[
https://issues.apache.org/jira/browse/WHISKER-18?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Philipp Ottlinger updated WHISKER-18:
-------------------------------------
Description:
In order to provide a fix against
[https://app.snyk.io/vuln/SNYK-JAVA-LOG4J-572732]
upgrade to SLF4J/Log4j2.
* Cleanup of pom.xml and GHA build scripts on the way (build is more similar
to Creadur RAT):
** use temurin JDK
** use v4 of setup-java GHA
** manage module dependencies in root pom
** use TLS links, removed comments
During the development interesting problems were revealed on certain windows
versions:
during invoker-runs an old SNAPSHOT was taken into account that pulled in old
API SNAPSHOTs during GitHubAction runs!
was:
In order to provide a fix against
[https://app.snyk.io/vuln/SNYK-JAVA-LOG4J-572732]
upgrade to SLF4J/Log4j2.
* Cleanup of pom.xml and GHA build scripts on the way (build is more similar
to Creadur RAT):
** use temurin JDK
** use v4 of setup-java GHA
** manage module dependencies in root pom
** use TLS links, removed comments
> Upgrade to log4j2
> -----------------
>
> Key: WHISKER-18
> URL: https://issues.apache.org/jira/browse/WHISKER-18
> Project: Apache Whisker
> Issue Type: Improvement
> Reporter: Philipp Ottlinger
> Assignee: Philipp Ottlinger
> Priority: Major
> Fix For: 0.2
>
>
> In order to provide a fix against
> [https://app.snyk.io/vuln/SNYK-JAVA-LOG4J-572732]
> upgrade to SLF4J/Log4j2.
> * Cleanup of pom.xml and GHA build scripts on the way (build is more similar
> to Creadur RAT):
> ** use temurin JDK
> ** use v4 of setup-java GHA
> ** manage module dependencies in root pom
> ** use TLS links, removed comments
> During the development interesting problems were revealed on certain windows
> versions:
> during invoker-runs an old SNAPSHOT was taken into account that pulled in old
> API SNAPSHOTs during GitHubAction runs!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
