Skip to content

PLUGINAPI-199 Upgrade logback-classic to version 1.5.38#303

Closed
dorian-burihabwa-sonarsource wants to merge 1 commit into
masterfrom
db/upgrade-logback-classic-in-test-fixtures
Closed

PLUGINAPI-199 Upgrade logback-classic to version 1.5.38#303
dorian-burihabwa-sonarsource wants to merge 1 commit into
masterfrom
db/upgrade-logback-classic-in-test-fixtures

Conversation

@dorian-burihabwa-sonarsource

@dorian-burihabwa-sonarsource dorian-burihabwa-sonarsource commented Jul 16, 2026

Copy link
Copy Markdown

Summary by Gitar

  • Dependency updates:
    • Upgraded logback-classic from 1.2.13 to 1.5.38 in settings.gradle.
    • Upgraded slf4j version reference from 1.7.30 to 2.0.17 to ensure compatibility.

This will update automatically on new commits.

@hashicorp-vault-sonar-prod hashicorp-vault-sonar-prod Bot changed the title Upgrade logback-classic to version 1.5.38 PLUGINAPI-199 Upgrade logback-classic to version 1.5.38 Jul 16, 2026
@hashicorp-vault-sonar-prod

hashicorp-vault-sonar-prod Bot commented Jul 16, 2026

Copy link
Copy Markdown

PLUGINAPI-199

Comment thread settings.gradle
@dorian-burihabwa-sonarsource
dorian-burihabwa-sonarsource force-pushed the db/upgrade-logback-classic-in-test-fixtures branch from a99651d to 5926d7e Compare July 16, 2026 09:10
@sonarqube-next

Copy link
Copy Markdown

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@gitar-bot

gitar-bot Bot commented Jul 16, 2026

Copy link
Copy Markdown
Code Review ✅ Approved 1 resolved / 1 findings

Upgrades logback-classic to 1.5.38 and syncs the SLF4J version to 2.0.17 for compatibility. Resolved the version mismatch between logback and the legacy SLF4J dependency.

✅ 1 resolved
Bug: logback-classic 1.5.38 requires SLF4J 2.x, catalog pins slf4j 1.7.30

📄 settings.gradle:11 📄 settings.gradle:23 📄 settings.gradle:24
logback-classic 1.5.x is built against the SLF4J 2.0 SPI (SLF4JServiceProvider / ServiceLoader) and no longer ships the legacy org.slf4j.impl.StaticLoggerBinder that slf4j-api 1.7.30 (still pinned at settings.gradle:11) uses to locate a binding. If slf4j-api 1.7.30 wins dependency resolution, SLF4J finds no binding, falls back to a NOPLogger, and AbstractLogTester.getRootLogger()'s cast to ch.qos.logback.classic.Logger throws ClassCastException, breaking every LogTester-based test. Bump the 'slf4j' version to a 2.0.x release (e.g. 2.0.16) to match logback 1.5.38.

Options

Auto-apply is off → Gitar will not commit updates to this branch.
Display: compact → Showing less information.

Comment with these commands to change the behavior for this request:

Auto-apply Compact
gitar auto-apply:on         
gitar display:verbose         

Was this helpful? React with 👍 / 👎 | Gitar

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant