I created a PR a while ago to hopefully drop back CASSANDRA-20429 to
cassandra-5.0, see https://github.com/apache/cassandra/pull/4432.
There was an initial discussion in this thread:
https://lists.apache.org/thread/757n89p9j3mfqdmlohm6gxtx1zjtjqbz.
Id like to raise this again to see if we can progress.
To summarize the concern Štefan raised in the above thread:
Logback 1.2 included a feature whereby if you include <jmxConfigurator/>
in the logback.xml file, you could make changes to the logback
configuration through JMX. This feature was removed in logback 1.3/1.4
due to security issues and lack of use and a warning message will now be
generated if that element is included in the logback.xml.
The default cassandra logback.xml file contains this element. The PR
removes the element from the default logback.xml as part of the changes
to upgrade to logback 1.5 as it is no longer useful and would result in
warning messages being generated. However, if someone was to use a
logback.xml from an older cassandra version, then they will get warning
messages in the logs on cassandra start up. If this scenario arises the
user can remove <jmxConfigurator/> from their logback.xml and the
warning messages will no longer be generated.
It would be great to get agreement if people are happy to proceed with
this dropback
