[Gradle] configurations 를 이용한 log4j dependency 반영

분류 전체보기 (1583)

Elastic (498)

Cloud&Container (30)

ITWeb (799)

Legacy (255)

11-15 22:24

Links
Henry's Linkedin.
Elasticsearch Facebook User Gr….
Elasticsearch Blog.
Elasticsearch Resiliency Statu….
Elasticsearch Issues.
Kibana.
Logstash.
Logstash Plugins.
Elasticsearch: The Definitive ….
Elasticsearch Reference.
Elastic Discuss.
Elasticsearch Presentations.
Elastic Support Matrix.

티스토리 가입하기!
Total :
Today :
Yesterday :

[Gradle] configurations 를 이용한 log4j dependency 반영

ITWeb/개발일반 2022. 1. 24. 11:40

최근에 발생한 log4j 보안 이슈로 인해서 patch 작업이 필요 했었는데요.

build.gradle 에서 configurations 를 이용해서 쉽게 적용 할 수 있는 방법인데 기억하기 위해 이것도 기록해 봅니다.

관련 보안 내용은 아래 링크 참고 하시면 됩니다.

Log4j – Apache Log4j Security Vulnerabilities

<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to You under the Apa

logging.apache.org

build.gradle)

configuration {
  all {
  	resolutionStrategy.eachDependency { DependencyResolveDetails details ->
    	if ( details.requested.group == 'org.apache.logging.log4j' ) {
        	details.useVersion '2.17.1'
        }
    }
  }
  
  compileOnly {
    extendsFrom annotationProccessor
  }
}

jjeong

[Gradle] configurations 를 이용한 log4j dependency 반영

티스토리툴바