> https://github.com/jveverka/mvn-dependency-log4j/commit/ac87977c19bb2ee2564d15fa87f255d621a4706d
https://github.com/pzygielo/mvn-dependency-log4j/runs/5425284512?check_suite_focus=true#step:5:1
No log4j:1.2.12:jar is downloaded in that reproducer.
log4j/log4j is excluded by commons-logging from
On Thu, 3 Mar 2022 at 08:37, Thomas Matthijs wrote:
>
> Can confirm this project downloads log4j 1.12.12 for me
As I see it - you confirm something else.
> Failed to read artifact descriptor for log4j:log4j:jar:1.2.12:
Failed to read artifact descriptor for log4j:log4j:jar:1.2.12:
_artifact des
