This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/storm.git
The following commit(s) were added to refs/heads/master by this push:
new e0d8d8885 STORM-4131: Update log4j2 to a non-borked version (#3807)
e0d8d8885 is described below
commit e0d8d8885c00e916feeb264068fdf7db02bea85e
Author: Tim Allison <[email protected]>
AuthorDate: Fri Dec 6 13:00:43 2024 -0500
STORM-4131: Update log4j2 to a non-borked version (#3807)
* Update log4j2
* Update LICENSE-binary
* Update DEPENDENCY-LICENSES
---
DEPENDENCY-LICENSES | 10 +++++-----
LICENSE-binary | 10 +++++-----
pom.xml | 2 +-
3 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/DEPENDENCY-LICENSES b/DEPENDENCY-LICENSES
index 24fcf1bfa..e94f289bc 100644
--- a/DEPENDENCY-LICENSES
+++ b/DEPENDENCY-LICENSES
@@ -92,10 +92,10 @@ List of third-party dependencies grouped by their license
type.
* Apache HttpCore (org.apache.httpcomponents:httpcore:4.4.16 -
http://hc.apache.org/httpcomponents-core-ga)
* Apache Ivy (org.apache.ivy:ivy:2.4.0 - http://ant.apache.org/ivy/)
* Apache Kafka (org.apache.kafka:kafka-clients:3.9.0 -
https://kafka.apache.org)
- * Apache Log4j 1.x Compatibility API
(org.apache.logging.log4j:log4j-1.2-api:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-1.2-api/)
- * Apache Log4j API (org.apache.logging.log4j:log4j-api:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-api/)
- * Apache Log4j Core (org.apache.logging.log4j:log4j-core:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-core/)
- * Apache Log4j Web (org.apache.logging.log4j:log4j-web:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-web/)
+ * Apache Log4j 1.x Compatibility API
(org.apache.logging.log4j:log4j-1.2-api:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j/log4j-1.2-api/)
+ * Apache Log4j API (org.apache.logging.log4j:log4j-api:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j/log4j-api/)
+ * Apache Log4j Core (org.apache.logging.log4j:log4j-core:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j/log4j-core/)
+ * Apache Log4j Web (org.apache.logging.log4j:log4j-web:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j/log4j-web/)
* Apache Maven Shade Plugin
(org.apache.maven.plugins:maven-shade-plugin:3.6.0 -
https://maven.apache.org/plugins/maven-shade-plugin/)
* Apache Maven Shared Utils
(org.apache.maven.shared:maven-shared-utils:3.2.1 -
https://maven.apache.org/shared/maven-shared-utils/)
* Apache Parquet Hadoop Bundle
(org.apache.parquet:parquet-hadoop-bundle:1.10.0 - https://parquet.apache.org)
@@ -342,7 +342,7 @@ List of third-party dependencies grouped by their license
type.
* Prometheus Metrics Tracer OpenTelemetry
(io.prometheus:prometheus-metrics-tracer-otel:1.3.3 -
http://github.com/prometheus/client_java/prometheus-metrics-tracer/prometheus-metrics-tracer-otel)
* Prometheus Metrics Tracer OpenTelemetry Agent
(io.prometheus:prometheus-metrics-tracer-otel-agent:1.3.3 -
http://github.com/prometheus/client_java/prometheus-metrics-tracer/prometheus-metrics-tracer-otel-agent)
* sigar (org.fusesource:sigar:1.6.4 - http://fusesource.com/sigar/)
- * SLF4J 1 Binding for Log4j API
(org.apache.logging.log4j:log4j-slf4j-impl:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-slf4j-impl/)
+ * SLF4J 1 Binding for Log4j API
(org.apache.logging.log4j:log4j-slf4j-impl:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j/log4j-slf4j-impl/)
* SnakeYAML (org.yaml:snakeyaml:2.2 -
https://bitbucket.org/snakeyaml/snakeyaml)
* snappy-java (org.xerial.snappy:snappy-java:1.1.10.7 -
https://github.com/xerial/snappy-java)
* Spring AOP (org.springframework:spring-aop:5.3.27 -
https://github.com/spring-projects/spring-framework)
diff --git a/LICENSE-binary b/LICENSE-binary
index eba259a35..69ed4bb09 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -731,11 +731,11 @@ The license texts of these dependencies can be found in
the licenses directory.
* Apache HttpCore (org.apache.httpcomponents:httpcore:4.4.16 -
http://hc.apache.org/httpcomponents-core-ga)
* Apache Ivy (org.apache.ivy:ivy:2.4.0 - http://ant.apache.org/ivy/)
* Apache Kafka (org.apache.kafka:kafka-clients:3.9.0 -
https://kafka.apache.org)
- * Apache Log4j 1.x Compatibility API
(org.apache.logging.log4j:log4j-1.2-api:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j-1.2-api/)
- * Apache Log4j API (org.apache.logging.log4j:log4j-api:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j-api/)
- * Apache Log4j Core (org.apache.logging.log4j:log4j-core:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j-core/)
- * Apache Log4j SLF4J Binding
(org.apache.logging.log4j:log4j-slf4j-impl:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j-slf4j-impl/)
- * Apache Log4j Web (org.apache.logging.log4j:log4j-web:2.24.1 -
https://logging.apache.org/log4j/2.x/log4j-web/)
+ * Apache Log4j 1.x Compatibility API
(org.apache.logging.log4j:log4j-1.2-api:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j-1.2-api/)
+ * Apache Log4j API (org.apache.logging.log4j:log4j-api:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j-api/)
+ * Apache Log4j Core (org.apache.logging.log4j:log4j-core:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j-core/)
+ * Apache Log4j SLF4J Binding
(org.apache.logging.log4j:log4j-slf4j-impl:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j-slf4j-impl/)
+ * Apache Log4j Web (org.apache.logging.log4j:log4j-web:2.24.2 -
https://logging.apache.org/log4j/2.x/log4j-web/)
* Apache Parquet Hadoop Bundle
(org.apache.parquet:parquet-hadoop-bundle:1.10.0 - https://parquet.apache.org)
* Apache Thrift (org.apache.thrift:libfb303:0.9.3 -
http://thrift.apache.org)
* Apache Thrift (org.apache.thrift:libthrift:0.19.0 -
http://thrift.apache.org)
diff --git a/pom.xml b/pom.xml
index 63ae63120..cd56578c9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -107,7 +107,7 @@
<netty-tcnative.version>2.0.69.Final</netty-tcnative.version>
<netty.version>4.1.115.Final</netty.version>
<sysout-over-slf4j.version>1.0.2</sysout-over-slf4j.version>
- <log4j.version>2.24.1</log4j.version>
+ <log4j.version>2.24.2</log4j.version>
<slf4j.version>1.7.36</slf4j.version>
<metrics.version>4.2.28</metrics.version>
<mockito.version>5.14.2</mockito.version>
