multibit-legacy / error-reporting-service Goto Github PK

The release must ensure:

• all snapshot dependencies are completed
• local verification of the service has been performed (MultiBit HD works against service etc)

To release:

• merge develop into master
• use mvn versions:set -DnewVersion=0.1.0
• build, commit and push

delivered as HTML

BritService has been refactored to include a brit-core module. ErrorReportingService has a similar structural requirement and would introduce a simple error-reporting-core library into MultiBit HD and ErrorReportingService thereby simplifying both projects.

Having an email makes for a convenient reminder that an error report has been uploaded. If traffic gets too high due to scale/duplication then it should be configurable to switch it off.

It would be useful to add the error report number to the notifcation emails.

Require Linux/Windows variants for completeness.

With the introduction of MultiBit Commons much of the lower level code and Maven configuration can be simplified.

Require a parser for the decrypted error report that can extract a collection of log events for Logstash to import into Elasticsearch.

It should be possible to create a UUID to group all the log messages together and provide the metadata for the error report (upload timestamp, OS, MultiBit HD version etc).

Elasticsearch API details are here: http://www.elastic.co/guide/en/elasticsearch/client/java-api/1.x/index_.html

For more security, can you change old spongycastle (based on old bouncycastle) to bouncycastle?

• https://www.bouncycastle.org/
• https://www.bouncycastle.org/releasenotes.html
• http://www.bouncycastle.org/latest_releases.html
• https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=bouncy%20castle
• https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=bouncycastle
• https://www.cvedetails.com/vulnerability-list/vendor_id-7637/Bouncycastle.html

An uploaded error report should be persisted - encrypted - in the event of an ELK failure so that it can be restored at a later date.