Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update pom.xml #1139

Open
wants to merge 1 commit into
base: 7.2.2-post
Choose a base branch
from
Open

Update pom.xml #1139

wants to merge 1 commit into from

Conversation

ronaldpetty
Copy link

Hi. Thanks for the examples. I am not 100% sure, but I suppose the log4j bugs are what caused these changes.

This tutorial:

https://docs.confluent.io/platform/current/schema-registry/schema_registry_onprem_tutorial.html#create-the-transactions-topic

does not seem to work with the existing pom.xml as the log4j packages moved / versioned. I am actually not sure why the confluent-log4j worked only with a version being set (instead of just taking the latest, maybe a Maven pro can confirm).

Thanks again.

Description

What behavior does this PR change, and why?

Author Validation

Describe the validation already done, or needs to be done, by the PR submitter.

Reviewer Tasks

Describe the tasks/validation that the PR submitter is requesting to be done by the reviewer.

@ronaldpetty
Update pom.xml
ee643c2 
Hi. Thanks for the examples. I am not 100% sure, but I suppose the log4j bugs are what caused these changes.

This tutorial:

https://docs.confluent.io/platform/current/schema-registry/schema_registry_onprem_tutorial.html#create-the-transactions-topic

does not seem to work with the existing pom.xml as the log4j packages moved / versioned. I am actually not sure why the confluent-log4j worked only with a version being set (instead of just taking the latest, maybe a Maven pro can confirm).

Thanks again.
@ronaldpetty ronaldpetty requested a review from a team as a code owner November 1, 2022 17:52
davetroiano
davetroiano requested changes Nov 1, 2022
View reviewed changes
Copy link
Contributor

@davetroiano davetroiano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thank you for catching this @ronaldpetty!

clients/avro/pom.xml
</dependency>
<!-- Use a repackaged version of log4j with security patches. Default log4j v1.2 is a transitive dependency of slf4j-log4j12, but it is excluded in common/pom.xml -->
<dependency>
<groupId>io.confluent</groupId>
<artifactId>confluent-log4j</artifactId>
<version>1.2.17-cp10</version>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you should be able to remove the confluent-log4j dependency and use this instead:

    <dependency>
      <groupId>ch.qos.reload4j</groupId>
      <artifactId>reload4j</artifactId>
      <version>${reload4j.version}</version>
    </dependency>

@cla-assistant CLA Assistant
Copy link

cla-assistant bot commented Apr 28, 2024

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davetroiano davetroiano davetroiano requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ronaldpetty @davetroiano