LOGGING: Upgrade to Log4J 2.11.1

buildSrc/version.properties

@@ -7,7 +7,7 @@ jts               = 1.13
 jackson           = 2.8.6
 snakeyaml         = 1.15
 # when updating log4j, please update also docs/java-api/index.asciidoc
-log4j             = 2.9.1
+log4j             = 2.11.1
 slf4j             = 1.6.2
 
 # when updating the JNA version, also update the version in buildSrc/build.gradle

core/build.gradle

@@ -179,8 +179,6 @@ thirdPartyAudit.excludes = [
   'com.fasterxml.jackson.dataformat.xml.JacksonXmlModule',
   'com.fasterxml.jackson.dataformat.xml.XmlMapper',
   'com.fasterxml.jackson.dataformat.xml.util.DefaultXmlPrettyPrinter',
-  'com.fasterxml.jackson.databind.node.JsonNodeFactory',
-  'com.fasterxml.jackson.databind.node.ObjectNode',
   'org.fusesource.jansi.Ansi',
   'org.fusesource.jansi.AnsiRenderer$Code',
   'com.lmax.disruptor.BlockingWaitStrategy',
@@ -221,12 +219,6 @@ thirdPartyAudit.excludes = [
   'javax.mail.internet.MimeMultipart',
   'javax.mail.internet.MimeUtility',
   'javax.mail.util.ByteArrayDataSource',
-  'javax.persistence.AttributeConverter',
-  'javax.persistence.EntityManager',
-  'javax.persistence.EntityManagerFactory',
-  'javax.persistence.EntityTransaction',
-  'javax.persistence.Persistence',
-  'javax.persistence.PersistenceException',
   'org.apache.commons.compress.compressors.CompressorStreamFactory',
   'org.apache.commons.compress.utils.IOUtils',
   'org.apache.commons.csv.CSVFormat',
@@ -259,6 +251,16 @@ thirdPartyAudit.excludes = [
   'org.noggit.JSONParser',
 ]
 
+if (JavaVersion.current() <= JavaVersion.VERSION_1_8) {
+  // Used by Log4J 2.11.1
+  thirdPartyAudit.excludes += [
+    'java.io.ObjectInputFilter',
+    'java.io.ObjectInputFilter$Config',
+    'java.io.ObjectInputFilter$FilterInfo',
+    'java.io.ObjectInputFilter$Status'
+  ]
+}
+
 if (JavaVersion.current() > JavaVersion.VERSION_1_8) {
   thirdPartyAudit.excludes += ['javax.xml.bind.DatatypeConverter']
 }

core/licenses/log4j-1.2-api-2.11.1.jar.sha1

@@ -0,0 +1 @@
+3aba3398fe064a3eab4331f88161c7480e848418

core/licenses/log4j-api-2.11.1.jar.sha1

@@ -0,0 +1 @@
+268f0fe4df3eefe052b57c87ec48517d64fb2a10

core/licenses/log4j-core-2.11.1.jar.sha1

@@ -0,0 +1 @@
+592a48674c926b01a9a747c7831bcd82a9e6d6e4

docs/java-api/index.asciidoc

@@ -70,7 +70,7 @@ You need to also include Log4j 2 dependencies:
 <dependency>
     <groupId>org.apache.logging.log4j</groupId>
     <artifactId>log4j-core</artifactId>
-    <version>2.9.1</version>
+    <version>2.11.1</version>
 </dependency>
 --------------------------------------------------
 
@@ -98,7 +98,7 @@ If you want to use another logger than Log4j 2, you can use http://www.slf4j.org
 <dependency>
     <groupId>org.apache.logging.log4j</groupId>
     <artifactId>log4j-to-slf4j</artifactId>
-    <version>2.9.1</version>
+    <version>2.11.1</version>
 </dependency>
 <dependency>
     <groupId>org.slf4j</groupId>

plugins/repository-hdfs/build.gradle

@@ -559,7 +559,6 @@ thirdPartyAudit.excludes = [
   // we are not pulling in slf4j-ext, this is okay, Log4j will fallback gracefully
   'org.slf4j.ext.EventData',
 
-  'org.apache.log4j.AppenderSkeleton',
   'org.apache.log4j.AsyncAppender',
   'org.apache.log4j.helpers.ISO8601DateFormat',
   'org.apache.log4j.spi.ThrowableInformation',

plugins/repository-hdfs/licenses/log4j-slf4j-impl-2.11.1.jar.sha1

@@ -0,0 +1 @@
+4b41b53a3a2d299ce381a69d165381ca19f62912

test/logger-usage/build.gradle

@@ -45,3 +45,13 @@ thirdPartyAudit.excludes = [
   'org.osgi.framework.wiring.BundleWire',
   'org.osgi.framework.wiring.BundleWiring'
 ]
+
+if (JavaVersion.current() <= JavaVersion.VERSION_1_8) {
+  // Used by Log4J 2.11.1
+  thirdPartyAudit.excludes += [
+    'java.io.ObjectInputFilter',
+    'java.io.ObjectInputFilter$Config',
+    'java.io.ObjectInputFilter$FilterInfo',
+    'java.io.ObjectInputFilter$Status'
+  ]
+}