+1 I’ll note that the reproducibility check fails on log4j-bom this time, but not a blocker.
> On Dec 19, 2023, at 3:00 PM, Volkan Yazıcı <vol...@yazi.ci> wrote: > > This is a vote to release the Apache Log4j 3.0.0-beta1 RC2. > > Website: https://logging.staged.apache.org/log4j/3.x > GitHub: https://github.com/apache/logging-log4j2 > Commit: 416cd4dcf419b59c88054d2001d34c7fec010560 > Distribution: https://dist.apache.org/repos/dist/dev/logging/log4j > Nexus: > https://repository.apache.org/content/repositories/orgapachelogging-1252 > Signing key: 0x077e8893a6dcc33dd4a4d5b256e73ba9a0b592d0 > > Please download, test, and cast your votes on this mailing list. > > [ ] +1, release the artifacts > [ ] -1, don't release, because... > > This vote is open for 72 hours and will pass unless getting a > net negative vote count. All votes are welcome and we encourage > everyone to test the release, but only the Logging Services PMC > votes are officially counted. > > PLEASE USE THIS THREAD ONLY FOR VOTING +1 OR -1. IF YOU HAVE THOUGHTS, > CONCERNS, QUESTIONS, ETC. SHARE THEM ELSEWHERE. THIS IS A BETA > RELEASE. WE INTEND TO HAVE SEVERAL OTHER BETA RELEASES. THIS IS NOT > THE CONCLUSIVE `3.0.0` RELEASE. > > == Review Kit > > The minimum set of steps needed to review the uploaded distribution > files in the Subversion repository can be summarized as follows: > > # Check out the distribution > svn co https://dist.apache.org/repos/... && cd $_ > > # Verify checksums > shasum --check *.sha512 > > # Verify signatures > wget -O - https://downloads.apache.org/logging/KEYS | gpg --import > for sigFile in *.asc; do gpg --verify $sigFile; done > > # Verify reproduciblity > umask 0022 > unzip *-src.zip -d src > cd src > export NEXUS_REPO=https://repository.apache.org/content/... > sh mvnw -Prelease verify artifact:compare -Dreference.repo=$NEXUS_REPO > > == Release Notes > > This is the first beta release of the upcoming major release, i.e., `3.0.0`. > > === Added > > * Add annotations for nullability. (LOG4J2-1477) > * Remove deprecated code. (LOG4J2-2493) > * Add a more generalized dependency injection system to plugins > inspired by JSR 330. (LOG4J2-2803) > * Add and enhance structured properties for per-context settings > outside configuration files. (LOG4J2-3299[LOG4J2-3299], #1473) > * Automate artifact publishing and release preparation. (LOG4J2-3466) > * Add support for dependency injection of plugins into container types > such as `Optional<T>`, `Collection<T>`, `Set<T>`, `Stream<T>`, > `List<T>`, and `Map<String, T>`. (LOG4J2-3496) > * Add support for `ConstraintValidator` in plugin classes. (LOG4J2-3497) > > === Changed > > * Remove liquibase-log4j2 maven module (#1193) > * Make the output of annotation processing reproducible. (#1520) > * Replace `synchronized` blocks with locks for improved performance > with virtual threads. (#1532) > * Removes additional `isFiltered` checks in `AsyncLoggerConfig`. (#1550) > * Ignore exceptions thrown by PropertySources. Eliminate > ClassCastException when SimpleLoggerContext is used. > (spring-projects/spring-boot#33450, #1799) > * Update `com.lmax:disruptor` to version `4.0.0` (#1829) > * Migrate most tests to JUnit 5. This includes a more powerful set of > test extensions. (LOG4J2-2653) > * Make Log4j use its own BOM. (LOG4J2-3511) > * Change encoding of HTTP Basic Authentication to UTF-8. (#1970) > * Upgraded the required compiler version to Java 17 > * Upgraded the required runtime version to Java 17 > * Update `actions/checkout` to version `4.1.1` (#1869) > * Update `actions/setup-java` to version `3.13.0` (#1809) > * Update `actions/setup-python` to version `4.7.1` (#1831) > * Update `ch.qos.logback:logback-classic` to version `1.4.14` (#2028) > * Update `com.datastax.cassandra:cassandra-driver-core` to version > `3.11.5` (#1889) > * Update `com.fasterxml.jackson:jackson-bom` to version `2.16.0` (#1974) > * Update `com.github.luben:zstd-jni` to version `1.5.5-11` (#2032) > * Update `com.github.spotbugs:spotbugs-maven-plugin` to version > `4.7.3.6` (#1879) > * Update `com.github.tomakehurst:wiremock-jre8` to version `2.35.1` (#1765) > * Update > `com.google.code.java-allocation-instrumenter:java-allocation-instrumenter` > to version `3.3.4` (#2102) > * Update `com.google.errorprone:error_prone_core` to version `2.23.0` (#1871) > * Update `com.google.guava:guava-testlib` to version `32.1.3-jre` (#1934) > * Update `com.h2database:h2` to version `2.2.224` (#1917) > * Update `commons-codec:commons-codec` to version `1.16.0` (#2054) > * Update `commons-io:commons-io` to version `2.15.1` (#2035) > * Update `commons-logging:commons-logging` to version `1.3.0` (#2046) > * Update `de.flapdoodle.reverse:de.flapdoodle.reverse` to version > `1.7.2` (#2000) > * Update `io.netty:netty-bom` to version `4.1.104.Final` (#2097) > * Update `net.java.dev.jna:jna` to version `5.14.0` (#2082) > * Update `org.apache.aries.spifly:org.apache.aries.spifly.dynamic.bundle` > to version `1.3.7` (#2053) > * Update `org.apache.commons:commons-compress` to version `1.25.0` (#2055) > * Update `org.apache.commons:commons-csv` to version `1.10.0` (#2041) > * Update `org.apache.commons:commons-dbcp2` to version `2.11.0` (#2044) > * Update `org.apache.commons:commons-lang3` to version `3.14.0` (#2036) > * Update `org.apache.commons:commons-pool2` to version `2.12.0` (#2038) > * Update `org.apache.groovy:groovy-bom` to version `4.0.16` (#2039) > * Update `org.apache.maven:maven-core` to version `3.9.6` (#2049) > * Update `org.apache.maven.surefire:surefire-junit47` to version `3.2.3` > (#2091) > * Update `org.apache.tomcat:tomcat-juli` to version `10.1.17` (#2086) > * Update `org.codehaus.plexus:plexus-utils` to version `3.5.1` (#2061) > * Update `org.eclipse.jetty:jetty-bom` to version `9.4.53.v20231009` (#1931) > * Update `org.eclipse.persistence:org.eclipse.persistence.jpa` to > version `2.7.13` (#1933) > * Update `org.eclipse.platform:org.eclipse.osgi` to version `3.18.600` (#2064) > * Update `org.elasticsearch.client:elasticsearch-rest-high-level-client` > to version `7.17.16` (#2085) > * Update `org.graalvm.truffle:truffle-api` to version `23.1.1` (#1872) > * Update `org.jctools:jctools-core` to version `4.0.2` (#1995) > * Update `org.jmdns:jmdns` to version `3.5.9` (#2069) > * Update `org.junit:junit-bom` to version `5.10.1` (#1993) > * Update `org.junit-pioneer:junit-pioneer` to version `2.2.0` (#1986) > * Update `org.mockito:mockito-bom` to version `5.8.0` (#2031) > * Update `org.mongodb:bson` to version `4.11.1` (#1991) > * Update `org.springframework.boot:spring-boot` to version `2.7.17` (#1902) > * Update `org.springframework.boot:spring-boot-dependencies` to > version `2.7.18` (#2002) > * Update `org.springframework:spring-framework-bom` to version `5.3.30` > (#1903) > * Update `org.springframework:spring-test` to version `5.3.31` (#1992) > * Update `org.xerial.snappy:snappy-java` to version `1.1.10.5` (#1877) > * Update `org.zeromq:jeromq` to version `0.5.4` (#1888) > * Update `uk.org.webcompere:system-stubs-core` to version `2.1.5` (#2001) > * Update OpenTest4J from version 1.2.0 to 1.3.0. > > === Removed > > * Remove `GelfLayout` (a GELF-compatible layout is still possible > using JSON Template Layout) (#1951) > * Remove `log4j-cassandra` (#1951) > * Remove `log4j-couchdb` (#1951) > * Remove Jackson-based JSON configuration support. JSON configuration > files are now handled through a built-in JSON parser. > * Moved Log4j Jakarta EE modules (`log4j-jakarta-jms`, > `log4j-jakarta-smtp`, and `log4j-jakarta-web`) to their own > repository[1] and website[2] (#1966) > * Removed all Java EE modules: `log4j-jms`, `log4j-jpa`, `log4j-smtp`, > `log4j-web` (#1966) > * Remove `log4j-jeromq` module (users are recommended to migrate to > loghublog4j2[3]) (#1951) > * Remove `log4j-kafka` (#1951) > * Remove `log4j-layout-jackson-json` module (it is superseded by JSON > Template Layout) (#1951) > * Remove `log4j-layout-jackson-yaml` module (#1951) > * Remove legacy OSGi integration. `ServiceLoader` mechanism should be > used instead. > * Remove `log4j-mongodb3` module (#1951) > * Remove support for `SecurityManager`. Starting in Java 21, a custom > `SecurityManager` cannot be used. > * Remove `log4j-spring-boot` module (its features are upstreamed to > `org.springframework.boot:spring-boot-starter-log4j2`) (#1951) > > [1] https://github.com/apache/logging-log4j-jakarta > [2] https://logging.apache.org/log4j/jakarta > [3] https://github.com/fbacchella/loghublog4j2 > > === Fixed > > * Remove locale-dependent `toLowerCase/toUpperCase` calls. (#1281) > * Add environment variable arbiter. (#1312) > * Fixed logging of java.sql.Date objects by appending it before Log4J > tries to call java.util.Date.toInstant() on it. (#1366) > * Adapt the OSGi metadata of `log4j-api`, `log4j-core`, > `log4j-slf4j-impl` and `log4j-slf4j2-impl` to activate the bundle when > it is accessed. To achieve that set the `Bundle-ActivationPolicy` to > `lazy` for the log4j bundles. (#1367) > * Fix runtime dependencies documentation. (#1530) > * Allow to override fqcn in `Log4jEventBuilder` by implementing > `CallerBoundaryAware`. (#1533) > * Migrate MongoDB tests to JUnit 5 and Flapdoodle Embedded MongoDB 4. (#1589) > * Fixed rollover strategy in the Log4j 1.x compatibility layer. (#1650) > * Only shutdown Log4j after last `Log4jServletContextListener` is > executed. (#1782) > * Fixes context data loss if `<AsyncLogger>` components are used with > an all async logger context. (#1786) > * AppenderLoggingException logging any exception to a MongoDB > Appender. (LOG4J2-3392)
