gharris1727 commented on code in PR #14995:
URL: https://github.com/apache/kafka/pull/14995#discussion_r1453850678
##########
clients/src/main/java/org/apache/kafka/common/config/provider/FileConfigProvider.java:
##########
@@ -40,7 +42,13 @@ public class FileConfigProvider implements ConfigProvider {
private static final Logger log =
LoggerFactory.getLogger(FileConfigProvider.class);
+ public static final String ALLOWED_PATHS_CONFIG = "allowed.paths";
+ public static final String ALLOWED_PATHS_DOC = "A comma separated list of
paths that this config provider is " +
+ "allowed to access. If not set, all paths are allowed.";
+ private AllowedPaths allowedPaths = null;
Review Comment:
> Could there be users who don't call configure first necessarily? I'm
worried that throwing IllegalStateException could cause backward compatibility
issue.
Throwing IllegalStateException would be a backwards incompatible change, but
I think it's not one that was supported in the first place. Not calling
configure() on these particular implementations because they previously
happened to be no-ops is coupling too closely on the internal implementation of
these classes.
It is a value judgement, and we have to determine which is more valuable.
For the record, I think that exploiting the interface by preventing calls to
configure() is unlikely, I was just thinking about defense in depth.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
