[
https://issues.apache.org/jira/browse/ZOOKEEPER-4427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17459909#comment-17459909
]
Christopher Tubbs commented on ZOOKEEPER-4427:
----------------------------------------------
I agree. There's no reason to switch to logback. If ZK is using slf4j, then
users can use whatever they want. For ZK's own testing, and default runtime,
log4j2 is fine. It's newer than logback and incorporates its best features and
more. Moving to logback may have been a good idea to replace log4j1.2, but
compared to log4j2, it's a step backwards. See ongoing discussion at
https://lists.apache.org/thread/1ktv03wvqtfg22d13c1yo1lgnjv6xpkt
> Migrate to Logback
> ------------------
>
> Key: ZOOKEEPER-4427
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4427
> Project: ZooKeeper
> Issue Type: Improvement
> Components: other
> Affects Versions: 3.8
> Reporter: Andor Molnar
> Assignee: Andor Molnar
> Priority: Major
> Labels: log4j, logback, logging
> Fix For: 3.8.0
>
>
> Due to the recent issues with log4j2 the migration for another logging
> library has come up again. Although log4j1 is not impacted by the
> vulnerability, the upgrade to log4j2 was abandoned multiple times in ZK
> history.
> I suggest now to migrate to {{logback}} which is also a well-maintained and
> mature project as well as it's much easier to migrate from log4j1.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
