> On Dec. 20, 2021, 4:59 a.m., bhavik patel wrote: > > pom.xml > > Line 230 (original), 230 (patched) > > <https://reviews.apache.org/r/73771/diff/1/?file=2256691#file2256691line230> > > > > To avoid the confusion between "log4j.core.version" and "log4j.version" > > (at https://github.com/apache/ranger/blob/master/pom.xml#L165) can you > > please rename to log4j2.core.version? > > Pradeep Agrawal wrote: > Log4j dependency on 1.X need to be removed, i am working on it and > checking the scope, accordingly i will create the patch for > jira(RANGER-3558). Hence i am not doing the suggested change in this patch.
ok. - bhavik ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/73771/#review223876 ----------------------------------------------------------- On Dec. 20, 2021, 4:32 a.m., Pradeep Agrawal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/73771/ > ----------------------------------------------------------- > > (Updated Dec. 20, 2021, 4:32 a.m.) > > > Review request for ranger, Don Bosco Durai, Abhay Kulkarni, Madhan Neethiraj, > Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Selvamohan Neethiraj, Sailaja > Polavarapu, and Velmurugan Periasamy. > > > Bugs: RANGER-3557 > https://issues.apache.org/jira/browse/RANGER-3557 > > > Repository: ranger > > > Description > ------- > > RANGER-3557: Upgrade to use log4j 2.17.0+ version to ensure that we are using > supported version of log4j > > > Diffs > ----- > > pom.xml 9953d9757 > > > Diff: https://reviews.apache.org/r/73771/diff/1/ > > > Testing > ------- > > Verified in local vm by build the project and checking for log4j jar which > are < 2.17.0 version. None of them there in Apache ranger. > Apache Ranger doesn't pack log4j jars hence it is fine, we just change the > dependency jar version which are used in some of the modules in ranger. > > > Thanks, > > Pradeep Agrawal > >
