I can see org.apache.logging.log4j:log4j-core:2.14.0 Library in Gradle dependency tree for my project.
We have not added log4j version from outside. This version is coming as part of transitive dependencies from other jars or spring-boot-starter.
How to override the log4j version in Gradle?
CodePudding user response:
First, find out which log4j-related libraries you are really using, e.g. by
.\gradlew dependencies --configuration=testRuntimeClasspath | find "log4j"
The override them with a current version like so (docs), placed after the dependencies
block:
configurations.all {
resolutionStrategy {
force 'org.apache.logging.log4j:log4j-api:2.16.0'
force 'org.apache.logging.log4j:log4j-core:2.16.0'
force 'org.apache.logging.log4j:log4j-slf4j-impl:2.16.0'
force 'org.apache.logging.log4j:log4j-jul:2.16.0'
}
}
You might need to add more/fewer libraries to that block depending on the results of the check in the beginning.
Since you are using Spring Boot, you can also use a Spring-Boot-specific feature to set the Log4J version:
ext['log4j2.version'] = '2.16.0'
CodePudding user response:
I'm on MacOS and using subprojects:
First I run: ./gradlew projects
which will list my subprojects:
The output:
:projects
------------------------------------------------------------
Root project
------------------------------------------------------------
Root project 'test-backend'
--- Project ':test-suite'
--- Project ':test-suite-services'
\--- Project ':test-utils'
Using the output we can one by one check for dependencies:
./gradlew test-suite:dependencies | grep "log4j"
./gradlew test-suite-services:dependencies | grep "log4j"
./gradlew test-utils:dependencies | grep "log4j"