|
2241 | 2241 | <com.esotericsoftware.reflectasm.version>${reflectasm.version}</com.esotericsoftware.reflectasm.version> |
2242 | 2242 |
|
2243 | 2243 | <!-- Logback - https://logback.qos.ch/ --> |
2244 | | - <!-- |
2245 | | - NB: 1.3.x is the last version with Java 8 support, |
2246 | | - and 1.2.x is the last version with an SLF4J binding in logback-classic. |
2247 | | - --> |
2248 | | - <logback.version>1.2.12</logback.version> |
| 2244 | + <!-- NB: 1.3.x is the last version with Java 8 support. --> |
| 2245 | + <logback.version>1.3.15</logback.version> |
2249 | 2246 | <logback-classic.version>${logback.version}</logback-classic.version> |
2250 | 2247 | <logback-core.version>${logback.version}</logback-core.version> |
2251 | 2248 | <ch.qos.logback.logback-classic.version>${logback-classic.version}</ch.qos.logback.logback-classic.version> |
|
2343 | 2340 | <com.fifesoft.languagesupport.version>${languagesupport.version}</com.fifesoft.languagesupport.version> |
2344 | 2341 |
|
2345 | 2342 | <!-- SLF4J - https://www.slf4j.org/ --> |
2346 | | - <slf4j.version>1.7.36</slf4j.version> |
| 2343 | + <slf4j.version>2.0.17</slf4j.version> |
2347 | 2344 | <slf4j-api.version>${slf4j.version}</slf4j-api.version> |
2348 | 2345 | <slf4j-ext.version>${slf4j.version}</slf4j-ext.version> |
2349 | 2346 | <slf4j-jcl.version>${slf4j.version}</slf4j-jcl.version> |
|
3927 | 3924 | <groupId>org.openmicroscopy</groupId> |
3928 | 3925 | <artifactId>metakit</artifactId> |
3929 | 3926 | <version>${org.openmicroscopy.metakit.version}</version> |
3930 | | - <exclusions> |
3931 | | - <exclusion> |
3932 | | - <!-- |
3933 | | - The banDuplicateClasses rule of the maven-enforcer-plugin reports a |
3934 | | - conflict between logback-classic & slf4j-simple in some scenarios. |
3935 | | - Both include an SLF4J binding (org.slf4j.impl.StaticLoggerBinder). |
3936 | | - Perhaps the classpath of the tooling also includes slf4j-simple? |
3937 | | - Regardless, it is generally problematic to inflict a specific SLF4J |
3938 | | - binding on downstream consumers. "Embedded components such as |
3939 | | - libraries or frameworks should not declare a dependency on any |
3940 | | - SLF4J binding but only depend on slf4j-api." |
3941 | | - See: https://www.slf4j.org/manual.html#libraries |
3942 | | - --> |
3943 | | - <groupId>ch.qos.logback</groupId> |
3944 | | - <artifactId>logback-classic</artifactId> |
3945 | | - </exclusion> |
3946 | | - </exclusions> |
3947 | 3927 | </dependency> |
3948 | 3928 |
|
3949 | 3929 | <!-- OME Codecs - https://github.com/ome/ome-codecs --> |
|
3959 | 3939 | <artifactId>ome-common</artifactId> |
3960 | 3940 | <version>${org.openmicroscopy.ome-common.version}</version> |
3961 | 3941 | <exclusions> |
3962 | | - <exclusion> |
3963 | | - <!-- |
3964 | | - The banDuplicateClasses rule of the maven-enforcer-plugin reports a |
3965 | | - conflict between logback-classic & slf4j-simple in some scenarios. |
3966 | | - Both include an SLF4J binding (org.slf4j.impl.StaticLoggerBinder). |
3967 | | - Perhaps the classpath of the tooling also includes slf4j-simple? |
3968 | | - Regardless, it is generally problematic to inflict a specific SLF4J |
3969 | | - binding on downstream consumers. "Embedded components such as |
3970 | | - libraries or frameworks should not declare a dependency on any |
3971 | | - SLF4J binding but only depend on slf4j-api." |
3972 | | - See: https://www.slf4j.org/manual.html#libraries |
3973 | | -
|
3974 | | - In any case: the ome-common usage of logback-classic is limited to |
3975 | | - the class loci.common.LogbackTools, accessed only via reflection |
3976 | | - from loci.common.DebugTools, with the intent that this dependency |
3977 | | - may or may not actually be present at runtime. So this dependency |
3978 | | - really should be marked optional in the ome-common POM, but since |
3979 | | - it is not marked so, we exclude it here in pom-scijava instead. |
3980 | | - --> |
3981 | | - <groupId>ch.qos.logback</groupId> |
3982 | | - <artifactId>logback-classic</artifactId> |
3983 | | - </exclusion> |
3984 | 3942 | <exclusion> |
3985 | 3943 | <groupId>xalan</groupId> |
3986 | 3944 | <artifactId>serializer</artifactId> |
|
4038 | 3996 | <groupId>ome</groupId> |
4039 | 3997 | <artifactId>bio-formats_plugins</artifactId> |
4040 | 3998 | <version>${ome.bio-formats_plugins.version}</version> |
4041 | | - <exclusions> |
4042 | | - <exclusion> |
4043 | | - <!-- |
4044 | | - The banDuplicateClasses rule of the maven-enforcer-plugin reports a |
4045 | | - conflict between logback-classic & slf4j-simple in some scenarios. |
4046 | | - Both include an SLF4J binding (org.slf4j.impl.StaticLoggerBinder). |
4047 | | - Perhaps the classpath of the tooling also includes slf4j-simple? |
4048 | | - Regardless, it is generally problematic to inflict a specific SLF4J |
4049 | | - binding on downstream consumers. "Embedded components such as |
4050 | | - libraries or frameworks should not declare a dependency on any |
4051 | | - SLF4J binding but only depend on slf4j-api." |
4052 | | - See: https://www.slf4j.org/manual.html#libraries |
4053 | | -
|
4054 | | - In any case: the bio-formats_plugins usage of logback-classic is |
4055 | | - limited to the class loci.plugins.util.IJStatusEchoer, accessed |
4056 | | - only via reflection from ome-common's loci.common.DebugTools class, |
4057 | | - with the intent that this dependency may or may not actually be |
4058 | | - present at runtime. So this dependency really should be marked |
4059 | | - optional in the bio-formats_plugins POM, but since it is not |
4060 | | - marked so, we exclude it here in pom-scijava instead. |
4061 | | - --> |
4062 | | - <groupId>ch.qos.logback</groupId> |
4063 | | - <artifactId>logback-classic</artifactId> |
4064 | | - </exclusion> |
4065 | | - </exclusions> |
4066 | 3999 | </dependency> |
4067 | 4000 | <dependency> |
4068 | 4001 | <groupId>ome</groupId> |
|
4106 | 4039 | <artifactId>omero-blitz</artifactId> |
4107 | 4040 | <version>${org.openmicroscopy.omero-blitz.version}</version> |
4108 | 4041 | <exclusions> |
| 4042 | + <exclusion> |
| 4043 | + <!-- |
| 4044 | + "Embedded components such as libraries or frameworks should not |
| 4045 | + declare a dependency on any SLF4J binding/provider but only depend |
| 4046 | + on slf4j-api. When a library declares a transitive dependency on a |
| 4047 | + specific binding, that binding is imposed on the end-user negating |
| 4048 | + the purpose of SLF4J." |
| 4049 | + Source: https://www.slf4j.org/manual.html#libraries |
| 4050 | + --> |
| 4051 | + <groupId>ch.qos.logback</groupId> |
| 4052 | + <artifactId>logback-classic</artifactId> |
| 4053 | + </exclusion> |
4109 | 4054 | <exclusion> |
4110 | 4055 | <!-- |
4111 | 4056 | Conflicts with jakarta.activation:jakarta.activation-api |
|
4130 | 4075 | <exclusions> |
4131 | 4076 | <exclusion> |
4132 | 4077 | <!-- |
4133 | | - The banDuplicateClasses rule of the maven-enforcer-plugin reports a |
4134 | | - conflict between logback-classic & slf4j-simple in some scenarios. |
4135 | | - Both include an SLF4J binding (org.slf4j.impl.StaticLoggerBinder). |
4136 | | - Perhaps the classpath of the tooling also includes slf4j-simple? |
4137 | | - Regardless, it is generally problematic to inflict a specific SLF4J |
4138 | | - binding on downstream consumers. "Embedded components such as |
4139 | | - libraries or frameworks should not declare a dependency on any |
4140 | | - SLF4J binding but only depend on slf4j-api." |
4141 | | - See: https://www.slf4j.org/manual.html#libraries |
| 4078 | + "Embedded components such as libraries or frameworks should not |
| 4079 | + declare a dependency on any SLF4J binding/provider but only depend |
| 4080 | + on slf4j-api. When a library declares a transitive dependency on a |
| 4081 | + specific binding, that binding is imposed on the end-user negating |
| 4082 | + the purpose of SLF4J." |
| 4083 | + Source: https://www.slf4j.org/manual.html#libraries |
4142 | 4084 | --> |
4143 | 4085 | <groupId>ch.qos.logback</groupId> |
4144 | 4086 | <artifactId>logback-classic</artifactId> |
|
0 commit comments