Keith Wall

> using m_tls to prove its a proxy communicating with the broker it expects to but that says nothing about the identity of the user making the connection? That's my...

> In our case, https://github.com/kroxylicious/kroxylicious/pull/1631 was more about belt-and-braces, requiring both authorisation-to-connect via client TLS certificates and authentication-and-authorisation-to-operate via SASL. actually, maybe that the best the best stance. That avoids...

@piotrpdev thanks for the defect report. Two things: 1. `io.kroxylicious.kubernetes.operator.KindInstallKT#isEnvironmentValid` should mean that the tests are skipped if the kind isn't available on the path. Where is the detection going...

Thanks @piotrpdev. I have a feeling I've been down the "why's junit4 on the classpath" rabbit hole before. Guess we need to adapt the code to catch AssumptionViolatedException too.

> It feels like it isn't highlighting a bug and that ProduceRequest|Response filters will likely be able to tolerate both styles (0-ack and n-acks). I think the warn is spurious....

Aside: what would you think to having the project use `-Dspotbugs.fork=false` to avoid the additional JVM overhead. A quick test on my machine shows this save 35 seconds, which is...

> is the javadoc on this method correct? No, it should say that the request is dropped. The connection remains open. The only time this makes sense is for requests...

> It's unclear what record validation bejaviour should be in the context of zero-ack requests. The producer is firing and forgetting, with no response from the broker expected. We still...

Triaged, 2024/8/21, we said we should kill the `forwardPartialRequests` feature. It use would probably lead to more harm than good.

Thanks @ShubhamRwt. Sorry for the tardy reply. You approach looks reasonable. I'd suggest opening the PR as soon as you've got the first use-case working, so we can start feeding...