Uploaded image for project: 'Log4j 2'
  1. Log4j 2
  2. LOG4J2-3375

wrong copyright years 1999-1969 in some 2.17.1 artifacts on Maven Central

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 2.17.1
    • None
    • Build
    • None

    • 2.17.1 JARs downloaded from Maven Central

    Description

      META-INF/NOTICE files of log4j-api and log4j-slf4j-impl JARs contain a wrong copyright year:

      Copyright 1999-1969 The Apache Software Foundation

      See:

      This may be problematic as Apache license ยง4d requires all downstream projects to copy the exact content of NOTICE files, so the obviously wrong copyright year has to be transported as-is to comply with the license.

      log4j-core still indicates "Copyright 1999-2012 Apache Software Foundation" which might need to be updated.

      I only checked log4j-core, log4j-api and log4j-slf4j-impl as those dependencies are included into my project. Other artifacts might be affected as well. Previous versions indicated outdated copyright years (such als 2020 in 2.17.0) but were simply stale, not implausible.

      Attachments

        Activity

          People

            Unassigned Unassigned
            dneuge Daniel Neugebauer
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: