The Apache Log4j 2 team is pleased to announce the Log4j 2.10.0 release!
Apache Log4j is a well known framework for logging application behavior.
Log4j 2 is an upgrade to Log4j that provides significant improvements
over its predecessor, Log4j 1.x, and providesmany other modern features
such as support for Markers, lambda expressions for lazy logging,
property substitution using Lookups, multiple patterns on a
PatternLayout and asynchronousLoggers. Another notable Log4j 2 feature
is the ability to be "garbage-free" (avoid allocating temporary objects)
while logging. In addition, Log4j 2 will not lose events while
reconfiguring.
This release contains new features, bugfixes and minor enhancements.
Some of the new features include support for the Java 9 module system,
support for the new SLF4j 1.8 bindingmechanism, simplification of the
Log4j property naming scheme, and native support of Jetty's logger.
Log4j API is now a fully compliant Java 9 module while the other Log4j
jars are Java 9 named automatic modules.
This release supports both SLF4J 1.7.x and SLF4J 1.8.x. Because SLF4J
1.7.x requires implementations to include classes in the org.slf4j.impl
package log4j-sl4j-impl cannot be used as a Java 9 module. Support for
SLF4J 1.7.x will be removed in a future release.
As of Log4j 2.9.0, the Log4j API was modified to use
java.util.ServiceLoader to locate Log4j implementations, although the
former binding mechanism is still supported. The Log4j API jar is now a
multi-release jar to provide implementations of Java 9 specific classes.
Multi-release jars are not supported by the OSGi specification so OSGi
modules will not be able to take advantage of these implementations but
will not lose functionality as they will fall back to the
implementations used in Java 7 and 8. More details on the new features
and fixes are itemized below. Note that some tools are not compatible
with multi-release jars and may fail trying to process class files in
the META-INF/versions/9 folder. Those errors should be reported to the
tool vendor.
During testing of the release it was found that one unit test fails when
run on Windows. When building from source either use “mvn clean install
-DskipTests” on Windows or run the build on a different operating
system. The unit test failure is a problem in the test, not in Log4j. As
always, pre-built distributions can be downloaded
from http://www.apache.org/dist/logging/log4j/ or the binaries jars may
be obtained from the Maven central repository.
Note that subsequent to the 2.9.0 release, for security reasons,
SerializedLayout is deprecated and no longer used as default in the
Socket and JMS appenders. SerializedLayout can still be used as before,
but has to be specified explicitly. To retain old behaviour, you have to
change configuration like:
<Appenders>
<Socket name="socket" host="localhost" port="9500"/>
</Appenders>
into:
<Appenders>
<Socket name="socket" host="localhost" port="9500">
<SerializedLayout/>
</Socket>
</Appenders>
We do, however, discourage the use of SerializedLayout and recommend
JsonLayout as a replacement:
<Appenders>
<Socket name="socket" host="localhost" port="9500">
<JsonLayout properties="true"/>
</Socket>
</Appenders>
Note that subsequent to the 2.9.0 release, for security reasons, Log4j
does not process DTD in XML files. If you used DTD for including
snippets, you have to use XInclude or Composite Configuration instead.
The Log4j 2.10.0 API, as well as many core components, maintains binary
compatibility with previous releases.
GA Release 2.10.0
Changes in this version include:
New Features
•LOG4J2-2120: Properly escape newlines and other control characters in
JSON. Thanks to Carter Douglas Kozak.
•LOG4J2-2109: Add property to disable message pattern converter lookups.
Thanks to Carter Douglas Kozak.
•LOG4J2-2112: MapMessage should use deep toString for values. Thanks to
Carter Douglas Kozak.
•LOG4J2-2103: XML encoding for PatternLayout.
•LOG4J2-2114: Provide a native Log4j 2 implementation of Eclipse Jetty's
org.eclipse.jetty.util.log.Logger.
•LOG4J2-1203: Allow filtering of line breaks in layout pattern. Thanks
to Robert Turner.
•LOG4J2-2098: Add a noop AppenderSkeleton for applications still using
Log4j 1.x.
•LOG4J2-2062: Add possibility of sending the key of a message to Kafka
using KafkaAppender. Thanks to Jorge Sanchez.
•LOG4J2-2056: Modularize Log4j-api and make most other log4j jars
automatic modules.
•LOG4J2-1431: Simplify log4j system property naming scheme.
•LOG4J2-1809: Add global configuration environment SPI.
•LOG4J2-1694: Add fields with fixed values to JSON/XML/YAML layouts.
Thanks to Michal Dvořák.
•LOG4J2-2054: Provide ways to configure SSL that avoid plain-text
passwords in the log4j configuration. The configuration may now specify
a system environment variable that holds the password, or the path to a
file that holds the password.
•LOG4J2-2071: Add
org.apache.logging.log4j.core.config.composite.CompositeConfiguration#toString().
Thanks to Carter Kozak.
Fixed Bugs
•LOG4J2-2107: MapMessage supports both StringBuilderFormattable and
MultiformatMessage. Thanks to Carter Douglas Kozak.
•LOG4J2-2102: MapMessage JSON encoding will escape keys and values.
Thanks to Carter Douglas Kozak.
•LOG4J2-2101: Non-string value in MapMessage caused ClassCastException.
Thanks to Carter Douglas Kozak.
•LOG4J2-2091: Log4j respects the configured "log4j2.is.webapp" property
Thanks to Carter Douglas Kozak.
•LOG4J2-2100: LevelMixIn class for Jackson is coded incorrectly
•LOG4J2-2087: Jansi now needs to be enabled explicitly (by setting
system property log4j.skipJansi to false). To avoid causing problems for
web applications, Log4j will no longer automatically try to load Jansi
without explicit configuration. Thanks to Andy Gumbrecht.
•LOG4J2-2060: AbstractDatabaseManager should make a copy of LogEvents
before holding references to them: AsyncLogger log events are mutable.
•LOG4J2-2055: If Log4j is used as the Tomcat logging implementation
startup might fail if an application also uses Log4j.
•LOG4J2-2031: Until this change, messages appeared out of order in log
file any time when the async logging queue was full. With this change,
messages are only logged out of order to prevent deadlock when Log4j2
detects recursive logging while the queue is full.
•LOG4J2-2053: Exception java.nio.charset.UnsupportedCharsetException:
cp65001 in 2.9.0.
•LOG4J2-1216: Nested pattern layout options broken. Thanks to Thies
Wellpott, Barna Zsombor Klara, GFriedrich.
•LOG4J2-2070: Log4j1XmlLayout does not provide the entire stack trace,
it is missing the caused by information. Thanks to Doug Hughes.
•LOG4J2-2036: CompositeConfiguration supports Reconfiguration. PR #115.
Thanks to Robert Haycock.
•LOG4J2-2073: Log4j-config.xsd should make AppenderRef optional for each
Logger element. Thanks to Patrick Lucas.
•LOG4J2-2074: The console appender should say why it cannot load JAnsi.
•LOG4J2-2085: Wrong Apache Commons CSV version referenced in the Javadoc
of CsvParameterLayout. Thanks to István Neuwirth.
Changes
•LOG4J2-2076: Split up log4j-nosql into one module per appender.
•LOG4J2-2088: Upgrade picocli to 2.0.3 from 0.9.8.
•LOG4J2-2025: Provide support for overriding the Tomcat Log class in
Tomcat 8.5+.
•LOG4J2-2057: Support new SLF4J binding mechanism introduced in SLF4J 1.8.
•LOG4J2-2052: Disable thread name caching by default when running on
Java 8u102 or later.
•LOG4J2-1896: Update classes in org.apache.logging.log4j.core.net.ssl in
APIs from String to a PasswordProvider producing char[] for passwords.
•LOG4J2-2078: Update LMAX disruptor from 3.3.6 to 3.3.7.
•LOG4J2-2081: Update Apache Commons Compress from 1.14 to 1.15.
•LOG4J2-2089: [TagLib] Update servlet-api provided dependency from 2.5
to 3.0.1.
•LOG4J2-2096: Update Apache Kafka kafka-clients from 0.11.0.1 to 1.0.0.
•LOG4J2-2077: Update from Jackson 2.9.1 to 2.9.2.
•LOG4J2-2117: Jackson dependencies for 2.9.2 incorrectly bring in
jackson-annotations 2.9.0 instead of 2.9.2.
Apache Log4j 2.10.0 requires a minimum of Java 7 to build and run. Log4j
2.3 was the last release that supported Java 6.
Basic compatibility with Log4j 1.x is provided through the log4j-1.2-api
component, however it does not implement some of the very implementation
specific classes and methods. The package names and Maven groupId have
been changed to org.apache.logging.log4j to avoid any conflicts with
log4j 1.x.
For complete information on Apache Log4j 2, including instructions on
how to submit bug reports, patches, or suggestions for improvement, see
the Apache Apache Log4j 2 website: https://logging.apache.org/log4j/2.x/
