Should we validate dependency names, like KeyVault names, secret-names, etc...

[fgheysels]

I've seen that the LogAzureKeyVaultDependency method verifies if the secretName and keyvaultUri parameters have a value that is valid as secret-name or KeyVault Uri. If they're not valid, an exception is thrown.

I wonder if we should do that, for the following reasons:

• Additional responsability lies now wih the Arcus library to make sure that we keep this validation-logic up-to-date. Suppose the naming rules change in the future, we must be quick to update our library
• In case of the observability lib, we only use this information for adding that information in our traces. Should we throw exceptions when the information that is passed, represent names that do not represent a valid secretname or keyvault uri ? I don't think it is a problem if that happens ? Moreover, should we allow that an application can crash because of this ?

I think we should not validate this kind of stuff.

[stijnmoreels]

I'm in favor of removing these validation checks. 🙋‍♂️

[fgheysels]

Me too!

@pim-simons @ALaks96 @gverstraete Do you guys have an opinion on this ?

[pim-simons]

I agree, also in favor to remove the validation checks.

[gverstraete]

You could also make this validation extensable...

[stijnmoreels]

Yes, that's also an option. But the limited injections point here would make that rather hard, I think. Maybe Serilog has some extra post-validation for this, but not sure if we should go that far.

[fgheysels]

We can conclude that we agree that we should remove these validations.

Therefore, an issue has been created for this: #287