On Thu, Jul 17, 2008 at 9:36 PM, Les Hazlewood <[EMAIL PROTECTED]> wrote: > You have to do that anyway because of the beanutils dependency (unless you > won't use JSecurity's text or web.xml configuration - I don't know your > usage scenario). If the next stable release of beanutils had SLF4J as a > dependency instead of commons logging, it would make much more sense to me > to switch to SLF4J. But I don't know it is worth doing so until this > happens.
I'm pretty sure we won't be using the beanutils based config but rather use either our embedding API or our Spring based config. The latter currently bring in jcl-over-slf4j so that's not a win anyways. > Are commons projects managed by different PMCs? That is, is > commons-beanutils managed by a different PMC than commons-beanutils? I know > they report to the Jakarta PMC, but I was wondering if there were sub-PMCs > that have respective decision making ability. If not, it would be easiest > if all commons projects used SLF4J, and then we wouldn't have to worry about > it anymore for almost any Apache project. No, it's the same PMC but different commiters tend to work on the different components. It's now its own TLP and no longer under Jakarta. Since the commiter-per-component thing, making overarching decisions for all components is hard, at least that's my gut feeling. > Or, maybe a better question is that why can't the next version of > commons-logging (2.0?) just do what SLF4J does today with static binding? > If everyone is so eager to move towards that model, why can't they make the > change and then SLF4J becomes reduntant? The benefit of this is that we > would be able to continue to use an internal Apache project, not an external > one. Well, maybe because SLF4J has made JCL redundant. Also, Ceki who's the author of SLF4J is a long-time Apache commiter and, Apache projects (at least not those I follow) don't tend to prefer a dependency just because it's at Apache. If it's under a compatible license and is a stable project, great. > I have a strong suspicion that this request has been beaten to death by the > commons-logging respective PMC (it seems to be a somewhat frequent request) > so I don't know that it'd be worth joining the user list and debating it > further. Maybe it would, but my main focus is on our upcoming release > candidate, and I don't know that I could take more logging debates... That's understood, I was just thinking it might be a benefit for JSecurity if you worry about the download size/complexity with including jcl-over-slf4j. /niklas
