You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by GitBox <gi...@apache.org> on 2022/02/09 12:10:01 UTC

[GitHub] [kafka] FireBurn opened a new pull request #11743: Switch log4j12 to reload4j

FireBurn opened a new pull request #11743:
URL: https://github.com/apache/kafka/pull/11743


   This bumps the slf4j version to 1.7.36 and swaps out log4j 1.2.17 with
   reload4j 1.2.19
   
   Signed-off-by: Mike Lothian <mi...@fireburn.co.uk>
   
   *More detailed description of your change,
   if necessary. The PR title and PR message become
   the squashed commit message, so use a separate
   comment to ping reviewers.*
   
   *Summary of testing strategy (including rationale)
   for the feature or bug fix. Unit and/or integration
   tests are expected for any behaviour change and
   system tests should be considered for larger changes.*
   
   ### Committer Checklist (excluded from commit message)
   - [ ] Verify design and implementation 
   - [ ] Verify test coverage and CI build status
   - [ ] Verify documentation (including upgrade notes)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080690140


   Sorry, I did not intent to hijack the ticket, but code freeze is this Wednesday I we did not know if you were available. OK then we can stay on this PR.  


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080969629


   > 2\. ./gradlew printAllDependencies
   
   That's that sorted now


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080975043


   > @FireBurn What do you mean exactly with "a lot of references"? If you run `./gradlew printAllDependencies` you will see that no log4j12 library is pulled into (except for the projects I listed above). It does not matter if `slf4j-log4j12` contains `log4j12` in its name, the binding `slf4j-log4j12` in version 1.7.36 will pull reload4j.
   
   The only references to log4j in build.gradle are the excludes now


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081928483


   Does the simpler change have all the excludes required to stop log4j1 appearing in the dependency tree?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1083115631


   @cadonna Can you please cherry-pick this to 3.1.x as well so that it's part of 3.1.1?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna merged pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna merged pull request #11743:
URL: https://github.com/apache/kafka/pull/11743


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080932860


   Doesn't the other request still have a lot of references to log4j?
   
   I'm online now and can make any changes you'd like, unless you'd rather go for the other PR


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080720126


   @cadonna your PR seems simpler. We can set @FireBurn as co-author and go with yours perhaps?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838293097



##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,8 @@ <h5><a id="upgrade_320_notable" href="#upgrade_320_notable">Notable changes in 3
             Users can change this behavior to enable idempotence for some or all producers
             via Connect worker and/or connector configuration. Connect may enable idempotent producers
             by default in a future major release.</li>
+        <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j due to security concerns.
+             More information can be found at <a href"https://reload4j.qos.ch">reload4j</a>.</li>

Review comment:
       Again slf4j-reload4j is used




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] showuon commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

showuon commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081347153


   > > @showuon I only found the log4j12 dependencies in the following projects:
   > 
   > > streams:upgrade-system-tests-0100
   > > streams:upgrade-system-tests-0101
   > 
   > > I guess they are not included in the release.
   > 
   > The log4j12 dependency is pulled into the project by the Streams library in version 0.10.0 and 0.10.1 that is used. These two project are only used for upgrade system tests. Thus, I think that is not an issue.
   
   @cadonna , agree. Then it LGTM now, except your PR is much more simpler than this one. Either one is good to me. Thanks.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r837166148



##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,8 @@ <h5><a id="upgrade_320_notable" href="#upgrade_320_notable">Notable changes in 3
             Users can change this behavior to enable idempotence for some or all producers
             via Connect worker and/or connector configuration. Connect may enable idempotent producers
             by default in a future major release.</li>
+        <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j due to security concerns.
+             More info can be found at <a href"https://reload4j.qos.ch">reload4j</a>.</li>

Review comment:
       Changed




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1083501431


   Failures are unrelated:
   
   ```
   Build / JDK 17 and Scala 2.13 / org.apache.kafka.connect.integration.ConnectorRestartApiIntegrationTest.testMultiWorkerRestartOnlyConnector
   Build / JDK 11 and Scala 2.13 / org.apache.kafka.connect.integration.RebalanceSourceConnectorsIntegrationTest.testStartTwoConnectors
   Build / JDK 11 and Scala 2.13 / org.apache.kafka.connect.integration.TransformationIntegrationTest.testFilterOnTopicNameWithSinkConnector
   Build / JDK 8 and Scala 2.12 / kafka.admin.LeaderElectionCommandTest.[1] Type=Raft, Name=testElectionResultOutput, Security=PLAINTEXT
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna edited a comment on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna edited a comment on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080716374


   > @showuon I only found the log4j12 dependencies in the following projects:
   
    >   streams:upgrade-system-tests-0100
       streams:upgrade-system-tests-0101
   
   >I guess they are not included in the release.
   
   The log4j12 dependency is pulled into the project by the Streams library that is used. This project is only used for upgrade system tests. Thus, I think that is not an issue.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1077678693


   We should add something to the notable changes in `upgrade.html`.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838286400



##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,8 @@ <h5><a id="upgrade_320_notable" href="#upgrade_320_notable">Notable changes in 3
             Users can change this behavior to enable idempotence for some or all producers
             via Connect worker and/or connector configuration. Connect may enable idempotent producers
             by default in a future major release.</li>
+        <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j due to security concerns.
+             More information can be found at <a href"https://reload4j.qos.ch">reload4j</a>.</li>

Review comment:
       ```suggestion
           <li>Kafka has replaced log4j with reload4j due to security concerns.
                More information can be found at <a href"https://reload4j.qos.ch">reload4j</a>.</li>
   ```

##########
File path: LICENSE-binary
##########
@@ -300,8 +300,8 @@ MIT License
 
 argparse4j-0.7.0, see: licenses/argparse-MIT
 jopt-simple-5.0.4, see: licenses/jopt-simple-MIT
-slf4j-api-1.7.30, see: licenses/slf4j-MIT
-slf4j-log4j12-1.7.30, see: licenses/slf4j-MIT
+slf4j-api-1.7.36, see: licenses/slf4j-MIT
+slf4j-reload4j-1.7.36, see: licenses/slf4j-MIT

Review comment:
       Since `slf4j-api-1.7.36` uses reload4j anyways, we do not need to use `slf4j-reload4j-1.7.36` anymore. Could you remove it here? 




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838318295



##########
File path: LICENSE-binary
##########
@@ -300,8 +300,8 @@ MIT License
 
 argparse4j-0.7.0, see: licenses/argparse-MIT
 jopt-simple-5.0.4, see: licenses/jopt-simple-MIT
-slf4j-api-1.7.30, see: licenses/slf4j-MIT
-slf4j-log4j12-1.7.30, see: licenses/slf4j-MIT
+slf4j-api-1.7.36, see: licenses/slf4j-MIT
+slf4j-reload4j-1.7.36, see: licenses/slf4j-MIT

Review comment:
       Ah, I confirm that it is in the libs folder. I did not expect it! Thank you for checking!




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838331110



##########
File path: LICENSE-binary
##########
@@ -300,8 +300,8 @@ MIT License
 
 argparse4j-0.7.0, see: licenses/argparse-MIT
 jopt-simple-5.0.4, see: licenses/jopt-simple-MIT
-slf4j-api-1.7.30, see: licenses/slf4j-MIT
-slf4j-log4j12-1.7.30, see: licenses/slf4j-MIT
+slf4j-api-1.7.36, see: licenses/slf4j-MIT
+slf4j-reload4j-1.7.36, see: licenses/slf4j-MIT

Review comment:
       No probs. I've double checked the docs (https://www.slf4j.org/manual.html) slf4j-api -> (slf4j-log4j12 ->) slf4j-reload4j -> reload4j




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r837144158



##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,7 @@ <h5><a id="upgrade_320_notable" href="#upgrade_320_notable">Notable changes in 3
             Users can change this behavior to enable idempotence for some or all producers
             via Connect worker and/or connector configuration. Connect may enable idempotent producers
             by default in a future major release.</li>
+        <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j. More info can be found at <a href"https://reload4j.qos.ch">reload4j</a>

Review comment:
       Changed




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081855214


   > > The log4j12 dependency is pulled into the project by the Streams library in version 0.10.0 and 0.10.1 that is used. These two project are only used for upgrade system tests. Thus, I think that is not an issue.
   > 
   > Have you verified that the tarball generated by `releaseTarGz` doesn't include log4j 1.2?
   
   I've confirmed it, we've been running with this change in production since the log4j vulnerability was announced and reload4j was created 
   
   I'll happily backport it to any branches you'd like. We're using it in 2.4.0 and 3.1.0


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r834356826



##########
File path: gradle/dependencies.gradle
##########
@@ -189,14 +188,15 @@ libs += [
   powermockJunit4: "org.powermock:powermock-module-junit4:$versions.powermock",
   powermockEasymock: "org.powermock:powermock-api-easymock:$versions.powermock",
   reflections: "org.reflections:reflections:$versions.reflections",
+  reload4j: "ch.qos.reload4j:reload4j:$versions.reload4j",
   rocksDBJni: "org.rocksdb:rocksdbjni:$versions.rocksDB",
   scalaCollectionCompat: "org.scala-lang.modules:scala-collection-compat_$versions.baseScala:$versions.scalaCollectionCompat",
   scalaJava8Compat: "org.scala-lang.modules:scala-java8-compat_$versions.baseScala:$versions.scalaJava8Compat",
   scalaLibrary: "org.scala-lang:scala-library:$versions.scala",
   scalaLogging: "com.typesafe.scala-logging:scala-logging_$versions.baseScala:$versions.scalaLogging",
   scalaReflect: "org.scala-lang:scala-reflect:$versions.scala",
   slf4jApi: "org.slf4j:slf4j-api:$versions.slf4j",
-  slf4jlog4j: "org.slf4j:slf4j-log4j12:$versions.slf4j",
+  slf4jreload4j: "org.slf4j:slf4j-reload4j:$versions.slf4j",

Review comment:
       Similar for this.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna edited a comment on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna edited a comment on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080690140


   Sorry, I did not intent to hijack the ticket, but code freeze is this Wednesday and we did not know if you were available. OK then we can stay on this PR.  


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080626666


   @showuon I only found the log4j12 dependencies in the following projects:
   - `streams:upgrade-system-tests-0100`
   - `streams:upgrade-system-tests-0101`
   
   I guess they are not included in the release.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna edited a comment on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna edited a comment on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080690140


   @FireBurn Sorry, I did not intent to hijack the ticket, but code freeze is this Wednesday and we did not know if you were available. OK then we can stay on this PR.  


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna edited a comment on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna edited a comment on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080716374


   > @showuon I only found the log4j12 dependencies in the following projects:
   
    >   streams:upgrade-system-tests-0100
       streams:upgrade-system-tests-0101
   
   >I guess they are not included in the release.
   
   The log4j12 dependency is pulled into the project by the Streams library in version 0.10.0 and 0.10.1 that is used. These two project are only used for upgrade system tests. Thus, I think that is not an issue.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] showuon commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

showuon commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r837009747



##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,7 @@ <h5><a id="upgrade_320_notable" href="#upgrade_320_notable">Notable changes in 3
             Users can change this behavior to enable idempotence for some or all producers
             via Connect worker and/or connector configuration. Connect may enable idempotent producers
             by default in a future major release.</li>
+        <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j. More info can be found at <a href"https://reload4j.qos.ch">reload4j</a>

Review comment:
       nit: Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j [to mitigate security risks]. ...




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna edited a comment on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna edited a comment on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081905181


   @FireBurn If it is a question of authorship, I am fine with you copying my branch into your repo and opening a PR from there. In the end I just copied and modified your PR.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081891052


   I confirm that with both PRs log4j is not in the distribution tgz.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1084548876


   Thanks for guiding me through 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1082704786


   You're right, that is a lot simpler and doesn't require all the excludes


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r836707205



##########
File path: gradle/dependencies.gradle
##########
@@ -177,7 +177,6 @@ libs += [
   kafkaStreams_28: "org.apache.kafka:kafka-streams:$versions.kafka_28",
   kafkaStreams_30: "org.apache.kafka:kafka-streams:$versions.kafka_30",
   kafkaStreams_31: "org.apache.kafka:kafka-streams:$versions.kafka_31",
-  log4j: "log4j:log4j:$versions.log4j",

Review comment:
       I've kept things in alphabetical order




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080941806


   @FireBurn What do you mean exactly with "a lot of references"? If you run `./gradlew printAllDependencies` you will see that no log4j12 library is pulled into (except for the projects I listed above). It does not matter if `slf4j-log4j12` contains log4j12 in its name, the binding will pull reload4j. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081841090


   We may want to backport this PR to older branches, so the simpler change in the other PR is preferable in my opinion.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838293097



##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,8 @@ <h5><a id="upgrade_320_notable" href="#upgrade_320_notable">Notable changes in 3
             Users can change this behavior to enable idempotence for some or all producers
             via Connect worker and/or connector configuration. Connect may enable idempotent producers
             by default in a future major release.</li>
+        <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j due to security concerns.
+             More information can be found at <a href"https://reload4j.qos.ch">reload4j</a>.</li>

Review comment:
       slf4j-reload4j is used




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] showuon commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

showuon commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r837152310



##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,8 @@ <h5><a id="upgrade_320_notable" href="#upgrade_320_notable">Notable changes in 3
             Users can change this behavior to enable idempotence for some or all producers
             via Connect worker and/or connector configuration. Connect may enable idempotent producers
             by default in a future major release.</li>
+        <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j due to security concerns.
+             More info can be found at <a href"https://reload4j.qos.ch">reload4j</a>.</li>

Review comment:
       nit: More [information] can be found ...




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1083060299


   There was a conflict due to the RocksDB upgrade, I've resolved it and repushed 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1083117729


   > @cadonna Can you please cherry-pick this to 3.1.x as well so that it's part of 3.1.1?
   
   Yes \cc @tombentley 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r834356644



##########
File path: gradle/dependencies.gradle
##########
@@ -177,7 +177,6 @@ libs += [
   kafkaStreams_28: "org.apache.kafka:kafka-streams:$versions.kafka_28",
   kafkaStreams_30: "org.apache.kafka:kafka-streams:$versions.kafka_30",
   kafkaStreams_31: "org.apache.kafka:kafka-streams:$versions.kafka_31",
-  log4j: "log4j:log4j:$versions.log4j",

Review comment:
       Can we just switch this to point to reload4j?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna edited a comment on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna edited a comment on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080690140


   @FireBurn Sorry, I did not intend to hijack the ticket, but code freeze is this Wednesday and we did not know if you were available. OK then we can stay on this PR.  


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r836668095



##########
File path: gradle/dependencies.gradle
##########
@@ -189,14 +188,15 @@ libs += [
   powermockJunit4: "org.powermock:powermock-module-junit4:$versions.powermock",
   powermockEasymock: "org.powermock:powermock-api-easymock:$versions.powermock",
   reflections: "org.reflections:reflections:$versions.reflections",
+  reload4j: "ch.qos.reload4j:reload4j:$versions.reload4j",
   rocksDBJni: "org.rocksdb:rocksdbjni:$versions.rocksDB",
   scalaCollectionCompat: "org.scala-lang.modules:scala-collection-compat_$versions.baseScala:$versions.scalaCollectionCompat",
   scalaJava8Compat: "org.scala-lang.modules:scala-java8-compat_$versions.baseScala:$versions.scalaJava8Compat",
   scalaLibrary: "org.scala-lang:scala-library:$versions.scala",
   scalaLogging: "com.typesafe.scala-logging:scala-logging_$versions.baseScala:$versions.scalaLogging",
   scalaReflect: "org.scala-lang:scala-reflect:$versions.scala",
   slf4jApi: "org.slf4j:slf4j-api:$versions.slf4j",
-  slf4jlog4j: "org.slf4j:slf4j-log4j12:$versions.slf4j",
+  slf4jreload4j: "org.slf4j:slf4j-reload4j:$versions.slf4j",

Review comment:
       I imagine an explicit reference to the resource we'd be using would be better than relying on a redirect




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080686115


   Since we haven't gotten any answer from the original author for a couple of days and code freeze is approaching, I opened a new PR: https://github.com/apache/kafka/pull/11956 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080687801


   Sorry I can update it tonight


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080716374


   > @showuon I only found the log4j12 dependencies in the following projects:
   
    >   streams:upgrade-system-tests-0100
       streams:upgrade-system-tests-0101
   
   >I guess they are not included in the release.
   
   The log4j12 dependency is pulled into the project by the Streams library that is used. This project is only used for upgrade system tests. Thus, I think that is not an issue.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080721434


   Fine with me! 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081864291


   @FireBurn Thanks for offering to backport. Still, can we please go with the simpler option? Since we have no automated tests for this kind of thing and manual verification is required for each backported branch, it's better for all involved if the changes are minimal.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1082833005


   Once the builds are good, I will merge this PR to trunk and cherry-pick it to 3.2.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081905181


   @FireBurn If it is a question of authorship, I am fine with you copying my branch into your repo and opening a PR from there. In the end I just modified your PR.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838292620



##########
File path: LICENSE-binary
##########
@@ -300,8 +300,8 @@ MIT License
 
 argparse4j-0.7.0, see: licenses/argparse-MIT
 jopt-simple-5.0.4, see: licenses/jopt-simple-MIT
-slf4j-api-1.7.30, see: licenses/slf4j-MIT
-slf4j-log4j12-1.7.30, see: licenses/slf4j-MIT
+slf4j-api-1.7.36, see: licenses/slf4j-MIT
+slf4j-reload4j-1.7.36, see: licenses/slf4j-MIT

Review comment:
       It is used and is included in the libs folder




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] edoardocomar commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

edoardocomar commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1079291632


   thanks @FireBurn 
   I had a black box go at building and running Kafka built with this PR and it looked good to me


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] FireBurn commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

FireBurn commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838190268



##########
File path: gradle/dependencies.gradle
##########
@@ -177,7 +177,6 @@ libs += [
   kafkaStreams_28: "org.apache.kafka:kafka-streams:$versions.kafka_28",
   kafkaStreams_30: "org.apache.kafka:kafka-streams:$versions.kafka_30",
   kafkaStreams_31: "org.apache.kafka:kafka-streams:$versions.kafka_31",
-  log4j: "log4j:log4j:$versions.log4j",

Review comment:
       Yip that was simpler




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838475928



##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,8 @@ <h5><a id="upgrade_320_notable" href="#upgrade_320_notable">Notable changes in 3
             Users can change this behavior to enable idempotence for some or all producers
             via Connect worker and/or connector configuration. Connect may enable idempotent producers
             by default in a future major release.</li>
+        <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and slf4j-reload4j due to security concerns.
+             More information can be found at <a href"https://reload4j.qos.ch">reload4j</a>.</li>

Review comment:
       Even though slf4j-reload4j is used, this is automatic via usage of slf4j-log4j. I'd keep the simpler message regarding log4j and reload4j - that's the bit that customers care about.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna edited a comment on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna edited a comment on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1080941806


   @FireBurn What do you mean exactly with "a lot of references"? If you run `./gradlew printAllDependencies` you will see that no log4j12 library is pulled into (except for the projects I listed above). It does not matter if `slf4j-log4j12` contains `log4j12` in its name, the binding `slf4j-log4j12` in version 1.7.36 will pull reload4j. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081839852


   > The log4j12 dependency is pulled into the project by the Streams library in version 0.10.0 and 0.10.1 that is used. These two project are only used for upgrade system tests. Thus, I think that is not an issue.
   
   Have you verified that the tarball generated by `releaseTarGz` doesn't include log4j 1.2?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1081849333


   > Have you verified that the tarball generated by releaseTarGz doesn't include log4j 1.2?
   
   Good point! No, I haven't. I am on it!


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] ijuma commented on a change in pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

ijuma commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r834371938



##########
File path: gradle/dependencies.gradle
##########
@@ -189,14 +188,15 @@ libs += [
   powermockJunit4: "org.powermock:powermock-module-junit4:$versions.powermock",
   powermockEasymock: "org.powermock:powermock-api-easymock:$versions.powermock",
   reflections: "org.reflections:reflections:$versions.reflections",
+  reload4j: "ch.qos.reload4j:reload4j:$versions.reload4j",
   rocksDBJni: "org.rocksdb:rocksdbjni:$versions.rocksDB",
   scalaCollectionCompat: "org.scala-lang.modules:scala-collection-compat_$versions.baseScala:$versions.scalaCollectionCompat",
   scalaJava8Compat: "org.scala-lang.modules:scala-java8-compat_$versions.baseScala:$versions.scalaJava8Compat",
   scalaLibrary: "org.scala-lang:scala-library:$versions.scala",
   scalaLogging: "com.typesafe.scala-logging:scala-logging_$versions.baseScala:$versions.scalaLogging",
   scalaReflect: "org.scala-lang:scala-reflect:$versions.scala",
   slf4jApi: "org.slf4j:slf4j-api:$versions.slf4j",
-  slf4jlog4j: "org.slf4j:slf4j-log4j12:$versions.slf4j",
+  slf4jreload4j: "org.slf4j:slf4j-reload4j:$versions.slf4j",

Review comment:
       Do we need to use `slf4j-reload4j`? The website states:
   
   > 2022-01-25 - Release of SLF4J 1.7.35
   > • In this release, the "slf4j-log4j12" artifact automatically instructs Maven to use the "slf4j-reload4j" artifact instead. As you might have guessed, the "slf4j-reload4j" binding delegates log processing to the reload4j logging framework.
   
   https://www.slf4j.org/news.html




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [kafka] cadonna commented on pull request #11743: KAFKA-13660: Switch log4j12 to reload4j

Posted by GitBox <gi...@apache.org>.

cadonna commented on pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#issuecomment-1083550804






-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: jira-unsubscribe@kafka.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org