Hi Federico, 1. I updated the KIP to explicitly mention Kafka 5.0 as the version which would adopt the new policy as default. 2. The default allowlist is empty. Users are expected to list all configurations they want to allow. 3. I'm leaning towards keeping it as an explicit list of literal configuration names without regex. If people value regex I'm happy to reconsider.
Thanks, Mickael On Fri, Jul 25, 2025 at 5:35 PM Federico Valeri <[email protected]> wrote: > > Hi Mickael, thanks for this useful KIP. Few questions from me: > > 1. Can you please indicate the exact major version for making this the > default policy? I think you mean Kafka 5.0.0. > 2. What would be the default value of > connector.client.config.override.allowlist? I guess it won't be the > full list of client configurations, otherwise we could make this > change in a Kafka 4 release. > 3. Would connector.client.config.override.allowlist also support regex > expressions? That would be handy to avoid having a long list of client > configuration keys. > > On Wed, Jul 9, 2025 at 5:02 AM Luke Chen <[email protected]> wrote: > > > > Thanks for the KIP! > > +1 from me to make Kafka safer! > > > > Luke > > > > On Fri, Jun 20, 2025 at 8:47 PM Mickael Maison <[email protected]> > > wrote: > > > > > Link to the KIP: > > > > > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-1188%3A+New+ConnectorClientConfigOverridePolicy+with+allowlist+of+configurations > > > > > > On Fri, Jun 20, 2025 at 2:22 PM Mickael Maison <[email protected]> > > > wrote: > > > > > > > > Hi, > > > > > > > > I wrote a KIP introducing a new ConnectorClientConfigOverridePolicy > > > > implementation for Kafka Connect to enable users to selectively allow > > > > specific client configuration overrides. > > > > > > > > Let me know if you have any feedback. > > > > > > > > Thanks, > > > > Mickael > > >
