Closed kwwall closed 2 years ago
@jeremiahjstacey - This code review should go really fast. Almost all the changes are for deletions. The only one that you may want to look at ishttps://github.com/ESAPI/esapi-java-legacy/pull/716/files#diff-bbe0e91a04c7ef59cd98c496d3bb3672fd6c3a70b0fe1df51ee7958e79d838ca and to take a quick glance at src/test/java/org/owasp/esapi/waf/WAFTestUtility.java and my changes there and see if you can think of any simple means to test the log output.
@kwwall, there are 2 ways that I can think of that may be achievable. I do not think they're worth the effort, but I've outlined them below as options for consideration:
In either case, checking for output can be something as direct as verifying the WAF class reference exists.
@jeremiahjstacey or @xeno6696 - Would one of you kindly merge? That looks better than me merging my own code and I have no intent to add a commit that verifies some log message. That just over-complicates the test. Thanks.
In preparation for the ESAPI 2.5.0.0 release, which primarily addresses the removal of the Log4J 1 dependency for ESAPI logging (which has been deprecated for almost 2 years), this PR does the following:
Note that this PR does NOT include the release notes for 2.5.0.0.