This is a vote to release version 2.25.4 of Apache Log4j: Website: https://logging.staged.apache.org/log4j/2.25.4/index.html GitHub: https://github.com/apache/logging-log4j2 Commit: 0628e53b25a33e496b509c40a39f2d7c64f2aa6c Distribution: https://dist.apache.org/repos/dist/dev/logging/log4j/2.25.4 Nexus: https://repository.apache.org/content/repositories/orgapachelogging-1324 Signing key: 0x077e8893a6dcc33dd4a4d5b256e73ba9a0b592d0 Review kit: https://logging.apache.org/logging-parent/release-review-instructions.html
This vote is being conducted using an Alpha version of the Apache Trusted Releases (ATR) platform. Please report any bugs or issues to the ASF Tooling team. The ATR release candidate page, including downloads, can be found at: https://release-test.apache.org/vote/logging-log4j/2.25.4 The release artifacts are signed with an OpenPGP key from: https://release-test.apache.org/downloads/logging/KEYS Please review the release candidate and vote accordingly. [ ] +1 Release this package [ ] +0 Abstain [ ] -1 Do not release this package (please provide specific comments) You can vote on ATR at the URL above, or manually by replying to this email. This vote is open for 72 hours and will pass unless getting a net negative vote count. All votes are welcome and we encourage everyone to test the release, but only the Logging Services PMC votes are officially counted. At least 3 +1 votes and more positive than negative votes are required. == Reviewing Notes To reproduce the artifacts you need: * Use Linux or MacOSX. * Set the environment variable `CI=true`. The CI build was reproduced using: CI=true ./mvnw verify \ -Prelease artifact:compare \ -Dreference.repo=https://repository.apache.org/content/repositories/orgapachelogging-1324 JDK version: openjdk 17.0.18 2026-01-20 OpenJDK Runtime Environment Temurin-17.0.18+8 (build 17.0.18+8) OpenJDK 64-Bit Server VM Temurin-17.0.18+8 (build 17.0.18+8, mixed mode, sharing) Due to some breaking changes in the Docker API, I wasn't able to run Docker tests locally (I have version Docker version 29.3.0, build 5927d80) and I had to add `!docker` to the Maven profiles. The CI didn't have any problems. == Release Notes This patch release delivers fixes for configuration inconsistencies and formatting issues across several layouts. * Restores alignment between documented and actual configuration attributes. * Fixes formatting and sanitization issues in XML and RFC5424 layouts. * Improves handling of invalid characters and non-standard values. The authoritative list of recognized configuration attributes is available in the Plugin Reference <https://logging.apache.org/log4j/2.x/plugin-reference.html>. [#release-notes-2-25-4-fixed] === Fixed * Prevent ParameterFormatter issuing a warning in case there is an extra null argument. Needed to support cases with Throwable parameter that may be null. (#3975, #4014) * Restore support for documented `Rfc5424Layout` parameter names. (#4022, #4074) * Take `Throwable#toString()` into account while rendering stack traces in Pattern Layout. (#3623, #4033) * Added debug level logs for successful resource loading in `Loader` class. (#4058, #4060) * Align `SslConfiguration` factory method usage with Log4j 2.12+ API. The `verifyHostname` attribute is not correctly recognized. (#4061, #4075) * Fix sanitization of structured data parameter names in RFC5424 layout. (#4073) * Replace invalid characters in XmlLayout output with the Unicode replacement character (U+FFFD). (#4077) * Replace invalid characters in Log4j1XmlLayout output with the Unicode replacement character (U+FFFD). (#4078) * Replace invalid characters in MapMessage.asXml() output with the Unicode replacement character (U+FFFD). (#4079) * Write non-finite floating-point numbers as strings in `JsonWriter`. (#4080) Thanks, Piotr Karwasz (pkarwasz) This email was sent by [email protected] on the Apache Trusted Releases platform
