Is there way to override transitive dependency of log4j 1.2.17 to log4j2 for hadoop-hdfs 3.2.1 jar

Others 2022-04-28 15:37:50 views: 0
Yadav :

We are using hadoop-hdfs 3.2.1 jar and it has a transitive dependency on log4j 1.2.17 . In our central NexusIQ scan, it's giving a level 9 issue for log4j dependency. Is there a way to override log4j to log4j2 or any other solution. I tried dependency management but there is no jar in log4j2 with artifact id log4j to override the transitive dependency.

Yadav :

I did manage to solve the similar issue for hbase-shaded-client jar where I had to exclude log4j 1.2.17 dependency.

For that, I did this.

 <dependency>
<groupId>org.apache.hbase</groupId>
<artifactId>hbase-client</artifactId>
<version>...</version>
<exclusions>
  <exclusion>
    <artifactId>log4j</artifactId>
    <groupId>log4j</groupId>
  </exclusion>
</exclusions>


<dependency>
<groupId>org.slf4j</groupId>
<artifactId>log4j-over-slf4j</artifactId>
<version>1.7.25</version>

It worked.

Answer Source

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=358661&siteId=1
Recommended
Open Source Daily | Angular v18; Inference optimization under large model price war; Mistral AI targets the US market with open source models; Silicon Valley has its own Lu Xun
Ranking
ACM summary twelve
Understand high performance and high concurrency from the root (2): Deepen the operating system, understand I/O and zero-copy technology
Ali cloud OSS web end of the forward pass is not dependent on official pupload plug
ServiceMesh study notes 20200418
Complete Guide to BERT Model Distillation (Principle & Technique & Code)
With Nginx proxy requests, the front and rear side cross-domain processing
Digital twin museum solution
How to be a good project manager of R&D projects
ssh:ssh-agent、ssh-add
解决mac ida在中文输入状态下crash问题
Daily
More
2024-05-29(1)
2024-05-28(1)
2024-05-27(1)
2024-05-26(0)
2024-05-25(3)
2024-05-24(12)
2024-05-23(35)
2024-05-22(9)
2024-05-21(35)
2024-05-20(5)

Code World

© 2018 codetd.com