Skip to content

Remove legacy log4j-1.2 dependencies completely #132238

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 1, 2025
Merged

Remove legacy log4j-1.2 dependencies completely #132238

merged 2 commits into from
Sep 1, 2025

Conversation

Rassyan
Copy link
Contributor

@Rassyan Rassyan commented Jul 31, 2025
edited
Loading

Problem Analysis

After upgrading to Log4j 2.25.1 in #132166, the module dependency requires org.apache.log4j (from Log4j 1.2 era) causes boot failure:
java.lang.module.FindException: Module org.apache.log4j not found, required by org.elasticsearch.security

This legacy dependency has no actual code references in the codebase (verified by full-text search). Retaining it would:

  1. Block Log4j 2.x upgrade progress
  2. Introduce unnecessary compatibility risks

Solution

Completely remove the obsolete dependency declaration from:
x-pack/plugin/security/src/main/java/module-info.java

Validation

  • ✅ Zero references to org.apache.log4j in codebase
  • ✅ Compiled & started successfully with both:

Critical Note

This is a prerequisite for #132166. Merging this first will unblock the Log4j upgrade.

@elasticsearchmachine elasticsearchmachine added needs:triage Requires assignment of a team area label v9.2.0 external-contributor Pull request authored by a developer outside the Elasticsearch team labels Jul 31, 2025
@dakrone dakrone added :Core/Infra/Logging Log management and logging utilities and removed needs:triage Requires assignment of a team area label labels Jul 31, 2025
@elasticsearchmachine elasticsearchmachine added the Team:Core/Infra Meta label for core/infra team label Jul 31, 2025
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-core-infra (Team:Core/Infra)

rjernst
rjernst approved these changes Jul 31, 2025
View reviewed changes
Copy link
Member

@rjernst rjernst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@rjernst rjernst self-assigned this Jul 31, 2025
@rjernst
Copy link
Member

rjernst commented Jul 31, 2025

@elasticmachine test this please

@mosche
Copy link
Contributor

mosche commented Sep 1, 2025

@elasticmachine test this please

@mosche mosche added auto-backport Automatically create backport pull requests when merged v9.1.4 v9.0.7 v8.18.7 v8.19.4 labels Sep 1, 2025
@mosche mosche merged commit e4ae587 into elastic:main Sep 1, 2025
34 checks passed
@rjernst rjernst mentioned this pull request Sep 1, 2025
Merged
rjernst pushed a commit to rjernst/elasticsearch that referenced this pull request Sep 1, 2025
@Rassyan @rjernst
Remove legacy log4j-1.2 dependencies completely (elastic#132238)
2f84848
This was referenced Sep 1, 2025
Merged
Merged
rjernst pushed a commit to rjernst/elasticsearch that referenced this pull request Sep 1, 2025
@Rassyan @rjernst
Remove legacy log4j-1.2 dependencies completely (elastic#132238)
b976d47
@rjernst rjernst mentioned this pull request Sep 1, 2025
Merged
rjernst pushed a commit to rjernst/elasticsearch that referenced this pull request Sep 1, 2025
@Rassyan @rjernst
Remove legacy log4j-1.2 dependencies completely (elastic#132238)
920a75e
@elasticsearchmachine
Copy link
Collaborator

💚 Backport successful

Status Branch Result
9.1
9.0
8.18
8.19

@mosche mosche mentioned this pull request Sep 1, 2025
Open
rjernst pushed a commit to rjernst/elasticsearch that referenced this pull request Sep 1, 2025
@Rassyan @rjernst
Remove legacy log4j-1.2 dependencies completely (elastic#132238)
11010ba
elasticsearchmachine pushed a commit that referenced this pull request Sep 1, 2025
@rjernst @Rassyan
Remove legacy log4j-1.2 dependencies completely (#132238) (#133933)
0ca5e1a 
Co-authored-by: Rassyan <[email protected]>
elasticsearchmachine pushed a commit that referenced this pull request Sep 1, 2025
@rjernst @Rassyan
Remove legacy log4j-1.2 dependencies completely (#132238) (#133931)
683d344 
Co-authored-by: Rassyan <[email protected]>
elasticsearchmachine pushed a commit that referenced this pull request Sep 2, 2025
@rjernst @Rassyan @mosche
Remove legacy log4j-1.2 dependencies completely (#132238) (#133932)
d3c1ec4 
Co-authored-by: Rassyan <[email protected]>
Co-authored-by: Moritz Mack <[email protected]>
elasticsearchmachine pushed a commit that referenced this pull request Sep 10, 2025
@rjernst @Rassyan
Remove legacy log4j-1.2 dependencies completely (#132238) (#133934)
66e04f3 
Co-authored-by: Rassyan <[email protected]>
sarog pushed a commit to portsbuild/elasticsearch that referenced this pull request Sep 11, 2025
@rjernst @Rassyan @sarog
Remove legacy log4j-1.2 dependencies completely (elastic#132238) (ela…
7e346b6 
…stic#133934)

Co-authored-by: Rassyan <[email protected]>
sarog pushed a commit to portsbuild/elasticsearch that referenced this pull request Sep 19, 2025
@rjernst @Rassyan @sarog
Remove legacy log4j-1.2 dependencies completely (elastic#132238) (ela…
405b2ec 
…stic#133934)

Co-authored-by: Rassyan <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rjernst rjernst rjernst approved these changes

Assignees

@rjernst rjernst

Labels
auto-backport Automatically create backport pull requests when merged :Core/Infra/Logging Log management and logging utilities external-contributor Pull request authored by a developer outside the Elasticsearch team >non-issue Team:Core/Infra Meta label for core/infra team v8.18.7 v8.19.4 v9.0.7 v9.1.4 v9.2.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Rassyan @elasticsearchmachine @rjernst @mosche @dakrone