Override vulnerable Log4J version in mirai-console-gradle

2025-03-03 15:10:14 +08:00 · 2022-06-18 13:02:29 +01:00 · 2022-06-18 13:02:29 +01:00 · 16bbfdd36a
commit 16bbfdd36a
parent f7906b4aef
1 changed files with 4 additions and 0 deletions
--- a/mirai-console/tools/gradle-plugin/build.gradle.kts
+++ b/mirai-console/tools/gradle-plugin/build.gradle.kts
@ -40,6 +40,10 @@ dependencies {
    api("com.github.jengelman.gradle.plugins:shadow:6.0.0")
    api(`jetbrains-annotations`)

+    // override vulnerable Log4J version
+    // https://blog.gradle.org/log4j-vulnerability
+    implementation(`log4j-api`)
+    implementation(`log4j-core`)

    testApi(kotlin("test-junit5"))
    testApi("org.junit.jupiter:junit-jupiter-api:${Versions.junit}")