The compatibility about 1.7.36 & 2.x

[hw207165]

Are there any compatibility issues when we need to upgrade slf4j from 1.7.36 to 2.x？

[KengoTODA]

You may refer: https://www.slf4j.org/faq.html#changesInVersion200

[hazendaz]

Biggest issue is if you are using spring boot 2. Its possible to turn off spring boots logging and use 2 though but its not straight forward and spring hasn't exactly helped there. You can find that info in their issues if you dig deep enough.

What I dislike in general was fact that slf4j went major to 2.x while logback was left minor on 1.3 (javax namespace) and 1.4 (jakarta namespace). That part is the most problematic because the bots (renovate, synk, dependabot, others) treat 1.3 and 1.4 the same by default and suggest premature upgrades to 1.4.x. The only saving grace if any was the level of CVEs on logback this week that caused the bots to send targeted releases but those were already deemed buggy and not complete. So a lot of manual work :(

Should you upgrade? Yes, it took years if I recall to get here. So long as you don't have spring boot consideration, there is no question just upgrade. As long as your configuration was not outrageous on requirements, its basically drop in place. In fact, for the some 2k repos I support, I don't recall any considerations outside of spring boot. And even there we upgraded some of those to latest on 2.7.x with various solutions found within spring boot issues.

[ceki]

In addition to the link @KengoTODA mentioned, there is also Are SLF4J versions backward compatible? FAQ entry which you might want to read.