From ad83979f5617718c89a22ac1713177577ed4ecfe Mon Sep 17 00:00:00 2001 From: Fabio Niephaus Date: Thu, 8 Sep 2022 14:59:56 +0200 Subject: [PATCH] Disable vulnerable log4j dependency and add note. --- native-image-workshop/README.md | 6 +++--- native-image-workshop/pom.xml | 5 +++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/native-image-workshop/README.md b/native-image-workshop/README.md index c599888c9..088f6e9e3 100644 --- a/native-image-workshop/README.md +++ b/native-image-workshop/README.md @@ -197,14 +197,14 @@ $ mvn clean package -Pnative So far, so good. But say we now we want to add a library, or some code, to our project that relies on reflection. A good candidate for testing this out would be to add `log4j`. Let's do that. -We've already added it as a dependency in the `pom.xml` file, and it can be seen in the depencies: +We've already added it as a dependency in the `pom.xml` file, and it can be found in the dependencies. Please uncomment it: ```xml - + ``` To add `log4j` all we need to do is to open up the `ListDir.java` file and uncomment some things in order to start using it. Go through and uncomment the various lines that add the imports and the logging code. Uncomment the following lines: diff --git a/native-image-workshop/pom.xml b/native-image-workshop/pom.xml index cd6d2fee5..73d841878 100644 --- a/native-image-workshop/pom.xml +++ b/native-image-workshop/pom.xml @@ -26,11 +26,12 @@ ${graalvm.version} provided - + +