Hi all,
Since Log4j Audit will not be archived, could someone update its
dependencies? Dependabot has lots of security alerts about it:
https://github.com/apache/logging-log4j-audit/security/dependabot
Piotr
This is a vote to release the Apache Log4j Scala 13.0.0.
Website: https://logging.staged.apache.org/log4j/scala
GitHub: https://github.com/apache/logging-log4j-scala
Commit: 980f4ed0ba53f93d1514df65ddafb6f97396a975
Distribution: https://dist.apache.org/repos/dist/dev/logging/log4j-scala
Nexus: htt
Sure
Ralph
> On Oct 10, 2023, at 2:05 AM, Piotr P. Karwasz wrote:
>
> Hi all,
>
> Since Log4j Audit will not be archived, could someone update its
> dependencies? Dependabot has lots of security alerts about it:
>
> https://github.com/apache/logging-log4j-audit/security/dependabot
>
> Piotr
Hi Volkan,
On Tue, 10 Oct 2023 at 13:24, Volkan Yazıcı wrote:
>
> This is a vote to release the Apache Log4j Scala 13.0.0.
>
> Website: https://logging.staged.apache.org/log4j/scala
> GitHub: https://github.com/apache/logging-log4j-scala
> Commit: 980f4ed0ba53f93d1514df65ddafb6f97396a975
> Distri
Hi Volkan,
Let me try to clarify. The goal/usecase is not to log as an HTML document. We
are assuming a typical text-based log here. Yet, in practice, the logs will be
processed by a variety of systems, including web-based ones, which may have
various vulnerabilities. These vulnerabilities can
Use PropertyEnvironment; it’s the public API. The only methods not exposed by
it are internal ones like reload which are used by some tests.
> On Oct 9, 2023, at 6:37 PM, Ralph Goers wrote:
>
>
>
>> On Oct 9, 2023, at 2:14 PM, Piotr P. Karwasz wrote:
>>
>> On Mon, 9 Oct 2023 at 20:57, Ralph
+1
I also agree that the Scala 3 reproducible build issue is minor.
> On Oct 10, 2023, at 6:21 AM, Volkan Yazıcı wrote:
>
> This is a vote to release the Apache Log4j Scala 13.0.0.
>
> Website: https://logging.staged.apache.org/log4j/scala
> GitHub: https://github.com/apache/logging-log4j-scal
Hello,
We have been talking about log4j-audit (same thread as with log4j-server).
I have checked today after seeing Piotr's message, and even after reading the
readme, I am still trying to figure out the purpose of this product. That
aside, I am concerned the last change was four years ago. -au
I think it would be nice to do a release just to update dependencies.
Gary
On Tue, Oct 10, 2023, 2:33 PM Christian Grobmeier
wrote:
> Hello,
>
> We have been talking about log4j-audit (same thread as with log4j-server).
>
> I have checked today after seeing Piotr's message, and even after read
Log4j Audit has multiple components:
* Audit API for extending log4j-api with some additional audit logging APIs
* Tool for managing your audit event schemata and such (the web app thing)
* Tool for generating structured log classes from the event schemata
Thus, in typical use, you can (and shoul
Yes, I can update the dependencies and do a release.
The primary issue with the project as it stands is the Catalog Editor UI. It is
really stupid. It uses Spring Boot for the UI but it is meant to run locally.
It was suggested I switch the UI to JavaFX but I have never had the chance.
FWWI - L
Hello,
Based on recent comments, I made a branch for using Jekyll on the leading site.
It's a branch, we can discard it. The migration took me 1.5h, excluding this
e-mail - not much wasted.
https://github.com/apache/logging-site/tree/jekyll
This is not yet auto-deployed, but if nobody opposes
As long as we can get those security issues released, I am fine.
Personally I am fine with helping with the editor, if it stays as web app (I
can do react and such).
If it's JavaFX - I am lost. I have hard time helping with Swing in Chainsaw.
Since you mentioned its importance, we should work on
13 matches
Mail list logo
