JavaMelody 1.83.0 released

[Vernat Emeric]

JavaMelody 1.83.0 was released. The release is available for download here:
https://github.com/javamelody/javamelody/releases

Release notes:

1.83.0

• improved: If there are http or sql requests with many dynamic values like "/get/entity/10" or "select * from table where id in (123, 456)" (dynamic values in sql without binded parameters), you should already use the javamelody parameters http-transform-pattern or sql-transform-pattern, in order to limit disk IO and disk space usage for the statistics and RRD graphs. If you forget that, some RRD files will now be automatically deleted everyday at midnight to limit the disk space used by RRD files under 20 MB. You may configure that limit with the javamelody parameter max-rrd-disk-usage-mb (20 by default). And old statistics and graphs are automatically deleted like before. (553b323)
• fix in the Liferay plugin, to allow JDBC monitoring in Tomcat in an OSGi environment (Liferay 7+), PR 15 thanks to Adrián Rodríguez. See doc.
• fix #910 In the optional collect server, only one instance registered when using MonitoringFilter.registerApplicationNodeInCollectServer in several instances.
• fix #9 in JIRA/Confluence/Bamboo/Bitbucket monitoring plugin, blank page when accessing /monitoring in Bamboo 7.
• fix #912 WELD-ENV-000015: Unable to load annotation: javax.ejb.Asynchronous, when using CDI with WELD in Tomcat.
• improved: Database report on locks for Postgresql 9.2+ (e349ac0).
• added: If using the authorized-users javamelody parameter, you may not want to write the parameter like user:password as clear text in configuration or script files, so you can write it like user:{SHA-256}c33d66fe65ffcca1f2260e6982dbf0c614b6ea3ddfdb37d6142fbec0feca5245 with a one-way hash of the password instead (92e04f2). To compute the hash of the password (with a fixed salt against rainbow tables):
  • use the html page at .../monitoring?part=hashPassword in a webapp monitored by javamelody 1.83.0 or later (it is recommended to choose a complex password and the SHA-256 algorithm at least)
  • or use the html page at http://javamelody.org/demo/monitoring?part=hashPassword
  • or on the command line: java -cp javamelody-core-1.83.0.jar net.bull.javamelody.internal.common.MessageDigestPasswordEncoder passwordToHash (Download javamelody-core-1.83.0.jar)
• added: doc to configure security of the monitoring reports in Spring boot, using Spring security for example.
• added: if using Tomcat, display sources of Tomcat's classes from stack-traces like for the webapp's dependencies (9907e93).
• added: As an external API, dump of graphs values as XML or as TXT, for the choosen period or for all periods (d11e6a8). See doc.
• added: Links to Last value, Dump XML, Dump TXT below the zoomed graphics (3967ea2).
• added: In the optional collect server, display an alert in the report of a monitored application with several nodes, if some of the nodes are unavailable (481da3e).

The Jenkins plugin, the JIRA, Confluence, Bamboo and Bitbucket plugin, the Liferay plugin, the Alfresco plugin, the Sonar plugin were also released. (Not yet for the Grails plugin)

bye, Emeric