| |
@@ -95,9 +95,9 @@
|
| |
<optional>true</optional>
|
| |
</dependency>
|
| |
<dependency>
|
| |
- <groupId>log4j</groupId>
|
| |
- <artifactId>log4j</artifactId>
|
| |
- <version>1.2.17</version>
|
| |
+ <groupId>org.apache.logging.log4j</groupId>
|
| |
+ <artifactId>log4j-1.2-api</artifactId>
|
| |
+ <version>2.13.3</version>
|
| |
<optional>true</optional>
|
| |
</dependency>
|
| |
<dependency>
|
| |
log4j12 is old and gross and has open security bugs. I want to get rid of it.
Serendipitously, log4j 2 actually provides a 1.2 API shim that requires no code changes.
Test builds in COPR:
https://copr.fedorainfracloud.org/coprs/decathorpe/jdom2-log4j-pr/monitor/
Not sure if the jdom2-junit module is actually used by anything :shrug: