- Introduce a universal ConfigurableProvider/ProviderConfig abstraction
for ServiceLoader-based components and align PKI bootstrapping
utilities with it.
- Document deterministic provider selection, property-based
configuration conventions, and security requirements (never log config
values), including package-level documentation for spi, spi.store and
spi.bootstrap.
fix: harden audit runtime, fix gzip scanning, add bounds and docs
- Fix FileAuditSink concatenated gzip scan by shielding underlying
stream
- Use JUnit @TempDir for filesystem-backed tests
- Bound InMemoryAuditSink with deterministic ring buffer
- Add ServiceLoader smoke test and expand DefaultAuditService coverage
- Improve JavaDoc and logging across audit implementation
feat: add deterministic tests for PkiBootstrap with real SPI providers
- add JUnit 5 test suite for PkiBootstrap
- cover SPI selection for filesystem PkiStore and audit sinks
- use @TempDir for filesystem-backed providers
- register test ServiceLoader providers under src/test/resources
- ensure deterministic bootstrap behavior via system properties
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
