XX:+UseCompressedOops
    -XX:OnOutOfMemoryError=kill -9 %p

* We removed unnecessary features from the Rack launcher:

  - The rack launcher no longer copies the etc directory to rack/config
  - The rack config path is now always "rack/config.ru"
  - The rack environment is now always "production"

Platform 0.93

* Reverted the Hamcrest support in JsonTester.assertJsonEncode()

* Library upgrade
  - Jetty to 9.1.3

Platform 0.92

* We created TestingReportCollectionFactory

* JsonTester.assertJsonEncode() now supports Hamcrest matchers

Platform 0.91

* AsyncHttpClient collapsed into HttpClient

  - We moved the executeAsync() method into the HttpClient interface.
  - The AsyncHttpClient interface is now deprecated.
  - The AsyncHttpClient.AsyncHttpResponseFuture interface is now named
    HttpClient.HttpResponseFuture

* HttpClient uses Jetty

  We replaced the Apache and Netty HttpClient implementations with
  JettyHttpClient, a Jetty implementation.

* Configuration warnings are no longer sent to the event service upon startup.

* We added a Bootstrap.quiet() method to disable logging of configuration.

* We tightened the type bounds of Assertions.assertInstanceOf() to catch some
  errors at compile time.

* Library upgrades
  - Jetty to 9.1.2
  - JRuby to 1.7.11

* Maven plugin upgrades
  - maven-duplicate-finder-plugin 1.0.6

Platform 0.90

* JsonCodec

  The JsonCodec.jsonCodec() factory method now uses Guava's TypeToken rather than
  Guice's TypeLiteral. This backwards incompatible change allows using the json
  module without a dependency on Guice.

* TestingHttpServer now supports resources

* Library upgrades
  - Guava to 16.0.1
  - logback to 1.1.1
  - findbugs-annotations to 2.0.2
  - testng to 6.8.7

Platform 0.89

* [Bug] BalancingHttpClient no longer dequotes and requotes the URI.

* [Bug] HttpUriBuilder now quotes the '+' character.

Platform 0.88

* Bootstrap and Logging

  - Bootstrap now initializes logging before the withModules() call. Any
    test code that needs to call doNotInitializeLogging() now must do
    so before the withModules() call.

  - We modified the archetype Main classes to place the Bootstrap call inside
    the try block. This allows more startup exceptions to be logged. We
    recommend applications make a corresponding change to their Main class.

* We removed the deprecated Bootstrap.strictConfig() and
  ConfigurationFactory.getUsedProperties() methods.

* BalancingHttpClient now avoids concurrent calls to the same instance and
  uses discovery changes that happen after the first attempt.

* [Bug] BalancingHttpClient instances couldn't be configured.

* [Bug] JAX-RS response time reporting threw exceptions when a resource class
  had multiple methods with the same name.

* [Bug] The launcher wasn't disconnecting from the terminal upon server start.

Platform 0.87

* The node.pool configuration property now allows uppercase in pool names.

* Reporting

  - JAX-RS now reports response times per resource method and response code.
    JaxrsModule now depends on ReportingModule.

  - Permute reported metric names as necessary to make them acceptable to KairosDB

Platform 0.86

* Reporting

  - The reporting client now uses discovery. The "report.uri" configuration
    property has been removed.

  - Reporting is now enabled by default. It may be disabled with the
    "reporting.enabled" configuration property.

  - The "report.tags" configuration property has been renamed to
    "reporting.tags".

Platform 0.85

* [Bug] BalancingHttpClient preserve the query part of the URI

Platform 0.84

* Reporting (experimental)

  - The values of any "type" and "name" tags are used to prefix the metric
    name.

  - The http-client RequestStats are exposed to reporting.

* We added Threads.threadsNamed(String) and Threads.daemonThreadsNamed(String)
  methods to simplify creating a ThreadFactory.

* We added decayed total to Distribution

* We added merge support to CounterStat and DecayCounter

* [Bug] Ignore IOException in Closeables.closeQuietly()

* Library upgrades
  - validation-api to 1.1.0.Final
  - logback to 1.0.13

Platform 0.83

* Application name

  We've added a static factory for Bootstrap which takes the name of the
  application server:

    Bootstrap.bootstrapApplication("name-of-application")
        .withModules(...)

  The previous Bootstrap constructors are deprecated.

  The application name can be obtained from NodeInfo.getApplication().

  NodeModule and TestingNodeModule have a dependency on the newly created
  ApplicationNameModule. This dependency is supplied by Bootstrap.

  The application name is included in a tag named "application" in reported
  metrics.

* HttpServiceBalancer metrics

  HttpServiceBalancer now reports:
    - client response times by success/failure and target URI
    - failures by failure category and target URI

  DiscoveryModule now has a dependency on ReportingModule.

* TestingTicker

  TestingTicker now has public visibility in the testing package. It is an
  implementation of Ticker that can be manually incremented.

* Library upgrades
  - Guava to 15.0

Platform 0.82

* We added JaxrsBinder.bindResourceFilterFactory for adding custom
  ResourceFilterFactory instances to the HTTP server.

* The HTTP server no longer sends HttpRequest events.

Platform 0.81

* We made JAX-RS resource methods Bean-validate arguments of List and Map.

* JMX agent

  We've replaced the custom JMX agent in Platform by the one built into the
  JVM. This change makes it possible to use the VisualGC plugin for VisualVM
  when jstatd is also running in the same machine as the Platform-based
  process.

  As a result of this change, we've also removed the 'jmx.rmiserver.hostname'
  configuration option in favor of Java's native configuration option
  'java.rmi.server.hostname'.

* We demoted several legacy configuration properties to defunct. We renamed
  'discovery.uri' to 'testing.discovery.uri' to make it obvious that it should
  never be used in production.

* We added an experimental management wrapper for a thread pool executor.

* We added the ConfigurationAwareProvider interface to implementing custom
  configuration providers.

* We added byte array methods for JsonCodec.

* We added 1,5,10, and 25 percentiles to Distribution and added manual
  percentile specification to Distribution getPercentiles

Platform 0.80

* HttpServer reporting

  We instrumented HttpServer to use the reporting module. HttpServerModule()
  now depends on ReportingModule().

  We added stats broken down by response code and removed a redundant
  CounterStat.

* Units

  We've made a backwards incompatible change to the Duration API to align with
  the DataSize API.  The new Duration code has many new features:

  - Duration remembers the original unit, so parses and prints round trips.
  - toMillis() returns a long so it is easier to use with normal Java APIs.
  - roundTo(TimeUnit) return a long in the specified unit.
  - convertToMostSuccinctTimeUnit() will select the TimeUnit to produce
    the easiest to read value.
  - timeUnitToString(TimeUnit) to get a clean short name for TimeUnits.

  To update to the new api, you will need to:

    toMillis() now returns a long instead of a double
      - Use getValue(MILLISECONDS) for the old behavior.

    toString() returns a string in the original units instead of millis
      - Use toString(MILLISECONDS) for the old behavior.

    convertTo(TimeUnit) has been deprecated and will have an incompatible
    return value in the future.
      - Use getValue(TimeUnit) for the old behavior.
      - Use roundTo(TimeUnit) to get a long in the specified unit.

* We added constructors to TestingHttpClient allowing instances to send
  checked exceptions.

* Reporting (experimental)

  We made refinements to the experimental reporting module.

  - We split ReportingModule in two: ReportingModule is needed in order to
    instrument code and ReportingClientModule is needed to send the data to
    the time series database.

  - reportBinder.bindReportCollection() now requires an additional method call
    to specify the base ObjectName to use in exporting. Either
    .withGeneratedName() or as(String) can be used.

    reportBinder.bindReportCollection(StoreStat.class).withGeneratedName();

* [Bug] Fixed typo breaking Bootstrap.withApplicationDefaults().

* [Bug] JsonTester now uses correctly configured codecs.

Platform 0.79

* HttpClient exception handling

  We have redesigned exception handling in the HttpClient.  In the new design,
  the handle or handleException method of the Response handler should be called
  once per execution.  To make this change we had to make some backwards
  incompatible changes.

  The AsyncHttpClient.executeAsync method now returns a ListenableFuture instead
  of a CheckedFuture.  Any caller that was using the checkedGet() method of
  CheckedFuture will need to change to get() and handle the exceptions or use
  one of the helper methods in Guava Futures.

* Reporting (experimental)

  We added an experimental API for reporting metrics into a KairosDB
  time-series database. The API and its configuration options are subject
  to change.

  - Collecting data

    The @Gauge annotation may be placed on a getter in order to cause the
    attribute to be both reported into the database and exported to JMX. If
    the attribute is not to be exported to JMX, the @Reported annotation may
    be used instead. The getter must return a number or boolean.

    @Nested and @Flatten also work for reporting.

    CounterStat, DistributionStat, and TimeStat have been extended to support
    reporting.

    The newly created Bucketed abstract class may be extended in order to
    implement custom stats objects that support reporting in time buckets.

  - Exporting report objects

    The ReportBinder.export() methods behave like ExportBinder.export() except
    they cause the bound objects to be exported to both reporting and JMX.

    The ReportExporter may be used to dynamically export and unexport objects
    to just reporting.

  - Report collections

    The ReportBinder.bindReportCollection() method may be used to break down
    metrics by one or more keys. For example:

    public interface StoreStat
    {
        CounterStat added(@Key("size") int size,
                          @Key("successful") boolean isSuccessful);
    };

    reportBinder.bindReportCollection(StoreStat.class);

    will bind an implementation of StoreStat. A call to added(10, false) will
    return a CounterStat bound to both reporting and JMX with the name
    "type=StoreStat,name=added,size=10,successful=false".

  - Reporting client

    ReportingModule enables reporting of collected data to the
    time-series database. Configuration parameters are:

    report.uri - The URI of the KairosDB database

    report.tag - A table of additional tag/value pairs to include in all
                 reported data. For example, report.tag.foo=bar will include
                 the additional tag foo=bar

  The sample server has been updated to support reporting.

* Library upgrades
  - jmxutils to 1.14

* [Bug] Futures returned from TestingHttpClient.executeAsync() didn't invoke callbacks.

Platform 0.78

* Rack Packaging

 - Removed generation of gemfile.jar in favour of using Bundler’s standalone.
 - Changed tar generation to include specific files instead of by exclusion to prevent pulling in unnecessary
   project files.
 - Incorporated asset precompilation fix
 - Deprecated use of the bundler maven plugin as it didn’t work correctly or log useful information when it
   failed. May want to wrap the above changes in a plugin in the future (currently using command lines via Ant
   plugin).

* Rack

 - Added intiialization code to ensure Rails application correctly loads gems from the standalone gem bundle.
 - Fixed an issue in ServletAdapter that assumed status code was always an integer and caused exceptions when
   it was actually a string
 - Fixed issue that prevented Rails apps from setting more than one cookie at a time.
 - Re-implemented hack to override logging as a Railtie so it could be correctly scheduled in the application
   initialization sequence. All Rails apps will now correctly log everything (including startup logging) to
   launcher.log.
 - Updated/added gems to the test resources to ensure unit tests run correctly (which accounts for most of the
   file changes)

Platform 0.77

* HttpClient

  - The signature of ResponseHandler.handleException() has changed to:

    T handleException(Request request, Exception exception)
        throws E;

    This permits the method to return a default value.

  - We added a new DefaultingJsonResponseHandler which returns a default
    response upon any error.

* Discovery client service pool default

  Service pools now default to the configured value of 'node.pool'.

* SerialScheduledExecutorService

  We added SerialScheduledExecutorService to the testing module. It is a
  test utility implementation of ScheduledExecutorService. See
  https://github.com/markkent/serial-executor-service for more information.

* Stats

 - MeterStat has been deprecated. DistributionStat should be used insead.

 - TimerStat has been deprecated. The newly created TimeStat should be used
   instead.

 - The Http client and sever RequestStats have been changed to use
   DistributionStat and TimeStat.

* TestingHttpServer now injects a TraceTokenManager, so trace tokens are
  available to other injected modules.

* Library upgrades
  - Netty to 3.6.6.Final

* Maven plugin upgrades
  - build-helper-maven-plugin 1.8
  - maven-assembly-plugin 2.4

* [Bug] Fixed discovery client's inability to refresh services

* [Bug] Fixed missing module in Rack server.

Platform 0.76

* [Bug] Fixed Guice error when binding AsyncHttpClients both normally and privately.

* [Bug] Fixed the Netty http client's handling of exceptions.

Platform 0.75

* Experimental modules

  We removed the trailing "-experimental" from all artifact names.
  Any APIs that are experimental should be annotated with @Beta instead.

* We moved the /v1/jmx/mbean resource to /admin/jmx/mbean on the admin port.

* We removed the jmx-http-rpc-experimental artifact and the JmxHttpRpcModule
  it defined.

* We moved Announcer and ServiceAnnouncement into the
  com.proofpoint.discovery.client.announce package.

* Discovery aware balancing HttpClient

  We added a BalancingHttpClient implementation which takes relative URLs,
  implements discovery lookup, and retries requests.

  To use, bind to a discovery service type:

      DiscoveryBinder.bindDiscoveredHttpClient("storage", StorageClient.class)
          .withFilter(SomeFilter.class)
          .withTracing();

  The resulting HttpClient can be injected in the normal way:

      @Inject
      StorageUser(@StorageClient HttpClient httpClient)

  The resulting HttpClient differs from a classic HttpClient in that it that
  the Request URI must be relative:

      httpClient.execute(prepareGet()
          .setUri(URI.create("v1/content/foo"))
          .build(),
          new StorageResponseHandler());

  The BalancingHttpClient will send the request to some base URI obtained from
  the discovery service for the ServiceType that the HttpClient was bound to
  and for the pool obtained from configuration. If there are no available
  instances, it will throw a ServiceUnavailableException.

  The BalancingHttpClient will retry the request, up to a configurable number
  of total attempts, if the underlying HttpClient reports either an exception
  through ResponseHandler.handleException() or a response with a status code
  of 408, 500, 502, 503, or 504. The server can suppress retries by including
  an "X-Proofpoint-Retry: no" header in its response.

  The ResponseHandler given to the BalancingHttpClient will be called at most
  once. The BalancingHttpClient won't retry if the caller's
  ResponseHandler.handle() method throws an exception.

  The Request and its BodyGenerator may be required to produce their contents
  many times.

  Alternatively, use DiscoveryBinder.bindDiscoveredAsyncHttpClient() to bind
  an AsyncHttpClient.

* We removed support for JSONP and the HTML form of /v1/jmx/mbeans.

* We explicitly specified UTF-8 as the charset for configuration property
  files.

* We renamed ConfigAssertions.assertDeprecatedEquivalence() to
  assertLegacyEquivalence().

* We added TestingHttpClient to simplify testing.

* QuantileDigest

  We made a number of improvements to QuantileDigest. QuantileDigests now support
  negative values, can be serialized/deserialized and merged with other QuantileDigests.

  Important: QuantileDigest is no longer thread-safe, so if you have code that relies
  on this guarantee, you'll need to update it to provide thread-safety at that layer.

* We added a method to TimedStat to time a block using try-with-resources:

    try (BlockTimer ignored = timedStat.time()) {
        ...
    }

* We added an addDiscoveredService(String type, String pool, String uri)
  method to InMemoryDiscoveryClient.

* We changed the discovery client to no longer prefer https instances over
  http instances, but to only use https for any instance that supports both
  schemes.

* We removed support for loading the service inventory over http or https.

* [Bug] Fixed handling of missing content type for JSON http responses.

* We deprecated ConfigAssertions.assertDefaults().

* We upgraded Jackson to 2.2.2 and disabled property mutator inference.

Platform 0.74

* The new launcher status command now reports a running instance of a server
  started by the old launcher

Platform 0.73

* Applications can now use Bootstrap.withApplicationDefaults() to specify
  default configuration values.

* Upon startup, the main thread will no longer wait for the initial discovery
  announcement.

* Launcher fixes

  - Many jvm.config files were depending on the old launcher's interpreting
    spaces and other shell metacharacters. The launcher will now print an
    error message and refuse to start if the jvm.config file contains spaces
    or shell quotes, unless the jvm.config file contains the comment
    "# allow spaces".

  - The new launcher can now shut down a server started by the old launcher.

  - [Bug] The new launcher can now more reliably find the installation directory.

* [Bug] Don't create javadoc on non-release builds.

* Maven plugin upgrades

 - maven-resources-plugin 2.6
 - maven-source-plugin 2.2.1
 - maven-surefire-plugin 2.14

Platform 0.72

Temporarily allow event names to start with lowercase letters, etc.

Platform 0.71

* Log rotation changes

The HTTP request log is now uses the same log rotation semantics as the server
log. The request log rotation is configured using the new
"http-server.log.max-size" and "http-server.log.max-history" configuration
options. The old "http-server.log.retention-time" configuration option is
deprecated and does nothing.

The "log.max-size" configuration option takes a DataSize and replaces the
now-legacy "log.max-size-in-bytes" option.

* Launcher reimplemented in Java

The REST server launcher has been rewritten in Java. Changes include:

 - Fixes numerous race conditions.
 - Implements the force-reload command required by the specification the
   launcher allegedly implements.
 - Removes dependency on Ruby.
 - The launcher waits for the server to finish initialization (return from
   main method) and returns an error status code if initialization fails.
 - The launcher will no longer hang if the server fails to stop.

* BETA: Bootstrap for testing

The Bootstrap class performs may initialization tasks for servers, but when
testing not all installation tasks are desired.  Specifically, the Bootstrap
class loads configuration properties from a file specified using System
property.  The new setConfigurationProperty and setConfigurationProperties
have been added to supply the properties directly.  Another, problematic
task is logging initialization, which can now be disabled with the new
doNotInitializeLogging() method.  For an example of a Bootstrap test see
com.proofpoint.platform.sample.TestServer.

* ValidationAssertions.assertValidates() now returns its argument.

* JsonTester

We created a JsonTester utility class for unit testing JSON encoders and
decoders. JsonTester.assertJsonEncode() asserts that a given object encodes
to an expected JSON strucure. JsonTester.decodeJson returns the result of
decoding a given JSON structure with a given codec. In either case, the
JSON structure is specified as an Object, which can be a String, an Integer,
a Double, a Boolean, null, a List of JSON structures, or a Map of String to
JSON structures.

See TestPersonWithSelf and TestPersonRepresentation in the sample server for
examples of how to use JsonTester.

* Configuration improvements

 - The ConfigurationFactory(Map<String, String> properties) constructor
   (typically used in unit tests) is now strict, requiring all supplied
   properties to be used.
 - Configuration bound inside private binders now works correctly.

* Removal of jax-rs classes from clients

We have replaced all uses of jax-rs classes in clients with classes from Guava
or new classes in the Platform http client. In particular, the HttpHeaders and
MediaType classes in jax-rs has been replaced with HttpHeaders and MediaType
in Guava, and the Status and CacheControl classes have been replaced with
HttpStatus and CacheControl in the Platform http-client. This reduces the size
of clients and avoids some packing problems with the latest jax-rs releases.
Any existing code can continue to use the jax-rs versions of these classes, but
jax-rs is no longer required.

* AsyncHttpClient fixes

 - This release contains a number of fixes for the AsyncHttpClient and additional
   changes to ease debugging of async requests. In some cases the ResponseHandler
   would not be notified of errors with the handleException method, even though
   the future returned from the executeAsync method would be notified of the
   error. To help with debugging, the executeAsync method now returns an
   AsyncHttpResponseFuture which has a new method getState that can be used to
   determine the current state of the http request. This is helpful when requests
   seem to get lost after execution. Finally, we have changed the Netty setup to
   properly name the worker threads, so you can more easily find the http client
   threads.

 - AsyncHttpClient (Netty based) now shares I/O pools by default. To get a
   private IO pool, use withPrivateIoThreadPool() when binding the client.
   The pools running user code are still per-client.

 - AsyncHttpClient.executeAsync() no longer throws E.

* Binding of HTTP static content

We added HttpServerBinder, which binds static resources to be served by the
http server.

* Temporarily allow the characters .:=,- in event names once again.

* Add "X-Content-Type-Options: nosniff" header to all json responses to prevent
  broken browsers from rendering the json as html, which is a potential XSS
  vulnerability

* Dependency changes

com.google.code.findbugs:jsr305 was replaced with
com.google.code.findbugs:annotations

The jsr305 jar contains only the JSR 305 annotations while the
annotations jar also contains additional, Findbugs specific
annotations.

org.eclipse.jetty.orbit:javax.servlet was replaced with
javax.servlet:javax.servlet-api

* Library upgrades

  - Jetty 8.1.10
  - Guava 14.0.1
  - slf4j 1.7.5
  - logback 1.0.11
  - Jersey 1.17.1
  - TestNG 6.8.1

* Internal library upgrades

  - Mockito 1.9.5
  - Hamcrest 1.3
  - jcommander 1.30
  - mysql-connector-java 5.1.24
  - h2 1.3.171
  - Apache httpclient 4.2.4
  - Apache httpcore 4.2.4

* Maven plugin upgrades

  - maven-compiler-plugin 3.0
  - maven-deploy-plugin 2.7
  - maven-duplicate-finder-plugin 1.0.4
  - maven-enforcer-plugin 1.2
  - maven-install-plugin 2.4
  - maven-jar-plugin 2.4
  - maven-javadoc-plugin 2.9

Platform 0.70

* Upgrade Jackson to 2.1.3

Jackson 1.x has been upgraded to 2.1.x. This requires substantial code and
dependency changes as all the artifacts are named differently and all the
classes are in different packages. The upgrade guide has more details:
http://wiki.fasterxml.com/JacksonUpgradeFrom19To20.

The Json module now also supports Jackson Modules (more details at
http://wiki.fasterxml.com/JacksonFeatureModules).

* True async http client

The AsyncHttpClient has been rewritten on top of Netty.  As part of this
work, the AsyncHttpClient has been converted into an interface and the
main implementation is NettyAsyncHttpClient. Additionally, the execute
method has been renamed to executeAsync so the AsyncHttpClient can extend
HttpClient.  The change is to simply replace:

    asyncHttpClient.execute(request, responseHandler);

with:

    asyncHttpClient.executeAsync(request, responseHandler)

The other main change is when using the HttpClientBinder.  The bindAsyncHttpClient
method now binds both an AsyncHttpClient and a HttpClient, so if you were binding
both before, you will need to remove the call to bindHttpClient.

This API remains in BETA, and is subject to additional backwards incompatible
changes.

* Socks proxy support in http client

The new NettyAsyncHttpClient supports connecting to servers through a socks proxy.
This is particularly useful for accessing production servers.  The easiest way
to use this feature is to establish a socks proxy using ssh, as follows:

    ssh -N -D 1080 any.server.running.sshd

Then simply set the HttpClientConfig SocksProxy property either directly in code
or via the following config option:

    myclient.http-client.socks-proxy = localhost:1080

* Pretty-printed JSON

The injected JsonCodecFactory and injected codecs no longer produce
pretty-printed JSON. The previous behavior was a bug. JsonCodecFactory
has a method to return a factory that produces pretty-print codecs.

* Trace token improvements

  - The trace token (and other MDC items) is now included in the server log.
  - The trace token is now included in events.

* Configuration improvements

  - The error message that Configuration issues upon Bean validation failure
    now identifies the attribute's configuration property, if any.

  - Configuration warnings are now sent to the event service upon startup
    and once a day thereafter.

* Disabled auto-detection of constructors and use of getters as setters in
  Jackson.

* The HttpClient and AsyncHttpClients now implement Closeable and properly
  shutdown when used as lifecycle objects. Calling close shuts down the
  connection pool for the underlying Netty HTTP client.

* DataSize and Duration can now be serialized as json

* Library upgrades

  - Upgrade jmxutils to 1.13
  - Upgrade jruby to 1.7.3

* H2 improvements
  - Improve validation of H2EmbeddedDataSource config
  - Allow use of H2 without an init script
  - Enable mvcc support for embedded H2

* Removed deprecated features
  - Support for v1 events has been removed.
  - The EquivalenceTester static check methods have been removed.

* [Bug] HTTPS servers are now announced in discovery using the hostname, not an IP address

* [Bug] Don't throw an exception from http request logger when wall clock time goes backwards.

Platform 0.69

* Library Upgrades

In this release we have upgraded the following dependencies:

    - Guava 13.0.1
    - jetty 8.1.8
    - httpclient 4.2.2
    - bval-jsr303 0.5
    - joda-time 2.1

NOTE: Guava 13 removes transitivity of the JSR-305 artifact (commonly used for @Nullable).
If your project depended on this, you need to add the following to your project's pom.xml file:

    <dependency>
        <groupId>com.google.code.findbugs</groupId>
        <artifactId>jsr305</artifactId>
    </dependency>

* Mappable exception for JSON decoding errors

When there is a JSON decoding error, the JsonMapper.readFrom() method now throws newly defined
exceptions (instead of WebApplicationException). This allows them to be handled by an ExceptionMapper.
The newly defined exceptions are BeanValidationException and JsonMapperParsingException.

* Workaround for InetAddress.getLocalHost() throwing UnrecognizedHostException in Java 7u5 on MacOS

    - The jmx module now gets the default value of the local IP address from the node module.
    - The event-client module tries harder to get the local hostname

* We now detect some incorrect usage to EquivalenceTester.

To detect calls intended for EquivalenceTester<T>.addEquivalentGroup(Iterable<T>) that instead
call EquivalenceTester<Object>.addEquivalentGroup(T, T...), the latter method now prohibits calls
with a single argument that implements Iterable.

* Configuration classes, getters, setters, and default constructors no longer need to be public.

* @ConfigSecuritySensitive now redacts the configuration value in any generated error.

* [Bug] @ConfigMap attributes can now be tested by ConfigAssertions.assertFullMapping() and
  ConfigAssertions.assertDeprecatedEquivalence()

* [Bug] Don't throw exception from StatsRecordingHandler if the system clock goes backwards.

* We have removed the Cassandra module

Platform 0.67

* No thread pool for CounterStat

We changed the CounterStat implementation to use forward decay, which eliminates
the need for a thread pool (and having to manage a thread pool).

* HttpUriBuilder a fluent api for HTTP URIs

Building HTTP URIs using java.net.URI is difficult and error prone, so we added
a simple fluent API for building up HTTP URIs. For example:

    URI uri = uriBuilder()
            .scheme("http")
            .host("www.example.com")
            .port(8081)
            .replacePath("/a/b/c")
            .replaceParameter("k", "1")
            .build();

Additionally, the API can manipulate existing URIs:

    URI uri = HttpUriBuilder.uriBuilderFrom(URI.create("http://www.example.com:8081/?a=apple&b=banana"))
            .replaceParameter("a", "apricot")
            .appendPath("a/b/c")
            .build();

* Bind Jackson key serializers and deserializers in Guice

We've added the ability to bind Jackson key serializers and deserializers with
the JsonBinder.

* Configuration types can now use a fromString method for coercion

The configuration system will look for methods in the following order:

    fromString(String);
    valueOf(String);
    <init>(String);

* Quantile Digest

We've introduced an implementation of Quantile Digests, a data structure for computing approximate
quantile statistics and histograms in sub-linear space with guaranteed error bounds, from the paper
"Medians and Beyond: New Aggregation Techniques for Sensor Networks". It supports
exponentially-decayed counts and can be used to query quantiles and histograms very efficiently.

* DistributionStat

We've deprecated MeterStat in favor of DistributionStat. This new implementation is based on
QuantileDigest and exposes statistically valid percentile metrics at various resolutions
(1/5/15-minute, all time). It's designed to be exported via jmxutil's @Managed annotations.

* @ConfigSecuritySensitive

We created the @ConfigSecuritySensitive annotation for configuration settings such as passwords.
When placed on a @Config setter, prevents the value of the setting from being logged upon startup.

* @ConfigMap

We added support for configuration maps. For example, given the setter:

    @Config("setting")
    @ConfigMap(key = Integer.class, value = Double.class)
    public void setSetting(Map<Integer, Double> value)

the configuration settings:

    setting.1=0.059
    setting.5=2.543

will cause the setter to be called with ImmutableMap.of(1, 0.059, 5, 2.543).

The "key" and "value" arguments both default to String.class and can be any type that the configuration
system can coerce. Furthermore, the "value" argument can be any configuration class. For example,
given a EndpointConfig class with setters annotated with @Config("hostname") and @Config("port"):

    @Config("endpoint")
    @ConfigMap(EndpointConfig.class)
    public void setFruit(Map<String, EndpointConfig> value)

the configuration settings:

    endpoint.foo.hostname=foo.example.com
    endpoint.foo.port=8080
    endpoint.bar.hostname=bar.example.com

will cause the setter to be called with a map with two entries. One entry will have key "foo" and
value an EndpointConfig with host "foo.example.com" and port "8080". The other entry will have key
"bar" and value an EndpointConfig with host "bar.example.com" and a default port.

* Additional error checks in configuration

 - All configuration properties read from a configuration file must be used--Bootstrap.strictConfig()
   now does nothing and is deprecated.
 - Duplicate configuration property keys in a given configuration file now cause an error.
 - Specifying a given configuration setting multiple times (through legacy properties) is now an error,
   even if all the properties use the same string value.

* We removed the restriction of entity bodies to PUT/POST requests that was added in Platform 0.65
* We deprecated unused configuration settings in HTTPEventClient
* We limited the stats to log dependency to test scope

Platform 0.66

* Java 7 is now required

Platform 0.65

* Improvements in unit tests and testing utilities
* Modifications to allow building on Windows
* Restrict entity bodies to PUT/POST requests in HttpClient
* [Bug] Throw correct exception from HttpClient

Platform 0.64

* Fix bug that prevented skeleton server from starting

* Enforce use of HttpClientBinder

The previous way of using HttpClient was to create a new instance of the
HttpClientModule or AsyncHttpClientModule for each client. The recent addition
of filter support added a binding API, HttpClientBinder. The use of this API
is now required. The modules cannot be used directly anymore. Here is an
example of how to use the binder:

    httpClientBinder(binder).bindHttpClient("foo", FooClient.class)
        .withFilter(FirstFilter.class)
        .withFilter(SecondFilter.class);

Here is a simpler example to create a client for use with other platform
services. The client will pass the trace token when making requests:

    httpClientBinder(binder).bindHttpClient("foo", FooClient.class).withTracing();

Platform 0.63

* Fix bug that prevented sample and skeleton servers from starting

Platform 0.62

* Removed all dependencies to Ning's Asynchronous HTTP client

Since http-client-experimental now replaces the usage of Ning's Asynchronous
HTTP client, we've removed all existing references to that package.  Rest
servers that upgrade to 0.62 may need to include it as an explicit dependency
if they don't want to upgrade.

* Cleaned up dependency management

There is now a library project that contains a single parent dependencyManagement
section for all poms to inherit from.  This now includes REST Server Base.  This
ensures that all platform libraries are built with a single set of versions that
produce fully compatible dependency closures with the services that consume them.

* Multiple refactoring commits for readability

There were multiple refactoring efforts to enhance readability.  Some classes that
moved include:
RequestBuilder -> Request.Builder
EchoServlet is a separate class now
MediaType is now available as a class in Guava 12

* Addition of request filter support to HttpClient

HttpClients may now bind in request filters, an example of such can be found by
following the code in com.proofpoint.http.client.TestHttpClientBinder.  This
was added to support having the TraceToken added into outbound http client requests.

* Removal of deprecated JavaUrlHttpClient

* Removal of the experimental module, segmented into separate modules

At this time, we will no longer have a single experimental module, please be aware
of classes that have the @Beta annotation going forward.  Such classes are subject
to backwards incompatible changes.

Platform 0.61

* Upgrade Platform and Rest Server Base pom to Guava 12.0

* Tests for keep alives with ApacheHttpClient

Platform 0.60

* Fixed bug that prevents Rack servers from announcing

Platform 0.59

* Hibernate validator replaced with direct dependency on Apache BVal

We replaced the indirect use of the Hibernate validator with a direct
dependency on Apache BVal. Consequently, the dependency was removed
from the dependencyManagement section of the rest-server-base POM and
should be removed from the POM of any servers or libraries as it is
no longer required by Platform.

* Fixed a bug preventing V1 Events from being able to be used with HttpRequestEvents

* Check for duplicate classes in the dependency closure during builds

Starting at 0.59, any rest-server-base dependent projects will have a build
step added that ensures there are no duplicates of classes or resources on
the classpath.  Any duplicates will trigger a failure of the build and the
build output will include all the problematic classes or resources and which
packages they come from.  Using the dependency:tree build goal can help with
finding these conflicts and resolving them.

* Add JsonEventSerializer for external use

JsonEventSerializer serializes a single event in v2 format using a JsonGenerator.
The existing JsonEventWriter is not easily consumed from external projects.

* Add support for Rack servers to be able to announce with Discovery

Starting with 0.59, the configuration property "rackserver.announcement" will
set the name for the rack server to announce to discovery.  The remaining
configuration to announce with discovery is identical to rest-server-base
parented projects.

Platform 0.58

* Fixed bug that prevents Rack applications from starting

* As of release 0.55, the HttpServerModule has additional dependencies:

 - HttpEventModule
 - DiscoveryModule
 - JsonModule


Platform 0.57

* Fixed bug that prevents ServiceInventory from refreshing periodically

Platform 0.56

* Fixed bug that causes HttpRequestEvents to not be published

Platform 0.55

* In this release we have upgraded the following dependencies

  - Jackson 1.9.5

* HTTP request events

We now record an event for each HTTP request processed.  The HTTP request logging and
new event system now properly support the X-FORWARDED-FOR and X-FORWARDED-PROTO headers.

* Redesigned HTTP client

The existing HTTP client interface has been renamed to AsyncHttpClient and a new synchronous
HTTP client interface has been added in its place.  Additionally, the underlying HTTP client
engine has been replaced with Apache HTTP Components.

The HTTP client is still experimental.


Platform 0.54

This release removed the use of DocLava for generating javadocs for projects rest-server-base.
It was triggering a bug in javadoc that prevented some projects from building successfully.


Platform 0.53

* In this release we have upgraded the following dependencies

  - Jetty 8.1.1
  - Guava 11.0.2

Jetty 8.0.3 has a bug where connections will leak in CLOSE_WAIT state if clients hang up
prematurely.

* Testing servlet filters

When developing servlet filters for use with the platform HTTP server, it is now possible
to test these filters inside the TestingHttpServer. Bind the TestingHttpServerModule into your
test injector along with the module that binds your servlet filter.

* Rack packaging (JRuby on Rails)

The rack packaging has been substantially updated with many changes:

  - rewritten launcher that supports the new node config file
  - support only Rails 3.1+ with asset pipeline
  - add support for JMX over HTTP
  - use Bundler to require dependencies when starting application
  - no creation of .bundle directory when packaging gems
  - various bug fixes including PATH_INFO, logging, locking, resources

This release requires Rails 3.1+ rather than supporting arbitrary rack
applications. It also requires the build machine to have a Ruby installation
with all of the application gems installed. This is a temporary restriction
and will be fixed in future releases.

The build process runs "bundle exec rake assets:precompile". Please verify
that this command succeeds before running the build. The following config
change in config/application.rb is likely required to prevent the command
from trying to connect to the configured production database:

  # Only partially load application when precompiling assets
  config.assets.initialize_on_precompile = false

The following config changes are also required for production mode in
config/environments/production.rb:

  # Serve static assets directly from Rails
  config.serve_static_assets = true

  # Enable threaded mode
  config.threadsafe!

Future versions of the rack packaging may configure these automatically.


Platform 0.52

* Admin Http Server thread pool

The thread pool for the admin http server (for jmx over http) listener has been
separated from the main http thread pool to prevent DoS if all http threads in the main
pool get stuck.

The pool size can be controlled via the http-server.admin.threads.min and http-server.admin.threads.max
configuration properties.

* Configurable http client timeouts

Connection and read timeouts for http client are now configurable. For Discovery client, use
discovery.http-client.connect-timeout and discovery.http-client.read-timeout. For Event client,
use event.http-client.connect-timeout and event.http-client.read-timeout.

* Add external address to node info

Added node.external-address property to specify the external address (e.g., Internet routable)
to the JVM. HTTP and JMX services are announced using the existing name and a '-external' name,
so external clients can easily find the server.

Platform 0.51

* Trace token support for http requests

The http server can now deal with request trace tokens passed in via a
request header (X-Proofpoint-TraceToken). The trace token is recorded
in the request logs and is made available to application code via a
TraceTokenManager object. If no token is provided, a new one is created
automatically.

To enable this functionality, simply add a dependency to
com.proofpoint.platform:trace-token and add TraceTokenModule to the list of
guice modules for your application.

* Event fields support Map and Multimap

In addition to Iterable, the event client now supports event fields of type
java.util.Map and com.google.common.collect.Multimap. The map key type must
be java.lang.String, while the value type can be any standard supported type
or nested type (i.e. any type that is supported by Iterable).


Platform 0.50

* Library Upgrades

In this release we have upgraded the following dependencies

  - Guava 10.0.1
  - TestNG 6.2.1
  - Joda time 2.0
  - CGlib 2.2.2
  - Hibernate validation 4.2.0.Final
  - log4j-over-slf4j 1.6.2
  - Logback 0.9.30

* Log configuration via JMX

Log levels can now be configured via JMX under an mbean named
com.proofpoint.log:name=Logging. Enable this by adding LogJmxModule to your
Guice modules. The AllLevels attribute returns all explicitly configured
loggers (it excludes those with an inherited level).


Platform 0.49, Oct 14th 2011

* Library Upgrades

In this release we have upgraded the following dependencies

  - Jetty 8.0.3
  - Jackson 1.9.1

* Http server critical bugs

There are a number of bugs in versions of Jetty prior to 8.0.3 that can cause
the server to spin in a busy loop when using SSL or leak file descriptors under
certain conditions.

* Admin port

The http-based jmx connector now runs on an alternate admin port to avoid polluting
the request logs and stats when monitoring the server through jmx. For backwards
compatibility, the http listener is bound to a random port. The binding can be
overriden via the http-server.admin.port property and can be turned off via
http-server.admin.enabled.

* Service inventory

Discovery client now finds the location of available discovery servers by calling
out to a service inventory API. The location of the service inventory API is specified
via the service-inventory.uri configuration property and is provided automatically
when deploying with recent snapshot versions of Galaxy.

This feature is experimental, so the old discovery.uri property is still supported.

* PGP signing of artifacts

Projects that inherit from rest-server-base are now automatically signed with PGP on
release. To get this working, the release machine and account needs to have a PGP key
and agent configured.

See http://www.sonatype.com/people/2010/01/how-to-generate-pgp-signatures-with-maven/
for more information.

* Http server request stats

The http server now exposes additional request stats via JMX under an mbean named
com.proofpoint.http:name=RequestStats.

The available stats include:
- Request count
    - Total
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average requests
      per second
- Bytes Read/Written to connection
    - Total (since server start)
    - Exponentially-weighted per-request mean, min, max, percentiles (50, 90, 99, 99.9)
      with a bias towards the past 5 minutes
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average bytes
      per second
- Request time (ms)
    - Total (since server start)
    - Exponentially-weighted per-request mean, min, max, percentiles (50, 90, 99, 99.9)
      with a bias towards the past 5 minutes
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average bytes
      per second

* Http client request stats

Event and discovery clients now expose http request stats via JMX under the
com.proofpoint.discovery.client:name=DiscoveryClient and
com.proofpoint.event.client:name=EventClient mbeans.

The available stats include:
- Request count
    - Total
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average requests
      per second
- Bytes Read/Written to connection
    - Total (since server start)
    - Exponentially-weighted per-request mean, min, max, percentiles (50, 90, 99, 99.9)
      with a bias towards the past 5 minutes
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average bytes
      per second
- Request scheduling time (ms) -- time for request to get picked up by an available worker thread.
    - Total (since server start)
    - Exponentially-weighted per-request mean, min, max, percentiles (50, 90, 99, 99.9)
      with a bias towards the past 5 minutes
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average bytes
      per second
- Scheduling time (ms) -- time for request to get picked up by an available worker thread.
    - Total (since server start)
    - Exponentially-weighted per-request mean, min, max, percentiles (50, 90, 99, 99.9)
      with a bias towards the past 5 minutes
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average bytes
      per second
- Request time (ms) -- time to send request data to remote server
    - Total (since server start)
    - Exponentially-weighted per-request mean, min, max, percentiles (50, 90, 99, 99.9)
      with a bias towards the past 5 minutes
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average bytes
      per second
- Response time (ms) -- time to read response
    - Total (since server start)
    - Exponentially-weighted per-request mean, min, max, percentiles (50, 90, 99, 99.9)
      with a bias towards the past 5 minutes
    - 1-minute, 5-minute and 15-minute exponentially-weighted moving average bytes
      per second


Platform 0.48, Oct 5th 2011

* Library Upgrades

In this release we have upgraded the following dependencies

  - Guava 10.0
  - Hector 0.8.0-2
  - Jersey 1.9.1
  - Jetty 8.0.1

Note: we have banned all prior versions of Guava since the former versioning
names are not understood by maven and can result in invalid combinations of
dependencies.

* Jmx over HTTP

One of the major problems we have with supporting our servers in a production
environment is accessing JMX through the firewall.  JMX uses RMI by default
and RMI binds to two random ports, so we can run multiple servers on the same
instance.  This configuration annoyance is compounded by the bidirectional
nature of the RMI protocol.  When an RMI object is published, it encodes the
local address of the server on which the object is running.  In EC2, each
server has a private IP for use within EC2 and a public address which we use for
connecting from out side of EC2.  Since the RMI object can only contain one
address, we must choose between JMX being internally or externally accessible.

We have eliminated both of these problems by writing a HTTP based JMX Remoteing
(JSR 160) connector. To add this to your server, simply add the JmxHttpRpcModule
to the Guice modules.  The following command will connect jvisualvm to the server:

  jvisualvm --cp:a jmx-http-rpc-experimental.jar \
      --openjmx service:jmx:http://<host>:<port>

Note: You must install the VisualVM-MBean plugin to see mbeans in jvisualvm



Platform 0.47, Sept 29th 2011

* EventClient and DiscoveryClient

After running some of our servers under load, we have found major memory leaks
in EventClient and DiscoveryClient due to the AsyncHttpClient.  Unfortunately,
these leaks are difficult to fix due to the complexity of this code base, so we
have replaced the use of AsyncHttpClient in these libraries with the
experimental http client.

* HttpClient

We have written a vastly simplified event client interface that supports only the
features needed by EventClient and DiscoveryClient.  The current
implementation uses java.net.URL internally but we expect this to change.  This
code base is under active development and should not be used outside of the
platform until it is stabilizes.

Platform 0.46, Sept 26th 2011

* Launcher script

This release addresses one of the recent problems we've had with our servers
running in Galaxy.  Galaxy splits the installation directory, which contains
our configuration files, from the data directory where the Java process runs.
This split makes it easy for Galaxy to upgrade servers without losing
persistent server data, but this split means it is impossible for the Java
program to locate configuration files in the installation etc directory.  We
have fixed this problem by having the launcher script symlink the etc
directory from the installation directory into the data directory, so the Java
process can find the configuration using a relative path.


Platform 0.45, Sept 22th 2011

* oss.sonatype.org

We are pleased to announce that starting with this release, all artifacts are
published to Maven Central.  You can search for our artifacts here:

  http://search.maven.org/#search%7Cga%7C1%7Cg%3A%22com.proofpoint.platform%22

* HttpServer

We have added the request size to the http server log.  The new log line format
follows:

  timeStamp remoteAddress method uri user agent status contentRead contentCount requestTime

As a comparison the previous log line format was:

  timeStamp remoteAddress method uri user agent status contentCount requestTime

Additionally, we have reenabled SSL renegotiation since the underlying JVM bug
has been fixed.

* Launcher script

Starting with this release, the preferred method for passing node specific
information (e.g., id, environment, and pool) to a server is the --node-config
command line option.  The argument to this option must point to a file
containing key-value pairs encoded as 'key=value'.  The properties in this file
are simply added to the Java command line as -D parameters when launching the
server.  Parameters can still be passed to the server using -D parameters on
the launcher, and these will override any parameters in the node config file.

* JRuby on Rails

It is now possible to package a Rails application just like any other Java
platform application.  The packaged application will use the platform http
server, logging, and over time we will extend the integration to support other
platform services.  An instructional guide is currently under review and will
be included soon.


and run rack applications, such as rails, using the
platform http server.  The platform logger is automatically provided to rack and rails, and other
platform facilities can be used from within JRuby.  Simply set
rack-server-base-experimental as your parent pom, and you gain many of the same
features that exist in the rest-server-base parent pom.  An instructional guide is
currently under review and will be included soon.

* Event Client v2

The event client for the event v2 protocol has been mostly rewritten to fix
various bugs and annoyances.  Additionally, we have have expanded the allowed
event fields to include java.util.Iterable and nested simple event types.  For
Iterable, any supported type is allowed for the elements except Iterable.
Nested event types, can be any event type without a special field (e.g.,
timestamp, uuid, or host) since these are only allowed in the envelope
of the protocol.  For a full example see:

  com.proofpoint.event.client.NestedDummyEventClass

* Embedded Cassandra

Cassandra has been upgraded to 0.8.5 which addresses many internal bugs (see
https://svn.apache.org/repos/asf/cassandra/tags/cassandra-0.8.5/CHANGES.txt
for more information).  Additional, work has been on startup reliability and
timeout configuration.

One backwards incompatible change is the default partitioner is now
ByteOrderedPartitioner instead of RandomPartitioner since most of our
application are using range queries.

* AsyncHttpClient

We have upgraded AsyncHttpClient to version 1.6.5, but since this version still
contains a memory leak we have removed it from the event client.  We are
several evaluating long term solutions to the memory leak and hope to have one
implemented in the next release.

* DataSize helper methods

The toBytes() and roundTo(Unit) helper method have been added to DataSize for
easily converting the size to a long.  These methods will throw an exception if
the size is bigger than a long in the specified unit.

* Removed Discovery JDBC

The experimental discovery based JDBC driver has been removed.  This was
originally introduced for supporting database discovery to rails, but this
feature has been rewritten in much simpler pure Ruby.

* Bug fixes
    - System out and err redirect to logging does not flush
    - Fixed race condition in embedded Cassandra lifecycle
    - Fixed error reporting in event client
    - Fixed launcher issues with spawn using 'sh -c' on Linux


Platform 0.44, Sept 22th 2011

* Bad release

Don't use this release, it is bad.

Platform 0.43, Jun 10th 2011

* JRuby on Rails integration

We've started the work support JRuby on Rails in the platform by adding a
servlet based implementation of Rack.  Work will continue in future releases.


* Bug fixes
    - Discovery client fails to reschedule refresh job in some cases




Platform 0.42, May 24th 2011

* Embedded Cassandra and testing utilities

The code is part of the cassandra-experimental module
(com.proofpoint.platform:cassandra-experimental:0.42). The server is enabled by
adding CassandraModule to your Guice injector. Configuration for the server is
encapsulated in CassandraServerConfig. Code that needs to talk to the cassandra
server (e.g., Hector) should depend on CassandraServerInfo, which exposes a
method for obtaining the RPC port that Cassandra listens on.

Here's an example of how to run a simple server with an embedded cassandra instance:


       Bootstrap bootstrap = new Bootstrap(new NodeModule(), new CassandraModule());

       try {
           Injector injector = bootstrap.initialize();
           CassandraServerInfo info = injector.getInstance(CassandraServerInfo.class);
           log.info("Cassandra server listening on port " + info.getRpcPort());
       }
       catch (Throwable e) {
           log.error(e);
           // Cassandra creates non-daemon threads that will prevent the vm from shutting down
           System.exit(1);
       }



We've also added some utilities to simplify unit testing of code that talks to
Cassandra. It is important to keep in mind that due to how Cassandra is
written, there can only be one embedded instance per VM, and it can only be
started once during the lifetime of the VM.

To use Cassandra in unit tests, use CassandraServerSetup to initialize the
embedded instance. This should be done in @BeforeSuite and @AfterSuite methods
that call CassandraServerSetup.tryInitialize() and tryShutdown(), respectively.
It's important that this be done in every class that contains cassandra-based
tests. Otherwise, the initialization code  will only run if you include the
class with these methods in your unit test execution. TryInitialize() and
tryShutdown() are designed to properly handle calls from multiple
@Before/AfterSuite methods.

The server will be bound to a random port which can be obtained through the
CassandraServerInfo object. To get this object use either
CassandraServerSetup.getServerInfo() or TestingCassandraModule if your tests
require Guice.

* DataSize

We've introduced a DataSize class to the experimental module for dealing with
units of data in human-readable form (similar to Duration). It supports B, kB,
MB, GB, TB, PB and can handle conversions between these units. It's also fully
compatible with the configuration system.

* ValidationAssertions

We've also added some utilities to the experimental module to make easier to
test code that uses Bean Validation Framework annotations.
ValidationAssertions.assertValidates() and assertFailsValidation() can be used
to test that an object passes or fails validations as specified by its
annotations. Here's an example on how to use assertFailsValidation():

        assertFailsValidation(config, "maxAge", "may not be null", NotNull.class)

* Bug fixes

The following issues have been fixed:
	- Discovery client fails when consuming static announcements
	- MySQL connection timeouts using the wrong unit (ms vs s)
	- Jar manifest using the wrong file names when building snapshot versions