2.26.0

This minor release delivers all the fixes in the [2.25.0, 2.25.4] version range, plus some new fixes, and several other improvements and features.

Added

• Add a new ConfigurationFactory::getConfiguration method accepting multiple URIs (#3775, #3921)
• Add and export org.apache.logging.log4j.core.pattern.NamedInstantPattern enabling users to programmatically access named date & time patterns supported by Pattern Layout (#3789)
• Add log4j.plugin.processor.minAllowedMessageKind annotation processor option to PluginProcessor to filter diagnostic messages by severity. This allows builds that treat compiler notes as errors (e.g. Maven with -Werror) to suppress informational notes emitted during normal plugin processing. (https://github.com/apache/logging-log4j2/discussions/3380[#3380], #4063)
• Add missing setters to Rfc5424LayoutBuilder

Changed

• Ensure scripts in the global Scripts element have explicit names by throwing a ConfigurationException for unnamed ones. (#3176)
• Simplify file manager registry factory methods (#3968)

Deprecated

• Deprecated withers in builder classes in favor of setters. This change improves API consistency with Log4j Core 3 and helps users adapt to the upcoming changes. (#3750)

Fixed

• Fix script resolution failure when the Scripts element is placed after a ScriptRef in the configuration. (#3336)
• Fix ArrayIndexOutOfBoundsException thrown by ThrowableStackTraceRenderer when the stack trace is modified concurrently (#3940, #3955)
• Fix SLF4JLogger.atFatal() returning atLevel(Level.TRACE) instead of atLevel(Level.FATAL). This was causing FATAL-level log events to be silently discarded when using the fluent API through the log4j-to-slf4j bridge. (#4068, #4089)
• Fix Javadoc references across module boundaries (i.e., cross-references) (#4099, #4100)
• Fix header write in RollingRandomAccessFileManager that was being incorrectly skipped if append=true and the file didn't exist before
• Fix a properties file configuration regression caused by not referenced loggers, appenders, and filters (#4036, #4069)

Removed

• Remove the jvmrunargs lookup. (#3874)

Updated

• Update org.junit:junit-bom to version 5.13.4 (#3850)
• Update org.mongodb:bson to version 5.6.1 (#3961)
• Update org.xerial.snappy:snappy-java to version 1.1.10.8 (#3841)

2.25.4

This patch release delivers fixes for configuration inconsistencies and formatting issues across several layouts.

• Restores alignment between documented and actual configuration attributes.
• Fixes formatting and sanitization issues in XML and RFC5424 layouts.
• Improves handling of invalid characters and non-standard values.

The authoritative list of recognized configuration attributes is available in the PluginReference.

Fixed

• Don't issue warnings if extra argument in parameterized logging is null. (#3975, #4014)
• Restore support for documented Rfc5424Layout parameter names. (#4022, #4074)
• Take Throwable#toString() into account while rendering stack traces in Pattern Layout. (#3623, #4033)
• Added debug level logs for successful resource loading in Loader class. (#4058, #4060)
• Align SslConfiguration factory method usage with Log4j 2.12+ API. The verifyHostname attribute is now correctly recognized. (#4061, #4075)
• Fix sanitization of structured data parameter names in RFC5424 layout. (#4073)
• Replace invalid characters in XmlLayout output with the Unicode replacement character (U+FFFD). (#4077)
• Replace invalid characters in Log4j1XmlLayout output with the Unicode replacement character (U+FFFD). (#4078)
• Replace invalid characters in MapMessage.asXml() output with the Unicode replacement character (U+FFFD). (#4079)
• Write non-finite floating-point numbers as strings in JsonWriter. (#4080)

2.25.3

This patch release addresses issues detailed in the changelog below. In particular, it includes an important fix for the host name verification in SSL/TLS configuration. This is used by Socket Appender.

Changed

• Optimize DefaultThreadContextMap.getCopy() performance by avoiding megamorphic calls in HashMap constructor (#3935, #3939)

Fixed

• Fix GraalVM metadata for nested classes to use binary names instead of canonical names (#3871, #3996)
• Fix failures caused by null SslConfiguration (#3947, #3953)
• Fix incorrect handling of the host name verification in SSL/TLS configuration, which is used by Socket Appender when SSL/TLS is enabled (#4002)

Removed

• Remove the com.github.spotbugs:spotbugs-annotations dependency (#3984, #3985)

2.25.2

This patch release addresses certain minor issues detailed in the changelog.

Fixed

• Fix potential memory leak involving LogBuilder in Log4j API to Logback bridge (#3819, #3824)
• Prevent unnecessary warnings in AbstractDriverManagerConnectionSource (#3828, #3831)
• Fix missing newlines in default logging configuration for log4j-core (#3835, #3851)
• Fix missing default Target value in Console Appender (#3852)
• Discard the sub-second part while obtaining the initial time (i.e., creation time) of a file in RollingFileManager (#3068, #3872)
• Fix Pattern Layout exception stack trace converters to no longer prepend newlines based on context (#3873, #3919)
• Fix the com.google.errorprone:error_prone_annotations dependency whose version property gets erased due to flattening (#3779, #3785, #3822, #3905)
• Fix detection of Throwable converters inside nested Pattern Layout patterns when applying alwaysWriteExceptions (#3920)
• Fix parsing and merging of literals in InstantPatternDynamicFormatter (#3930, #3932)

2.25.1

This patch release addresses a dozen bugs in version 2.25.0, in particular:

• Resolves a concurrency issue in the new unified datetime formatter.
• Fixes build failures affecting Gradle users.
• Restores backward compatibility with Spring Boot’s common logging configuration.
• Improves handling of edge cases in GraalVM support.

Fixed

• Fix detection of the Disruptor major version in environments with non-standard thread context classloader. (#3706)
• Downgrade spotbugs-annotations to resolve Gradle build failures. (#3754)
• Fix incorrect version resolution of jspecify and error_prone_annotations dependencies in published POM files. (#3758, #3779)
• Restore compatibility with Spring Boot by allowing reconfiguration using the LoggerContext.start method. (#3770)
• Allow omission of the -Alog4j.graalvm.groupId and -Alog4j.graalvm.artifactId arguments when building Log4j plugins. (#3771)
• Broaden the OSGi manifest's Import-Package constraints to support Jakarta Servlet API up to version 6. (#3787)
• Enable the resource: protocol for configuration files by default when running on GraalVM. (#3790)
• Fix timestamp formatting concurrency issue, when log4j2.enabledThreadlocals is true. (#3792)
• Fix GraalVM reachability metadata generation for methods with annotated array type parameters, such as @Nullable String[]. (#3796)
• Resolve PropertiesConfiguration compatibility issues with GraalVM and address additional minor reflection-related problems. (#3800)

2.25.0

This minor release introduces bug fixes, behavior improvements, and complete support for GraalVM native image generation.

GraalVM Reachability Metadata

Log4j Core and all extension modules now include embedded
GraalVM reachability metadata,
enabling seamless generation of native images with GraalVM out of the box—no manual configuration required.
For more information, refer to our GraalVM guide.

Note

When building third-party Log4j plugins, using the new GraalVmProcessor
introduced in version 2.25.0 will automatically generate the required reachability metadata for GraalVM native images.
However, the processor will fail the build if the required log4j.graalvm.groupId and log4j.graalvm.artifactId parameters are not provided.
For detailed instructions, see Registering plugins.

Exception Handling in Pattern Layout

Exception handling in Pattern Layout has undergone a significant rewrite.
This update resolves several bugs and ensures consistent behavior across all exception converters.
Key improvements include:

• Stack traces are now consistently prefixed with a newline instead of other whitespace.
• The default exception converter has changed from extended to plain, offering better performance.
• Support for the {ansi} option in exception converters has been removed.

Date & Time Formatting

Log4j has historically provided custom date and time formatters for performance, such as FixedDateFormat and FastDateFormat.
These are now deprecated in favor of Java’s standard DateTimeFormatter.

If you encounter formatting issues after upgrading—particularly with n or x directives—you can temporarily revert to the legacy formatters by setting the log4j2.instantFormatter property to legacy.
Please report any issues via our issue tracker.

ANSI Support on Windows

Modern Windows versions (10 and newer) provide native ANSI escape sequence support.
As a result, dependency on the outdated JAnsi 1.x library has been removed.
For details, refer to ANSI styling on Windows.

Jakarta JMS Appender

A Jakarta-compatible version of the JMS Appender is now included in the core distribution.

Added

• Add Google OSS-Fuzz integration (#2949)
• Add a GraalVmProcessor annotation processor to generate GraalVM reachability metadata. (#3053)
• Add MonitorResource configuration option to support the monitoring of external files in addition to the configuration file itself. (#3074, #3501)
• Fixed typo in "LoggerConfig.RootLogger.Builder#withtFilter(...)" method. Created new corrected 'withFilter()' method and deprecated old method. (#3369)
• Add collectionName and databaseName arguments to the MongoDB appender (#3467)

Changed

• Remove JAnsi library support. Windows 10 console has supported ANSI escapes since 2017. (#1736)
• Consolidate exception rendering logic and improve circular reference support in Pattern Layout (#2691, #3123)
• Rewrite JAnsiTextRenderer to work without JAnsi library. (#2916)
• Switch prefixing stack traces in Pattern Layout from whitespace to newline (#3045)
• Changes the layout used by the default configuration. (#3118)
• Switch to using Java's DateTimeFormatter for date & time formatting of log event instants (#3121, #2943)
• Switch the default exception converter from the extended exception converter to the plain exception converter (#3123)
• Don't close StringReaders because of batching. (#3127)
• Switch prefixing stack traces in Status Logger from whitespace to newline (#3149)
• The MongoDb Appender shouldn't log a deprecation warning (#3149)
• Add improved validation to StringMatchFilter for null/empty text. (#3153)
• Improve sub-millisecond precision in Java 8 by overriding SystemClock. (#3217)
• Don't overwrite configured configuration name if config has no loggers/root logger. (#3431)
• Update GcpLayout.json to improve compatibility with Google Cloud Logging (#3586)
• Direct invocation of java.util.Base64 in Base64Util instead of reflection (#3686)
• Improve LogEvent.toImmutable(), ReusableMessage.memento(), and remove ThrowableProxy usage

Deprecated

• ThrowableProxy and all its usages (#2691, #3123)
• AbstractLogger.checkMessageFactory() (#2936)
• FixedDateTime, FastDateTime, and supporting classes (#3121)
• Use hard references to Loggers in LoggerRegistry. (#3143)

Fixed

• Switch MongoDB tests to Docker (#2229)
• Add Jakarta-based JMS Appender and deprecate Javax version (#2995)
• Fix RollingFileManager to reopen file on unsuccessful rollover (#2592)
• Fix exception rendering in Pattern Layout (LOG4J2-2170, LOG4J2-3627, #1729, #2691)
• Reload key/trust stores in TLS config (LOG4J2-2988, #2767)
• Simplify SSLContext instantiation for TLS (#2767)
• Add warning for Plugin Builder Attributes without public setter (#2769)
• Fix config reload from HTTP(S) source (#2937)
• Fix putAll() in thread context map (#2942)
• Improve HTTP Appender validation (#3011)
• Fix getLogger() compatibility in log4j-1.2-api (#3030)
• Fix root exception property extraction in Pattern Layout (#3045)
• Fix key removal in Thread Context (#3048)
• Android-specific fixes (#3056)
• Prevent non-Log4j dependency leak in log4j-bom (#3066, logging-parent#265)
• Fix o.a.l.Priority to Log4j 2 Level conversion (#3085)
• Sync Logger.getLevel() and Logger.setLevel() (#3119)
• Improve AsyncWaitStrategyFactoryConfig validation (#3159)
• Fix NPE with rootLogger = LEVEL syntax (#3206)
• Fix ArrayIndexOutOfBoundsException in JSON Template Layout (#3212)
• Handle null replacement in RegexReplacement (#3215)
• Fix location requirement detection in AsyncAppender and FailoverAppender (#3257)
• Correct Javadoc return for isFiltered() (#3300)
• Fix Level converter documentation (#3359)
• Fix RecyclerFactoryConverter loading in JSON Layout (#3398)
• Minimize InternalLoggerRegistry locking and clean up stale entries (#3399, #3430, #3681)
• Improve compile-time visibility for annotation libraries (#3437)
• Fix shutdownDisable config (#2614)
• Fix ArrayIndexOutOfBoundsException in StatusData#getFormattedStatus (#3562)
• Deprecate/remove static hiding methods (#3601)
• Avoid stack poisoning on platforms without SecurityManager (#3639)
• Improve performance/memory use when logging primitive arrays (#3645)
• Fix ArrayIndexOutOfBoundsException in Message.getFormattedMessage() (#3655)
• StatusLogger now writes to stderr by default (fixes regression in 2.23.0) (#3665)
• Support equals() between ReadOnlyStringMap implementations (#3669)
• Accept Disruptor 4 in OSGi descriptor (#3706)
• Avoid surrogate handling in JsonWriter

Removed

• Removed support for the {ansi} option in Pattern Layout exception converters (#3045)

Updated

• Update actions/stale to 9.1.0 (#3625)
• Update logback-core to 1.3.15 (#3354)
• Update jackson-bom to 2.19.0 (#3708)
• Update spotbugs-annotations to 4.9.3 (#3545)
• Update docker-maven-plugin to 0.46.0 (#3592)
• Update cassandra-all to 3.11.19 (#3440)
• Update commons-csv to 1.14.0 (#3559)
• Update commons-dbcp2 to 2.13.0 (#3271)
• Update commons-pool2 to 2.12.1 (#3422)
• Update kafka-clients to 3.9.1 (#3678)
• Update logging-parent to 12.1.1
• Update tomcat-juli to 10.1.30 (#2999)
• Update jetty-util to 9.4.57.v20241219 (#3377)
• Update jmdns to 3.6.1 (#3544)
• Update bson to 5.5.1 (#3722)
• Update slf4j-api to 2.0.17 (#3499)
• Update spring-cloud-context to 4.3.0 (#3700)

2.24.3

Release Notes

This release fixes two minor bugs.

• Fix ConcurrentModificationException, if multiple threads modify loggers concurrently.
  This bug affects users that modify logger levels programmatically. (#3234)
• Protects PropertiesUtil against property sources that call PropertiesUtil recursively.
  In some cases such a property source can even cause deadlocks. (#3252)

2.24.2

Release Notes

This release fixes a critical bug in Log4j API initialization code, which can cause LogManager.getLogger() to return null under certain conditions. See #3143 for details.

Fixed

• Fix key removal issues in Thread Context (#3048)
• Use hard references to Loggers in LoggerRegistry. (#3143)
• Fix ArrayIndexOutOfBoundsException in JSON Template Layout truncated exception resolver (#3216)

3.0.0-beta3

This release terminates the modularization process of Log4j Core, by moving all the code that uses optional log4j-core dependencies into new modules:

• Support for the JAnsi library has been removed since recent Windows OSes support ANSI escape sequences.
  See ANSI styling on Windows for more details.
• The DisruptorBlockinQueue queue factory has been moved to a new log4j-conversant artifact.
• Support for advanced compression algorithms has been moved to a new log4j-compress artifact.
  The Gzip and Zip formats are still supported out-of-the-box.

Separate lifecycle

• The Flume Appender releases will follow their own lifecycle.
• All the logging bridges from and to Log4j API have been removed from the Log4j Core 3.x release.
  Please manage your dependencies with log4j-bom to always use the compatible version of the logging bridges.

Added

• Add useFqdn configuration attribute to RFC5424 Layout. (#1740)
• Split off JNDI support of log4j-jdbc to a new log4j-jdbc-jndi module (#1914)
• Add "Plugin Reference" to the website. It is a Javadoc-on-steroids focusing on Log4j plugins. (#1954)
• Split extended compression algorithm support to new log4j-compress module. (#2921)

Changed

• Remove JAnsi library support, since Windows console supports ANSI escapes now. (#1736)
• Move DisruptorBlockingQueue plugin to new log4j-conversant module. (#2914)
• Rewrite JAnsiTextRenderer to work without JAnsi library. (#2916)

Fixed

• Switch MongoDB tests to use Docker. (#2229)
• Fix custom thread-context data provider handling in lookups and filters. (#2331)
• Fix reloading of the configuration from an HTTP(S) source (#2937)
• Fix Android-related issues in Log4j Core. (#3056)
• Website is migrated to Antora with several formatting and link fixes (#2443)

Removed

• Remove named date & time formatting patterns in Pattern Layout, except for UNIX and UNIX_MILLIS (#3150)
• Move Flume Appender to its own release lifecycle. (#2902)
• Remove ThrowableProxy and its usages (#3047)
• Remove logging bridges from distribution and reference their 2.x equivalents in log4j-bom.
• Remove CLI tools to generate logger wrappers and convert configuration files.
  These tools will be available in the next release of Log4j Transform.
• Remove deprecated org.apache.logging.log4j.core.appender.rolling.action.Duration class.
• Remove log4j-1.2-api module (#2621)
• Remove log4j-iostreams module (#2630)

Updated

• Update apache/logging-parent to version `` (#2598)
• Update com.fasterxml.jackson:jackson-bom to version 2.18.1 (#3136)
• Update io.fabric8:docker-maven-plugin to version 0.45.1 (#3036)
• Update org.apache.commons:commons-compress to version 1.27.1 (#2870)
• Update org.apache.commons:commons-csv to version 1.12.0 (#3020)
• Update org.apache.commons:commons-dbcp2 to version 2.12.0 (#2342)
• Update org.apache.logging.log4j:log4j-api to version 2.24.1 (#3035)
• Update org.jctools:jctools-core to version 4.0.5 (#2638)
• Update org.jspecify:jspecify to version 1.0.0 (#2750)
• Update org.mongodb:bson to version 5.2.1 (#3179)
• Update org.springframework.boot:spring-boot-autoconfigure to version 3.3.5 (#3120)
• Update org.springframework.cloud:spring-cloud-context to version 4.1.4 (#2733)
• Update org.springframework:spring-framework-bom to version 6.1.14 (#3102)

2.24.1

This release contains mainly bug fixes of problems encountered with the thread context map, logger registry and configuration reloading.

It also enhances integration tests to use Docker images of the most recent releases of MongoDB and Elastic Search.

Changed

• Rework LoggerRegistry to make it MessageFactory-namespaced.
  This effectively allows loggers of same name, but different message factory. (#2936)
• Enable Docker-based tests in CI for JSON Template Layout (#2953)

Fixed

• Switch MongoDB tests to use Docker. (#2229)
• Fix reloading of the configuration from an HTTP(S) source (#2937)
• Fix putAll() in the default thread context map implementation (#2942)

Updated

• Update org.apache.logging:logging-parent to version 11.3.0