Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update pom.xml #1139

Open
wants to merge 1 commit into
base: 7.2.2-post
Choose a base branch
from
Open

Conversation

ronaldpetty
Copy link

Hi. Thanks for the examples. I am not 100% sure, but I suppose the log4j bugs are what caused these changes.

This tutorial:

https://docs.confluent.io/platform/current/schema-registry/schema_registry_onprem_tutorial.html#create-the-transactions-topic

does not seem to work with the existing pom.xml as the log4j packages moved / versioned. I am actually not sure why the confluent-log4j worked only with a version being set (instead of just taking the latest, maybe a Maven pro can confirm).

Thanks again.

Description

What behavior does this PR change, and why?

Author Validation

Describe the validation already done, or needs to be done, by the PR submitter.

Reviewer Tasks

Describe the tasks/validation that the PR submitter is requesting to be done by the reviewer.

Hi. Thanks for the examples. I am not 100% sure, but I suppose the log4j bugs are what caused these changes.

This tutorial:

https://docs.confluent.io/platform/current/schema-registry/schema_registry_onprem_tutorial.html#create-the-transactions-topic

does not seem to work with the existing pom.xml as the log4j packages moved / versioned. I am actually not sure why the confluent-log4j worked only with a version being set (instead of just taking the latest, maybe a Maven pro can confirm).

Thanks again.
@ronaldpetty ronaldpetty requested a review from a team as a code owner November 1, 2022 17:52
Copy link
Contributor

@davetroiano davetroiano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you for catching this @ronaldpetty!

</dependency>
<!-- Use a repackaged version of log4j with security patches. Default log4j v1.2 is a transitive dependency of slf4j-log4j12, but it is excluded in common/pom.xml -->
<dependency>
<groupId>io.confluent</groupId>
<artifactId>confluent-log4j</artifactId>
<version>1.2.17-cp10</version>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you should be able to remove the confluent-log4j dependency and use this instead:

    <dependency>
      <groupId>ch.qos.reload4j</groupId>
      <artifactId>reload4j</artifactId>
      <version>${reload4j.version}</version>
    </dependency>

Copy link

cla-assistant bot commented Apr 28, 2024

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants