tallpsmith commented on a change in pull request #662:
URL: https://github.com/apache/activemq/pull/662#discussion_r781738258
##########
File path: pom.xml
##########
@@ -82,7 +80,8 @@
<junit-version>4.13.2</junit-version>
<hamcrest-version>1.3</hamcrest-version>
<karaf-version>4.2.10</karaf-version>
- <log4j-version>1.2.17</log4j-version>
+ <slf4j-version>1.7.30</slf4j-version>
+ <log4j-version>2.14.1</log4j-version>
Review comment:
Not every corporation allows their staff to contribute back to open
source (tricky copyright), so I wouldn't say "great position" for all companies
(certainly not mine).
The irony of me being a previous active log4j contributor many moons ago is
not lost on me here either.
You are correct that companies could have chosen to upgrade/migrate to
Artemis. But, if ActiveMQ classic is still "supported" in the sense that it is
not _officially_ listed as EOL (like log4j 1.x is), then it would be
_preferabble_ if dependencies are reviewed, and older ones migrated away from.
As a previous open-source contributor, I totally understand this is a
community effort, and I personally value all the hard work being done by
volunteers.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
