Re: [I] Missing property in the log4j-parent pom file in version 2.25.0 [logging-log4j2]

Sat, 30 Aug 2025 12:06:46 -0700 


snicoll commented on issue #3779:
URL: 
https://github.com/apache/logging-log4j2/issues/3779#issuecomment-3239451013

   > Shipping a patch release solely to silence a log line is unusual and 
creates upgrade churn for many downstream projects 
   
   I don't believe this to be accurate. I don't think this is about silencing 
an ERROR log, but rather to fix an invalid POM. I've used the dependency 
resolver of the Maven project against `org.apache.logging.log4j:log4j:2.25.1` 
and this is what I got:
   
   ```
   20:34:53.015 [main] WARN  i.s.p.s.r.m.DefaultDependencyResolver - Model for 
'org.apache.logging.log4j:log4j:2.25.1:pom' is incomplete:
   [[WARNING] 'build.plugins.plugin.version' for 
org.codehaus.gmavenplus:gmavenplus-plugin is missing. @ 
org.apache.logging.log4j:log4j:2.25.1, 
/Users/snicoll/workspace/work/projects-support/projects-support/build/repo-test/org/apache/logging/log4j/log4j/2.25.1/log4j-2.25.1.pom,
   [WARNING] 'build.plugins.plugin.version' for 
org.apache.maven.plugins:maven-clean-plugin is missing. @ 
org.apache.logging.log4j:log4j:2.25.1, 
/Users/snicoll/workspace/work/projects-support/projects-support/build/repo-test/org/apache/logging/log4j/log4j/2.25.1/log4j-2.25.1.pom,
   [WARNING] 'build.plugins.plugin.version' for 
org.apache.maven.plugins:maven-enforcer-plugin is missing. @ 
org.apache.logging.log4j:log4j:2.25.1, 
/Users/snicoll/workspace/work/projects-support/projects-support/build/repo-test/org/apache/logging/log4j/log4j/2.25.1/log4j-2.25.1.pom,
   [ERROR] 'dependencies.dependency.version' for 
com.google.errorprone:error_prone_annotations:jar must be a valid version but 
is '${error-prone.version}'. @ org.apache.logging.log4j:log4j:2.25.1, 
/Users/snicoll/workspace/work/projects-support/projects-support/build/repo-test/org/apache/logging/log4j/log4j/2.25.1/log4j-2.25.1.pom]
   ```
   
   As @wilkinsona eluded in the issue he's created, this could cause other 
build tools to fail depending how strict they are with the error.
   
   As for creating upgrade churn, we had our fair share of that trying to 
upgrade to Log4J 2.25 so I'd really hope we could put this behind us and not 
have to do that + whatever is coming at us for 2.26. I am out next week but we 
can coordinate for the week after unless someone else on the team has time 
before that.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to