-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
remove unused logback dependency #88
Conversation
Why is there warning in tests about lack of slf4j backend? Which slf4j backend is used now that logback is removed? |
we need at least one slf4j impl: https://github.com/apache/maven-build-cache-extension/actions/runs/5543308023/job/15013606896?pr=88#step:6:2248 |
Agreed, @elharo what's the purpose of this PR ? the dependency is actually used during tests |
Logging in Java is a vastly over-engineered mess, and we have only ourselves to blame for it. :-( |
The warning is an annoying bug in slf4j. We don't need a logging backend in tests. For that matter, we don't need logging in tests. Logging in tests is a bug. Only failing tests should generate output, and that output should come from assertion failures. Passing tests should generate no output. Otherwise the actual issues get lost in a sea of irrelevant log junk. |
@elharo -1 |
Slf4j simple is enough here... |
Agree but we need one. I had to debug some issues here in the past with docker on GHA and it was really helpful |
That's the purpose of logging...post-mortem assistance 😁 |
You can configure SLF4J-simple via system properties: |
@HannesWell we perfectly know this but here this PR removes every possible logging solution. As it has been said slf4j-simple is perfectly fine. But WE NEED ONE that's the point. |
logging capability restored here 3b318bb |
In the short term I'm OK with slf4j-simple but logback should never have been added. It's needless dependency bloat, and every extra dependency is a security risk. In the long term, nothing beyond the JDK is needed, nor has been since Java 1.4. I don't think it's a good idea to commit changes without going through PRs and code review. I would have approved 3b318bb if it had been sent through the usual process, but the process should be followed. Ideally the repo should be configured to prevent accidental and deliberate pushes to master. I know I've fumble fingered that one more than once by editing on master when I thought I was on a branch,. |
@elharo did you really follow any process here? Some of us added some comments/concerns but you have still merged it. |
Absolutely. I sent a PR. People responded. No one disapproved the PR by sending a "Request changes" review. I responded to the comments, received an approval from another committer, and merged. That is exactly how it is supposed to go. What is not supposed to happen is anyone committing anything directly to master and then pushing the branch with no approvals or review. 3b318bb could and should have been sent as a PR to be reviewed, and then merged after review and approval like any other change. |
No description provided.