The pom.xml changes look reasonable to me. I haven't checked it out and played with it. I was thinking I'd have time, but I just got buried with work elsewhere.
I do wonder if log4j should have two modules: * log4j-appserver (Tomcat 9 or less) * log4j-appserver-jakarta (Tomcat 10 or greater) Are there enough users of log4j-appserver for this to be useful? Eventually, the world will need to adapt the the Jarkarta EE reality but I imagine it will take years or decades. Thoughts? Tim On Wed, Jan 26, 2022 at 10:55 AM Volkan Yazıcı <vol...@yazi.ci> wrote: > Mind somebody reviewing the following PR, please? > https://github.com/apache/logging-log4j2/pull/730 > Time, what do you think? > > On Mon, Jan 24, 2022 at 10:21 PM Tim Perry <tim.v...@gmail.com> wrote: > > > Sorry Volkan, I think I somehow searched the wrong pom.xml. I was > convinced > > appserver was bringing in log4j-jms, but it isn't. > > > > You will need to update the servlet version. This won't work with Tomcat > > 10: > > <dependency> > > <groupId>javax.servlet</groupId> > > <artifactId>javax.servlet-api</artifactId> > > <version>3.0.1</version> > > <scope>provided</scope> > > </dependency> > > > > Sorry for the confusion. > > > > On Mon, Jan 24, 2022 at 1:09 PM Volkan Yazıcı <vol...@yazi.ci> wrote: > > > > > This PR only addresses `log4j-appserver`, which doesn't have any > `javax` > > > package dependencies. Quoting from my comment to the PR: > > > > > > "AFAIK, Tomcat is only used by `log4j-appserver`. There I don't see any > > > dependencies on the `javax` namespace, but just an implementation of > > > `org.apache.juli.logging.Log` packaged by Tomcat. All CI checks also > look > > > green – note that there are no tests associated with `log4j-appserver`, > > > though compilation succeeds. I don't see a reason not to upgrade. If > the > > > user wants to stick to a Tomcat version <10, they can still do so. > > > `org.apache.juli.logging.Log` looks to be intact, hence I don't foresee > > any > > > compatibility issues." > > > > > > Hence I still think this is a legit upgrade. Am I missing something? > > > > > > On Sun, Jan 23, 2022 at 1:14 AM Tim Perry <tim.v...@gmail.com> wrote: > > > > > > > Many libraries are producing one code line for the javax.* > environment > > > and > > > > another code line for the jakarta.* environment. This is because when > > > > Oracle gave the Eclipse Foundation the J2EE code they required name > > > > changes. This affects code using Servlet API, JPA, Bean Validation,et > > > > cetera. > > > > > > > > Spring: > > > > spring 5 uses javax.* and spring 6 will support jakarta.* > > > > > > > > Hibernate: > > > > Hibernate Validator 6.x will keep the javax.* packages while > Hibernate > > > > Validator 7.x moved to the jakarta.* packages. > > > > > > > > > > > > > > https://in.relation.to/2021/01/06/hibernate-validator-700-62-final-released/ > > > > > > > > Tomcat: > > > > When first released, Tomcat 9 and Tomcat 10 were functionally > > identical, > > > > except Tomcat 10 supported jakarta.* and Tomcat 9 supported javax.*. > > They > > > > have slowly diverged as more features have been added to Tomcat 10. > The > > > > difference isn't very big. > > > > > > > > > > > > For log4j, I suspect we'll need to release two versions of log4j-web > > and > > > > log4j-jpa: one for backwards compatibility with javax.* and another > for > > > > Jakarta EE. We might need to do this for other libs as well. > > > > > > > > Looking through the source, I only see "import javax.servlet" in: > > > > log4j-samples > > > > log4j-taglib > > > > log4j-web > > > > src/site/asciidoc > > > > > > > > I see "import javax.persistence in: > > > > log4j-jpa > > > > log4j-perf > > > > > > > > If I expand my search to "import javax", I see this many more > places. I > > > > don't think all of these are affected by the Jakarta EE change. If I > > was > > > at > > > > a unix box I could slice and dice the imports, but here are the > > packages > > > > that might be affected. > > > > log4j-1.2-api > > > > log4j-core > > > > log4j-flume-ng > > > > log4j-jdbc > > > > log4j-jms > > > > log4j-jmx-guil > > > > log4j-jpa > > > > log4j-kafka > > > > log4j-layout-jakcons-xml > > > > log4j-perf > > > > log4j-plugins > > > > log4j-samples > > > > log4j-smtp > > > > log4j-taglib > > > > log4j-web > > > > src/site/asciidoc > > > > > > > > FWIW, I think I tabulated these on an old master branch. > > > > > > > > On Fri, Jan 21, 2022 at 12:26 AM Volkan Yazıcı <vol...@yazi.ci> > wrote: > > > > > > > > > This Tomcat upgrade looks legit to me. > > > > > Nevertheless, I'd appreciate it if a Tomcat veteran could weigh in. > > > > > > > > > > ---------- Forwarded message --------- > > > > > From: knoxyz <notificati...@github.com> > > > > > Date: Thu, Jan 20, 2022 at 3:28 PM > > > > > Subject: Re: [apache/logging-log4j2] Bump tomcat-catalina from > 8.5.20 > > > to > > > > > 10.0.14 (PR #662) > > > > > To: apache/logging-log4j2 <logging-log...@noreply.github.com> > > > > > Cc: Subscribed <subscri...@noreply.github.com> > > > > > > > > > > > > > > > Pay attention! > > > > > tomcat 8 and 9 are pretty good compatible, but with version 10 > comes > > > huge > > > > > breaks (namespace javax -> jakarta)! > > > > > Therefore still tomcat 9 is in use by the most production > > environments > > > > and > > > > > not supported from the most API and frameworks. > > > > > > > > > > https://tomcat.apache.org/migration-10.html > > > > > > > > > > *There is a significant breaking change between Tomcat 9.0.x and > > Tomcat > > > > > 10.0.x. The Java package used by the specification APIs has changed > > > from > > > > > javax... to jakarta.... It will be necessary to recompile web > > > > applications > > > > > against the new APIs.* > > > > > > > > > > tomcat 8 and 9 > > > > > > > > > > — > > > > > Reply to this email directly, view it on GitHub > > > > > < > > > > > > > > > > https://github.com/apache/logging-log4j2/pull/662#issuecomment-1017564083 > > > > > >, > > > > > or unsubscribe > > > > > < > > > > > > > > > > > > > > > https://github.com/notifications/unsubscribe-auth/AAARTSPJ3TLBKEMT2FHBXW3UXALXHANCNFSM5KZH66WA > > > > > > > > > > > . > > > > > You are receiving this because you are subscribed to this > > > thread.Message > > > > > ID: <apache/logging-log4j2/pull/662/c1017564...@github.com> > > > > > > > > > > > > > > >
