On Logging dependencies: As far as I understand it, we should not deliver such "log-framework-x to log-framework-y" dependencies as part of a library as it can lead to endless-loops of forwarding logs back and forth if an application or another library includes the reverse forwarding.
So my proposal would be that we only document that some transitive dependencies of Apache POI use slf4j and thus dependencies on either the bridge "log4j -> slf4j" or "slf4j -> log4j" should be added by users, depending on what framework the application wants to use. Thanks... Dominik. On Sun, Jan 9, 2022 at 10:36 PM Andreas Beeker <kiwiwi...@apache.org> wrote: > +1 from me. Thank you for providing the release, PJ! > > Eventually we need to decide, if we only provide the logging api jars or > also the implementation, > as SLF4J is used at least in XmlSec and providing the api is not enough > [1]. > On the other side for log4j-shell, we had the excuse of only providing the > api ... > > Andi > > [1] https://logging.apache.org/log4j/2.x/log4j-slf4j-impl/index.html > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@poi.apache.org > For additional commands, e-mail: dev-h...@poi.apache.org > >
