Release notes

3.0.0-beta3

Release date

2024-11-09

This release terminates the modularization process of Log4j Core, by moving all the code that uses optional log4j-core dependencies into new modules:

Separate lifecycle

  • The Flume Appender releases will follow its own lifecycle.

  • All the logging bridges from and to Log4j API have been removed from the Log4j Core 3.x release. Please manage your dependencies with log4j-bom to always use the compatible version of the logging bridges.

Added

  • Add useFqdn configuration attribute to RFC5424 Layout. (1740)

  • Split off JNDI support of log4j-jdbc to a new log4j-jdbc-jndi module (1914)

  • Add "Plugin Reference" to the website. It is a Javadoc-on-steroids focusing on Log4j plugins. (1954)

  • Split extended compression algorithm support to new log4j-compress module. (2921)

Changed

  • Remove JAnsi library support, since Windows console supports ANSI escapes now. (1736)

  • Move DisruptorBlockingQueue plugin to new log4j-conversant module. (2914)

  • Rewrite JAnsiTextRenderer to work without JAnsi library. (2916)

Fixed

  • Switch MongoDB tests to use Docker. (2229)

  • Fix custom thread-context data provider handling in lookups and filters. (2331)

  • Fix reloading of the configuration from an HTTP(S) source (2937)

  • Fix Android-related issues in Log4j Core. (3056)

  • Website is migrated to Antora with several formatting and link fixes (2443)

Removed

  • Remove named date & time formatting patterns in Pattern Layout, except for UNIX and UNIX_MILLIS (3150)

  • Move Flume Appender to its own release lifecycle. (2902)

  • Remove ThrowableProxy and its usages (3047)

  • Remove logging bridges from distribution and reference their 2.x equivalents in log4j-bom.

  • Remove CLI tools to generate logger wrappers and convert configuration files. These tools will be available in the next release of Log4j Transform.

  • Remove deprecated org.apache.logging.log4j.core.appender.rolling.action.Duration class.

  • Remove log4j-1.2-api module (2621)

  • Remove log4j-iostreams module (2630)

Updated

  • Rename the log4j-mongodb4, module, package, and classes in favor of log4j-mongodb, in other words, drop the 4; tracks the current MongoDB client driver.

  • Update apache/logging-parent to version `` (2598)

  • Update com.fasterxml.jackson:jackson-bom to version 2.18.1 (3136)

  • Update io.fabric8:docker-maven-plugin to version 0.45.1 (3036)

  • Update org.apache.commons:commons-compress to version 1.27.1 (2870)

  • Update org.apache.commons:commons-csv to version 1.12.0 (3020)

  • Update org.apache.commons:commons-dbcp2 to version 2.12.0 (2342)

  • Update org.apache.logging.log4j:log4j-api to version 2.24.1 (3035)

  • Update org.jctools:jctools-core to version 4.0.5 (2638)

  • Update org.jspecify:jspecify to version 1.0.0 (2750)

  • Update org.mongodb:bson to version 5.2.1 (3179)

  • Update org.springframework.boot:spring-boot-autoconfigure to version 3.3.5 (3120)

  • Update org.springframework.cloud:spring-cloud-context to version 4.1.4 (2733)

  • Update org.springframework:spring-framework-bom to version 6.1.14 (3102)

3.0.0-beta2

This release provides a continuation of the modularisation process of Log4j Core. The following features were moved to separate artifacts:

  • The async logger feature was moved to log4j-async-logger and it was upgraded to use LMAX Disruptor 4.x. The async appender is still available by default in log4j-core.

  • The YAML configuration is available now in log4j-config-yaml.

  • The Java properties configuration was removed and replaced with a similar format based on jackson-dataformat-properties.

Other features were removed:

  • Jetty 9.x users are encouraged to migrate to Jetty 10.x or later and replace log4j-appserver with log4j-slf4j2-impl.

  • Tomcat JULI support is available from a third-party project (cf. tomcat-juli-to-log4j).

  • Apache Commons Logging users are encouraged to upgrade commons-logging to version 1.3.0 or later and remove log4j-jcl.

  • Support for the XML layout was dropped.

  • Support for JMX was dropped and will be replaced with a more recent technology.

Added

  • Add and update DSLs for setting up dependency injection for test and non-test code. (2147)

  • Add a ConfigurationExtension mechanism to allow third-party JARs to extend the <Configuration> element.

  • Add a new properties configuration factory based on jackson-dataformat-properties.

Changed

  • Change the order of evaluation of FormattedMessage formatters. Messages are evaluated using java.util.Format only if they don’t comply to the java.text.MessageFormat or ParameterizedMessage format. (1223)

  • Split off async logger support into a new log4j-async-logger module.

  • Split off YAML configuration into a new log4j-config-yaml module.

Fixed

  • Rewrote message parameter formatter with improved escape handling (1626)

  • The MongoDb4 appender now supports long values to configure collectionSize (1747)

  • Mark JdkMapAdapterStringMap as frozen if map is immutable. (2098)

  • Fix regression in JdkMapAdapterStringMap performance. (2238)

  • Prevents ClassCastException when trying to assign a SimpleLoggerContext to a core LoggerContext (LOG4J2-1921)

  • Possible NullPointerException in MongoDb4DocumentObject, MongoDbDocumentObject, DefaultNoSqlObject. (LOG4J2-3392)

  • Fix NPE in CloseableThreadContext. (1426)

  • Fix NPE in RollingFileManager. (1645)

  • Fix log4j-spring-cloud-config-client dependencies to include only those required. (2157)

  • Workaround a Coursier/Ivy dependency resolution bug affecting log4j-slf4j-impl and log4j-mongodb3. (2065)

Removed

  • Removed legacy 2.x properties configuration factory.

  • Remove DefaultLogEventFactory

  • Remove log4j-appserver module (2257)

  • Remove org.apache.logging.log4j.core.parser and related packages. (2154)

  • Remove log4j-jcl module (2257)

  • Removed JMX support.

  • Remove log4j-layout-jackson module (2198)

  • Remove log4j-layout-jackson-xml module (2198)

  • Remove log4j2.enable.threadlocals property (2105)

Updated

  • Update apache/logging-parent to version `` (2191)

  • Update com.fasterxml.jackson:jackson-bom to version 2.16.1 (2127)

  • Update commons-codec:commons-codec to version 1.16.1 (2276)

  • Update io.netty:netty-bom to version 4.1.107.Final (2283)

  • Update org.apache.logging:logging-parent to version 10.6.0 (2193)

  • Update org.apache.tomcat:tomcat-juli to version 10.1.18 (2176)

  • Update org.eclipse.jetty:jetty-bom to version 9.4.54.v20240208 (2285)

  • Update org.jctools:jctools-core to version 4.0.3 (2267)

  • Update org.slf4j:slf4j-api to version 2.0.10 (2136)

  • Update org.springframework.boot:spring-boot-autoconfigure to version 3.2.2 (2222)

  • Update org.springframework.cloud:spring-cloud-context to version 4.1.1 (2236)

  • Update org.springframework:spring-framework-bom to version 6.1.4 (2294)

3.0.0-beta1

This is the first beta release of the upcoming major release, i.e., 3.0.0.

Added

  • Add annotations for nullability. (LOG4J2-1477)

  • Remove deprecated code. (LOG4J2-2493)

  • Add a more generalized dependency injection system to plugins inspired by JSR 330. (LOG4J2-2803)

  • Add and enhance structured properties for per-context settings outside configuration files. (LOG4J2-3299, 1473)

  • Automate artifact publishing and release preparation. (LOG4J2-3466)

  • Add support for dependency injection of plugins into container types such as Optional<T>, Collection<T>, Set<T>, Stream<T>, List<T>, and Map<String, T>. (LOG4J2-3496)

  • Add support for ConstraintValidator in plugin classes. (LOG4J2-3497)

Changed

  • Remove liquibase-log4j2 maven module (1193)

  • Make the output of annotation processing reproducible. (1520)

  • Replace synchronized blocks with locks for improved performance with virtual threads. (1532)

  • Removes additional isFiltered checks in AsyncLoggerConfig. (1550)

  • Ignore exceptions thrown by PropertySources. Eliminate ClassCastException when SimpleLoggerContext is used. (Spring-33450, 1799)

  • Update com.lmax:disruptor to version 4.0.0 (1829)

  • Migrate most tests to JUnit 5. This includes a more powerful set of test extensions. (LOG4J2-2653)

  • Make Log4j use its own BOM. (LOG4J2-3511)

  • Change encoding of HTTP Basic Authentication to UTF-8. (1970)

  • Upgraded the required compiler version to Java 17

  • Upgraded the required runtime version to Java 17

  • Update actions/checkout to version 4.1.1 (1869)

  • Update actions/setup-java to version 3.13.0 (1809)

  • Update actions/setup-python to version 4.7.1 (1831)

  • Update ch.qos.logback:logback-classic to version 1.4.14 (2028)

  • Update com.datastax.cassandra:cassandra-driver-core to version 3.11.5 (1889)

  • Update com.fasterxml.jackson:jackson-bom to version 2.16.0 (1974)

  • Update com.github.luben:zstd-jni to version 1.5.5-11 (2032)

  • Update com.github.spotbugs:spotbugs-maven-plugin to version 4.7.3.6 (1879)

  • Update com.github.tomakehurst:wiremock-jre8 to version 2.35.1 (1765)

  • Update com.google.code.java-allocation-instrumenter:java-allocation-instrumenter to version 3.3.4 (2102)

  • Update com.google.errorprone:error_prone_core to version 2.23.0 (1871)

  • Update com.google.guava:guava-testlib to version 32.1.3-jre (1934)

  • Update com.h2database:h2 to version 2.2.224 (1917)

  • Update commons-codec:commons-codec to version 1.16.0 (2054)

  • Update commons-io:commons-io to version 2.15.1 (2035)

  • Update commons-logging:commons-logging to version 1.3.0 (2046)

  • Update de.flapdoodle.reverse:de.flapdoodle.reverse to version 1.7.2 (2000)

  • Update io.netty:netty-bom to version 4.1.104.Final (2097)

  • Update net.java.dev.jna:jna to version 5.14.0 (2082)

  • Update org.apache.aries.spifly:org.apache.aries.spifly.dynamic.bundle to version 1.3.7 (2053)

  • Update org.apache.commons:commons-compress to version 1.25.0 (2055)

  • Update org.apache.commons:commons-csv to version 1.10.0 (2041)

  • Update org.apache.commons:commons-dbcp2 to version 2.11.0 (2044)

  • Update org.apache.commons:commons-lang3 to version 3.14.0 (2036)

  • Update org.apache.commons:commons-pool2 to version 2.12.0 (2038)

  • Update org.apache.groovy:groovy-bom to version 4.0.16 (2039)

  • Update org.apache.maven:maven-core to version 3.9.6 (2049)

  • Update org.apache.maven.surefire:surefire-junit47 to version 3.2.3 (2091)

  • Update org.apache.tomcat:tomcat-juli to version 10.1.17 (2086)

  • Update org.codehaus.plexus:plexus-utils to version 3.5.1 (2061)

  • Update org.eclipse.jetty:jetty-bom to version 9.4.53.v20231009 (1931)

  • Update org.eclipse.persistence:org.eclipse.persistence.jpa to version 2.7.13 (1933)

  • Update org.eclipse.platform:org.eclipse.osgi to version 3.18.600 (2064)

  • Update org.elasticsearch.client:elasticsearch-rest-high-level-client to version 7.17.16 (2085)

  • Update org.graalvm.truffle:truffle-api to version 23.1.1 (1872)

  • Update org.jctools:jctools-core to version 4.0.2 (1995)

  • Update org.jmdns:jmdns to version 3.5.9 (2069)

  • Update org.junit:junit-bom to version 5.10.1 (1993)

  • Update org.junit-pioneer:junit-pioneer to version 2.2.0 (1986)

  • Update org.mockito:mockito-bom to version 5.8.0 (2031)

  • Update org.mongodb:bson to version 4.11.1 (1991)

  • Update org.springframework.boot:spring-boot to version 2.7.17 (1902)

  • Update org.springframework.boot:spring-boot-dependencies to version 2.7.18 (2002)

  • Update org.springframework:spring-framework-bom to version 5.3.30 (1903)

  • Update org.springframework:spring-test to version 5.3.31 (1992)

  • Update org.xerial.snappy:snappy-java to version 1.1.10.5 (1877)

  • Update org.zeromq:jeromq to version 0.5.4 (1888)

  • Update uk.org.webcompere:system-stubs-core to version 2.1.5 (2001)

  • Update OpenTest4J from version 1.2.0 to 1.3.0.

Fixed

  • Remove locale-dependent toLowerCase/toUpperCase calls. (1281)

  • Add environment variable arbiter. (1312)

  • Fixed logging of java.sql.Date objects by appending it before Log4J tries to call java.util.Date.toInstant() on it. (1366)

  • Adapt the OSGi metadata of log4j-api, log4j-core, log4j-slf4j-impl and log4j-slf4j2-impl to activate the bundle when it is accessed. To achieve that set the Bundle-ActivationPolicy to lazy for the log4j bundles. (1367)

  • Fix runtime dependencies documentation. (1530)

  • Allow to override fqcn in Log4jEventBuilder by implementing CallerBoundaryAware. (1533)

  • Migrate MongoDB tests to JUnit 5 and Flapdoodle Embedded MongoDB 4. (1589)

  • Fixed rollover strategy in the Log4j 1.x compatibility layer. (1650)

  • Only shutdown Log4j after last Log4jServletContextListener is executed. (1782)

  • Fixes context data loss if <AsyncLogger> components are used with an all async logger context. (1786)

  • AppenderLoggingException logging any exception to a MongoDB Appender. (LOG4J2-3392)

Removed

  • Remove GelfLayout (a GELF-compatible layout is still possible using JSON Template Layout) (1951)

  • Remove log4j-cassandra (1951)

  • Remove log4j-couchdb (1951)

  • Remove Jackson-based JSON configuration support. JSON configuration files are now handled through a built-in JSON parser.

  • Moved Log4j Jakarta EE modules (log4j-jakarta-jms, log4j-jakarta-smtp, and log4j-jakarta-web) to their own repository and website (1966)

  • Removed all Java EE modules: log4j-jms, log4j-jpa, log4j-smtp, log4j-web (1966)

  • Remove log4j-jeromq module (users are recommended to migrate to loghublog4j2) (1951)

  • Remove log4j-kafka (1951)

  • Remove log4j-layout-jackson-json module (it is superseded by JSON Template Layout) (1951)

  • Remove log4j-layout-jackson-yaml module (1951)

  • Remove legacy OSGi integration. ServiceLoader mechanism should be used instead.

  • Remove log4j-mongodb3 module (1951)

  • Remove support for SecurityManager. Starting in Java 21, a custom SecurityManager cannot be used.

  • Remove log4j-spring-boot module (its features are upstreamed to org.springframework.boot:spring-boot-starter-log4j2) (1951)

3.0.0-alpha1

As the Java ecosystem has evolved, requests have been received from users, and the need for improved security has become more apparent, changes were necessariy in Log4j’s design:

  • With the introduction of the Java Platform Module System (JPMS) changes were needed to how the various log4j modules are packaged. While not every log4j module is now a fully compliant JPMS module with its own module-info.java file, all the modules likely to be used in a JPMS environment are.

  • Many optional components, such as Scripting, JNDI, JPA and JMS, have been moved to their own modules. This makes Log4j-core slightly smaller in 3.x and aids in security by not having jars with unwanted behaviors present, making disabling them via system properties unnecessary.

  • All plugins constructed using Log4j 3.x are now located using Java’s ServiceLoader. This avoids many of the problems users had packaging plugins in "shaded" jars as that technology directly supports ServiceLoader. Plugins constructed using Log4j 2.x will still function in Log4j 3.x.

  • Log4j’s annotation processor has been individually packaged separate from Log4j-core and the plugin system it enables. For applications using the module path this makes it easier to provide the annotation processor since it must be explicitly declared in those cases.

  • Log4j 3.x now uses an internal dependency injection framework to allow plugins to be injected with instances of classes they are dependent on.

  • Many system properties used by Log4j can now be set to apply to a single LoggerContext making configuration in application frameworks that support multiple applications more flexible.

  • Some deprecated classes have been removed. However, every attempt has been made to ensure that user code compiled for Log4j 2.x will continue to operate with the Log4j 3.x libraries present instead.

Added

  • Allow plugins to be created through more flexible dependency injection patterns. (LOG4J2-1188)

  • Allow to force LOG4J2 to use TCCL only. (LOG4J2-2171)

  • Allow web lookup to access more information. (LOG4J2-2523)

  • Allow web lookup of session attributes. (LOG4J2-2688)

  • Add support for injecting plugin configuration via builder methods. (LOG4J2-2700)

  • Add scopes API for customizing plugin instance lifecycle. (LOG4J2-2852)

  • Add qualifier annotations for distinguishing instances of the same type. (LOG4J2-2853)

  • Create standardized dependency injection API. This is supported in several plugin categories and other configurable instances previously defined via system properties. (LOG4J2-2854)

  • Add conditional annotations to support more declarative binding factory bundle classes. (LOG4J2-3300)

  • Add built-in JSON configuration parser for a useful structured configuration file format which only requires the java.base module. (LOG4J2-3415)

  • Add @Ordered annotation to support plugin ordering when two or more plugins within the same category have the same case-insensitive name. (LOG4J2-857)

Changed

  • Simplify Maven site phase and align it with the one in 2.x branch. (1220)

  • Update build to use Java 11 bytecode. (480)

  • Convert documentation into AsciiDoc format. (LOG4J2-1802)

  • Rename package core.util.datetime to core.time.internal.format to clarify these classes are to be considered private. (LOG4J2-2224)

  • Move time-related classes from core.util to core.time. Classes considered private moved to core.time.internal. (LOG4J2-2225)

  • Split off Kafka support into a new module log4j-kafka. (LOG4J2-2227)

  • Split off ZeroMq/JeroMq support into a new module log4j-jeromq. (LOG4J2-2228)

  • Split off SMTP support into a new module log4j-smtp. (LOG4J2-2230)

  • Split off CSV layout into a new module log4j-csv. (LOG4J2-2231)

  • Split off JMS support into a new module log4j-jms. (LOG4J2-2232)

  • Split off JDBC support into a new module log4j-jdbc. (LOG4J2-2233)

  • Split off Jackson-based layouts into their own modules: log4j-layout-jackson-json, log4j-layout-jackson-xml and log4j-layout-jackson-yaml. (LOG4J2-2237)

  • Update builder methods from the "with" prefix to the "set" prefix. (LOG4J2-2492)

  • Remove deprecated code. (LOG4J2-2493)

  • Fix typo in method MergeStrategy.mergeConfigurations. (LOG4J2-2617)

  • Separate plugin support to its own module. Plugin annotation processor will now generate a Java source file compatible with java.util.ServiceLoader instead of a binary file. (LOG4J2-2621)

  • Rename PluginVisitor and related classes to ConfigurationInjectionBuilder. (LOG4J2-2683)

  • Locate plugins in modules. (LOG4J2-2690)

  • Split off JNDI support into a new module log4j-jndi. (LOG4J2-3242)

  • Split off scripting support into a new module log4j-script. (LOG4J2-3307)

  • Defer loading of StrLookup plugin classes until first usage. (LOG4J2-3441)

  • Flatten the ThreadContextMap interfaces with default methods. (LOG4J2-3626)

  • Allow Log4j properties to be provided in JSON files. (LOG4J2-3658)

  • Unify plugin builders and plugin factories. (LOG4J2-860)

  • Update Conversant Disruptor from 1.12.15 to 1.12.21. The new version requires Java 11. (LOG4J2-2079)

Fixed

  • EnvironmentLookup may throw NPE. (LOG4J2-2244)

  • Move ProcessIdUtil from log4j-api to log4j-core. (LOG4J2-2279)

  • FixedDateFormat parses timezone offsets, -8:00 is interpreted as GMT-8:00. (LOG4J2-2306)

  • RoutingAppender.Builder#setPurgePolicy fluently returns the builder instance. (LOG4J2-2545)

  • Reduce Log4j 2 initialization time by deferring loading Plugin classes. (LOG4J2-2795)

  • Fixes incorrect constructor call in LocalizedMessageFactory. (LOG4J2-2850)

  • Fix file descriptor leak on Tomcat. (LOG4J2-3663)

Removed

  • Remove support for java.io.Serializable in several classes including Message, Layout, LogEvent, Logger, and ReadOnlyStringMap. (LOG4J2-3228)