replace log4j:1.2 by non vulnerable reload4j

kongchen / swagger-maven-plugin

JAX-RS & SpringMVC supported maven build plugin, helps you generate Swagger JSON and API document in build phase.

http://kongchen.github.io/swagger-maven-plugin/

Apache License 2.0

761 stars 451 forks source link

replace log4j:1.2 by non vulnerable reload4j #879

Open noname713705 opened 2 years ago

noname713705 commented 2 years ago

swagger-maven-plugin keeps gettings back log4j:1.2.16 in my local repo and breaches company security rules. reload4j is binary compatible with log4j but fixes the important CVEs.