[ https://issues.apache.org/jira/browse/ZOOKEEPER-4427?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17460652#comment-17460652 ]
Christopher Tubbs commented on ZOOKEEPER-4427: ---------------------------------------------- I would prefer slf4j with the latest log4j2, because zk already uses log4j2 and switching is unnecessary work that creates churn for users. Additionally, all the projects I use with zookeeper use log4j2 and I don't want to have to change all my projects pom.xml files to exclude new logback dependencies for dependency convergence. I also prefer log4j2 for the dynamic reconfiguration, colorized logging with jansi and property interpolation, as well as compatibility with my existing log configuration files. Switching may be your preference, but it's not mine, and I don't think personal preference is a compelling reason for a disruptive change. If you want to go with simplicity, the best slf4j runtime binding for that is slf4j-simple. But I think it's fine to leave it as is. > Migrate to Logback > ------------------ > > Key: ZOOKEEPER-4427 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4427 > Project: ZooKeeper > Issue Type: Improvement > Components: other > Affects Versions: 3.8 > Reporter: Andor Molnar > Assignee: Andor Molnar > Priority: Major > Labels: log4j, logback, logging > Fix For: 3.8.0 > > > Due to the recent issues with log4j2 the migration for another logging > library has come up again. Although log4j1 is not impacted by the > vulnerability, the upgrade to log4j2 was abandoned multiple times in ZK > history. > I suggest now to migrate to {{logback}} which is also a well-maintained and > mature project as well as it's much easier to migrate from log4j1. -- This message was sent by Atlassian Jira (v8.20.1#820001)