jlib-awslambda-logback
jlib-awslambda-logback copied to clipboard
jlib-framework
jlib AWS Lambda SLF4J/Logback Appender
I have added the layout in the appender like this ** (\w+@\w+\.\w+) [%d{yyyy-MM-dd HH:mm:ss.SSS}] <%-36X{AWSRequestId}> <%-36X{messageUuid}> %-5level %logger{10} - %msg%n ** **MaskingPatternLayout class:** package com.example.app; import ch.qos.logback.classic.PatternLayout; import ch.qos.logback.classic.spi.ILoggingEvent; import...
We are currently relying on the following versions that are becoming outdated and have some vulnerabilities: ```shell - ch.qos.logback/logback-classic "1.3.0-alpha4" - org.slf4j/log4j-over-slf4j "1.8.0-beta2" ``` Couldn't we upgrade those versions ?...
Seems like that Graal compile fails because of classes shall or should not be reachable at compile time and runtime. A cfg entry in in oracle reachabiloity github repo is...
I'm wondering if your use of a 1.8 beta version of slf4j is deliberate...
Running the [OWASP dependency check](https://owasp.org/www-project-dependency-check/) on version 1.0.0 gives a vulnerability warning `jlib-awslambda-logback-1.0.0.jar (pkg:maven/org.jlib/[email protected], cpe:2.3:a:logback:logback:1.0.0:*:*:*:*:*:*:*) : CVE-2017-5929 ` which corresponds to this issue [CVE-2017-5929](https://nvd.nist.gov/vuln/detail/CVE-2017-5929#range-3595106)
