You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@logging.apache.org by "Ralph Goers (JIRA)" <ji...@apache.org> on 2017/12/31 05:11:00 UTC

[jira] [Commented] (LOG4J2-2037) Include SLF4J in log4j-bom

    [ https://issues.apache.org/jira/browse/LOG4J2-2037?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16307079#comment-16307079 ] 

Ralph Goers commented on LOG4J2-2037:
-------------------------------------

I came up with the idea of "import scope" and implemented it in Maven, so I have a pretty good understanding of how it is supposed to be used. The bill of materials pom file exists so that you can easily include all of the dependencies for a project and the versions without having to manually specify them all in your project's pom. It would be inappropriate for log4j to dictate the versions of other projects you should be using. If you want those projects you should include the pom files they provide.

Case 2 is especially troubling. You say your project is compiling with SLF4J and Log4j 2 is only needed at run time. Yet you want Log4j to bring in the version of SLF4J? That really doesn't make a lot of sense.

I am closing this as I don't it is something we would want to do.

> Include SLF4J in log4j-bom
> --------------------------
>
>                 Key: LOG4J2-2037
>                 URL: https://issues.apache.org/jira/browse/LOG4J2-2037
>             Project: Log4j 2
>          Issue Type: Improvement
>    Affects Versions: 2.9.0
>         Environment: Maven
>            Reporter: Arend v. Reinersdorff
>
> Currently log4j-bom only includes Log4j 2 dependencies. It would be nice log4j-bom would also include an slf4j-api dependency (and maybe other optional dependencies).
> Currently when using Log4j 2 as a backend for SLF4J the Maven dependency management would look like this:
> {code:xml}
>     <dependencyManagement>
>         <dependencies>
>             <dependency>
>                 <groupId>org.slf4j</groupId>
>                 <artifactId>slf4j-api</artifactId>
>                 <version>1.7.25</version> <!-- Must match dependency version of log4j-bom -->
>             </dependency>
>             <dependency>
>                 <groupId>org.apache.logging.log4j</groupId>
>                 <artifactId>log4j-bom</artifactId>
>                 <version>2.9.0</version>
>                 <type>pom</type>
>                 <scope>import</scope>
>             </dependency>
>         </dependencies>
>     </dependencyManagement>
> {code}
>  
> If log4j-bom would specify a dependency for slf4j-api:
> * Dependency management entry for slf4j-api would no longer be needed
> * Keeping the dependency versions of Log4j 2 and SLF4J in sync would much easier. When the dependency version of log4j-bom is increased, it would automatically set the dependency version of slf4j-api.
> As an example see [spring-boot-dependencies | http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22org.springframework.boot%22%20AND%20a%3A%22spring-boot-dependencies%22] BOM which conveniently specifies many optional Spring Boot dependencies.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)