apache · JWT007 · Feb 12, 2025 · Feb 16, 2025 · Feb 17, 2025 · Feb 17, 2025
diff --git a/.github/generate-email.sh b/.github/generate-email.sh
@@ -28,12 +28,12 @@ stderr() {
 
 fail_for_invalid_args() {
     stderr "Invalid arguments!"
-    stderr "Expected arguments: <vote|announce> <version> <commitId>"
+    stderr "Expected arguments: <vote|announce> <version> <commitId> <nexusUrl>"
     exit 1
 }
 
 # Check arguments
-[ $# -ne 3 ] && fail_for_invalid_args
+[ $# -ne 4 ] && fail_for_invalid_args
 
 # Constants
 PROJECT_NAME="Apache Log4j"
@@ -43,6 +43,7 @@ PROJECT_SITE="https://logging.apache.org/$PROJECT_ID"
 PROJECT_STAGING_SITE="${PROJECT_SITE/apache.org/staged.apache.org}"
 PROJECT_REPO="https://github.com/apache/logging-log4j2"
 COMMIT_ID="$3"
+NEXUS_URL="$4"
 PROJECT_DIST_URL="https://dist.apache.org/repos/dist/dev/logging/$PROJECT_ID/$PROJECT_VERSION"
 
 # Check release notes file
@@ -71,7 +72,7 @@ Website: $PROJECT_STAGING_SITE/$PROJECT_VERSION/index.html
 GitHub: $PROJECT_REPO
 Commit: $COMMIT_ID
 Distribution: $PROJECT_DIST_URL
-Nexus: https://repository.apache.org/content/repositories/orgapachelogging-<FIXME>
+Nexus: $NEXUS_URL
 Signing key: 0x077e8893a6dcc33dd4a4d5b256e73ba9a0b592d0
 Review kit: https://logging.apache.org/logging-parent/release-review-instructions.html
 

diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -30,21 +30,21 @@ jobs:
 
   build:
     if: github.actor != 'dependabot[bot]'
-    uses: apache/logging-parent/.github/workflows/build-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/build-reusable.yaml@rel/12.0.0
     secrets:
-      DV_ACCESS_TOKEN: ${{ startsWith(github.ref_name, 'release/') && '' || secrets.GE_ACCESS_TOKEN }}
+      DV_ACCESS_TOKEN: ${{ startsWith(github.ref_name, 'release/') && '' || secrets.DEVELOCITY_ACCESS_KEY }}
     with:
       java-version: |
         8
         17
       site-enabled: true
-      reproducibility-check-enabled: ${{ startsWith(github.ref_name, 'release/') }}
+      reproducibility-check-enabled: false
       develocity-enabled: ${{ ! startsWith(github.ref_name, 'release/') }}
 
   deploy-snapshot:
     needs: build
     if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x'
-    uses: apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@rel/12.0.0
     # Secrets for deployments
     secrets:
       NEXUS_USERNAME: ${{ secrets.NEXUS_USER }}
@@ -57,7 +57,7 @@ jobs:
   deploy-release:
     needs: build
     if: github.repository == 'apache/logging-log4j2' && startsWith(github.ref_name, 'release/')
-    uses: apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel/12.0.0
     # Secrets for deployments
     secrets:
       GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
@@ -73,3 +73,25 @@ jobs:
         8
         17
       project-id: log4j
+
+  verify-reproducibility:
+    needs: [ deploy-snapshot, deploy-release ]
+    if: ${{ always() && (needs.deploy-snapshot.result == 'success' || needs.deploy-release.result == 'success') }}
+    name: "verify-reproducibility (${{ needs.deploy-release.result == 'success' && needs.deploy-release.outputs.project-version || needs.deploy-snapshot.outputs.project-version }})"
+    uses: apache/logging-parent/.github/workflows/verify-reproducibility-reusable.yaml@rel/12.0.0
+    with:
+      nexus-url: ${{ needs.deploy-release.result == 'success' && needs.deploy-release.outputs.nexus-url || 'https://repository.apache.org/content/groups/snapshots' }}
+      # Encode the `runs-on` input as JSON array
+      runs-on: '["ubuntu-latest", "macos-latest", "windows-latest"]'
+
+  # Run integration-tests automatically after a snapshot or RC is published
+  integration-test:
+    needs: [ deploy-snapshot, deploy-release ]
+    if: ${{ always() && (needs.deploy-snapshot.result == 'success' || needs.deploy-release.result == 'success') }}
+    name: "integration-test (${{ needs.deploy-release.result == 'success' && needs.deploy-release.outputs.project-version || needs.deploy-snapshot.outputs.project-version }})"
+    uses: apache/logging-log4j-samples/.github/workflows/integration-test.yaml@main
+    with:
+      log4j-version: ${{ needs.deploy-release.result == 'success' && needs.deploy-release.outputs.project-version || needs.deploy-snapshot.outputs.project-version }}
+      log4j-repository-url: ${{ needs.deploy-release.result == 'success' && needs.deploy-release.outputs.nexus-url || needs.deploy-snapshot.outputs.nexus-url }}
+      # Use the `main` branch of `logging-log4j-samples`
+      samples-ref: 'refs/heads/main'
diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml
@@ -30,7 +30,7 @@ permissions: read-all
 jobs:
 
   analyze:
-    uses: apache/logging-parent/.github/workflows/codeql-analysis-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/codeql-analysis-reusable.yaml@rel/12.0.0
     with:
       java-version: |
         8

diff --git a/.github/workflows/deploy-site.yaml b/.github/workflows/deploy-site.yaml
@@ -33,7 +33,7 @@ jobs:
 
   deploy-site-stg:
     if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x'
-    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/12.0.0
     # Secrets for committing the generated site
     secrets:
       GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
@@ -51,7 +51,7 @@ jobs:
 
   deploy-site-pro:
     if: github.repository == 'apache/logging-log4j2' && github.ref_name == '2.x-site-pro'
-    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/12.0.0
     # Secrets for committing the generated site
     secrets:
       GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}
@@ -81,7 +81,7 @@ jobs:
 
   deploy-site-rel:
     needs: export-version
-    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/12.0.0
     # Secrets for committing the generated site
     secrets:
       GPG_SECRET_KEY: ${{ secrets.LOGGING_GPG_SECRET_KEY }}

diff --git a/.github/workflows/develocity-publish-build-scans.yaml b/.github/workflows/develocity-publish-build-scans.yaml
@@ -38,5 +38,5 @@ jobs:
       - name: Publish Build Scans
         uses: gradle/develocity-actions/maven-publish-build-scan@b8d3a572314ffff3b940a2c1b7b384d4983d422d   # 1.3
         with:
-          develocity-url: 'https://ge.apache.org'
-          develocity-access-key: ${{ secrets.GE_ACCESS_TOKEN }}
+          develocity-url: 'https://develocity.apache.org'
+          develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
diff --git a/.github/workflows/merge-dependabot.yaml b/.github/workflows/merge-dependabot.yaml
@@ -30,9 +30,9 @@ jobs:
 
   build:
     if: github.repository == 'apache/logging-log4j2' && github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]'
-    uses: apache/logging-parent/.github/workflows/build-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/build-reusable.yaml@rel/12.0.0
     secrets:
-      DV_ACCESS_TOKEN: ${{ secrets.GE_ACCESS_TOKEN }}
+      DV_ACCESS_TOKEN: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
     with:
       java-version: |
         8
@@ -42,7 +42,7 @@ jobs:
 
   merge-dependabot:
     needs: build
-    uses: apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/11.3.0
+    uses: apache/logging-parent/.github/workflows/merge-dependabot-reusable.yaml@rel/12.0.0
     with:
       java-version: 17
     permissions:

diff --git a/.logging-parent-bom-activator b/.logging-parent-bom-activator
@@ -0,0 +1,16 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+##
+This file activates the `flatten-bom` profile.
diff --git a/.mvn/develocity.xml b/.mvn/develocity.xml
@@ -2,7 +2,7 @@
 <develocity>
     <projectId>logging-log4j2</projectId>
     <server>
-        <url>https://ge.apache.org</url>
+        <url>https://develocity.apache.org</url>
     </server>
     <buildScan>
         <capture>

diff --git a/log4j-core-its/pom.xml b/log4j-core-its/pom.xml
@@ -40,7 +40,7 @@
     <spotbugs.skip>true</spotbugs.skip>
 
     <!-- Dependency versions -->
-    <slf4j2.version>2.0.16</slf4j2.version>
+    <slf4j2.version>2.0.17</slf4j2.version>
 
   </properties>
 

diff --git a/...re-test/src/test/java/org/apache/logging/log4j/core/appender/HttpAppenderBuilderTest.java b/...re-test/src/test/java/org/apache/logging/log4j/core/appender/HttpAppenderBuilderTest.java
@@ -0,0 +1,130 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.logging.log4j.core.appender;
+
+import static org.assertj.core.api.AssertionsForInterfaceTypes.assertThat;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+import java.net.MalformedURLException;
+import java.net.URL;
+import org.apache.logging.log4j.Level;
+import org.apache.logging.log4j.core.Layout;
+import org.apache.logging.log4j.core.config.Configuration;
+import org.apache.logging.log4j.core.config.DefaultConfiguration;
+import org.apache.logging.log4j.core.config.Property;
+import org.apache.logging.log4j.core.layout.JsonLayout;
+import org.apache.logging.log4j.core.net.ssl.SslConfiguration;
+import org.apache.logging.log4j.test.ListStatusListener;
+import org.apache.logging.log4j.test.junit.UsingStatusListener;
+import org.junit.jupiter.api.Test;
+
+class HttpAppenderBuilderTest {
+
+    private HttpAppender.Builder<?> getBuilder() {
+        Configuration mockConfig = new DefaultConfiguration();
+        return HttpAppender.newBuilder().setConfiguration(mockConfig).setName("TestHttpAppender"); // Name is required
+    }
+
+    @Test
+    @UsingStatusListener
+    void testBuilderWithoutUrl(final ListStatusListener listener) throws Exception {
+        HttpAppender appender = HttpAppender.newBuilder()
+                .setConfiguration(new DefaultConfiguration())
+                .setName("TestAppender")
+                .setLayout(JsonLayout.createDefaultLayout()) // Providing a layout here
+                .build();
+
+        assertThat(listener.findStatusData(Level.ERROR))
+                .anyMatch(statusData ->
+                        statusData.getMessage().getFormattedMessage().contains("HttpAppender requires URL to be set."));
+    }
+
+    @Test
+    @UsingStatusListener
+    void testBuilderWithUrlAndWithoutLayout(final ListStatusListener listener) throws Exception {
+        HttpAppender appender = HttpAppender.newBuilder()
+                .setConfiguration(new DefaultConfiguration())
+                .setName("TestAppender")
+                .setUrl(new URL("http://localhost:8080/logs"))
+                .build();
+
+        assertThat(listener.findStatusData(Level.ERROR)).anyMatch(statusData -> statusData
+                .getMessage()
+                .getFormattedMessage()
+                .contains("HttpAppender requires a layout to be set."));
+    }
+
+    @Test
+    void testBuilderWithValidConfiguration() throws Exception {
+        URL url = new URL("http://example.com");
+        Layout<?> layout = JsonLayout.createDefaultLayout();
+
+        HttpAppender.Builder<?> builder = getBuilder().setUrl(url).setLayout(layout);
+
+        HttpAppender appender = builder.build();
+        assertNotNull(appender, "HttpAppender should be created with valid configuration.");
+    }
+
+    @Test
+    void testBuilderWithCustomMethod() throws Exception {
+        URL url = new URL("http://example.com");
+        Layout<?> layout = JsonLayout.createDefaultLayout();
+        String customMethod = "PUT";
+
+        HttpAppender.Builder<?> builder =
+                getBuilder().setUrl(url).setLayout(layout).setMethod(customMethod);
+
+        HttpAppender appender = builder.build();
+        assertNotNull(appender, "HttpAppender should be created with a custom HTTP method.");
+    }
+
+    @Test
+    void testBuilderWithHeaders() throws Exception {
+        URL url = new URL("http://example.com");
+        Layout<?> layout = JsonLayout.createDefaultLayout();
+        Property[] headers = new Property[] {
+            Property.createProperty("Header1", "Value1"), Property.createProperty("Header2", "Value2")
+        };
+
+        HttpAppender.Builder<?> builder =
+                getBuilder().setUrl(url).setLayout(layout).setHeaders(headers);
+
+        HttpAppender appender = builder.build();
+        assertNotNull(appender, "HttpAppender should be created with headers.");
+    }
+
+    @Test
+    void testBuilderWithSslConfiguration() throws Exception {
+        URL url = new URL("https://example.com");
+        Layout<?> layout = JsonLayout.createDefaultLayout();
+
+        // Use real SslConfiguration instead of Mockito mock
+        SslConfiguration sslConfig = SslConfiguration.createSSLConfiguration(null, null, null, false);
+
+        HttpAppender.Builder<?> builder =
+                getBuilder().setUrl(url).setLayout(layout).setSslConfiguration(sslConfig);
+
+        HttpAppender appender = builder.build();
+        assertNotNull(appender, "HttpAppender should be created with SSL configuration.");
+    }
+
+    @Test
+    void testBuilderWithInvalidUrl() {
+        assertThrows(MalformedURLException.class, () -> new URL("invalid-url"));
+    }
+}
diff --git a/log4j-core-test/src/test/java/org/apache/logging/log4j/core/filter/AbstractFilterTest.java b/log4j-core-test/src/test/java/org/apache/logging/log4j/core/filter/AbstractFilterTest.java
@@ -34,7 +34,6 @@ class AbstractFilterTest {
     @Test
     void testUnrolledBackwardsCompatible() {
         final ConcreteFilter filter = new ConcreteFilter();
-        final Filter.Result expected = Filter.Result.DENY;
         verifyMethodsWithUnrolledVarargs(filter, Filter.Result.DENY);
 
         filter.testResult = Filter.Result.ACCEPT;