cadonna commented on a change in pull request #11743:
URL: https://github.com/apache/kafka/pull/11743#discussion_r838286400
##########
File path: docs/upgrade.html
##########
@@ -30,6 +30,8 @@ <h5><a id="upgrade_320_notable"
href="#upgrade_320_notable">Notable changes in 3
Users can change this behavior to enable idempotence for some or
all producers
via Connect worker and/or connector configuration. Connect may
enable idempotent producers
by default in a future major release.</li>
+ <li>Kafka has replaced log4j and slf4j-log4j12 with reload4j and
slf4j-reload4j due to security concerns.
+ More information can be found at <a
href"https://reload4j.qos.ch";>reload4j</a>.</li>
Review comment:
```suggestion
<li>Kafka has replaced log4j with reload4j due to security concerns.
More information can be found at <a
href"https://reload4j.qos.ch";>reload4j</a>.</li>
```
##########
File path: LICENSE-binary
##########
@@ -300,8 +300,8 @@ MIT License
argparse4j-0.7.0, see: licenses/argparse-MIT
jopt-simple-5.0.4, see: licenses/jopt-simple-MIT
-slf4j-api-1.7.30, see: licenses/slf4j-MIT
-slf4j-log4j12-1.7.30, see: licenses/slf4j-MIT
+slf4j-api-1.7.36, see: licenses/slf4j-MIT
+slf4j-reload4j-1.7.36, see: licenses/slf4j-MIT
Review comment:
Since `slf4j-api-1.7.36` uses reload4j anyways, we do not need to use
`slf4j-reload4j-1.7.36` anymore. Could you remove it here?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: jira-unsubscr...@kafka.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
