diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
new file mode 100644
index 0000000..115a411
--- /dev/null
+++ b/.github/workflows/trivy.yml
@@ -0,0 +1,45 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: trivy
+
+on:
+ push:
+ branches: [ "master" ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ "master" ]
+ schedule:
+ - cron: '44 13 * * 0'
+
+permissions:
+ contents: read
+
+jobs:
+ trivy-scan:
+ name: Trivy Security Scan
+ runs-on: ubuntu-latest
+ permissions:
+ contents: read
+ security-events: write
+ actions: read
+
+ steps:
+ - name: Checkout code
+ uses: actions/checkout@v4
+
+ - name: Run Trivy vulnerability scanner
+ uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe
+ with:
+ scan-type: 'fs'
+ scan-ref: '.'
+ format: 'sarif'
+ output: 'trivy-results.sarif'
+ severity: 'CRITICAL,HIGH'
+
+ - name: Upload Trivy scan results to GitHub Security tab
+ uses: github/codeql-action/upload-sarif@v3
+ with:
+ sarif_file: 'trivy-results.sarif'
diff --git a/core/pom.xml b/core/pom.xml
index fc610e1..ef3f36e 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -5,7 +5,7 @@
net.timewalker.ffmq
ffmq4-core
jar
- 4.0.14
+ 4.0.15
FFMQ Core
FFMQ Core module
http://timewalker74.github.io/ffmq/
@@ -25,7 +25,7 @@
net.timewalker.ffmq
ffmq4
- 4.0.14
+ 4.0.15
@@ -95,6 +95,9 @@
org.apache.maven.plugins
maven-javadoc-plugin
2.10.1
+
+ false
+
attach-javadocs
@@ -139,8 +142,9 @@
- log4j
- log4j
+ org.apache.logging.log4j
+ log4j-core
+ 2.25.2
compile
diff --git a/distribution/pom.xml b/distribution/pom.xml
index 0905bad..f40d1d3 100644
--- a/distribution/pom.xml
+++ b/distribution/pom.xml
@@ -4,7 +4,7 @@
net.timewalker.ffmq
ffmq4-distribution
jar
- 4.0.14
+ 4.0.15
FFMQ Distribution
FFMQ Distribution module
http://timewalker74.github.io/ffmq/
@@ -24,7 +24,7 @@
net.timewalker.ffmq
ffmq4
- 4.0.14
+ 4.0.15
@@ -81,12 +81,12 @@
net.timewalker.ffmq
ffmq4-tools
- 4.0.14
+ 4.0.15
net.timewalker.ffmq
ffmq4-server
- 4.0.14
+ 4.0.15
diff --git a/distribution/src/main/resources/conf/ffmq-server.properties b/distribution/src/main/resources/conf/ffmq-server.properties
index 6bbd8a3..53d7c28 100644
--- a/distribution/src/main/resources/conf/ffmq-server.properties
+++ b/distribution/src/main/resources/conf/ffmq-server.properties
@@ -173,25 +173,3 @@ consumer.prefetch.size=10
# Redelivery delay (in milliseconds)
# - If positive, delay message availability in queue after a rollback
delivery.redeliveryDelay=0
-
-
-#--------------------------------#
-# Logging #
-#--------------------------------#
-
-# Loggers definitions
-log4j.logger.net.timewalker.ffmq4=INFO,logFile
-log4j.additivity.net.timewalker.ffmq4=false
-
-# Appenders definitions
-log4j.appender.console=org.apache.log4j.ConsoleAppender
-log4j.appender.console.layout=org.apache.log4j.PatternLayout
-log4j.appender.console.layout.ConversionPattern=[%5p] %m%n
-
-log4j.appender.logFile=org.apache.log4j.RollingFileAppender
-log4j.appender.logFile.File=${FFMQ_BASE}/logs/ffmq-server.log
-log4j.appender.logFile.MaxFileSize=1000KB
-log4j.appender.logFile.MaxBackupIndex=5
-log4j.appender.logFile.Append=true
-log4j.appender.logFile.layout=org.apache.log4j.PatternLayout
-log4j.appender.logFile.layout.ConversionPattern=%d{HHmmss} %5p [%c{1}]{%t} %m%n
diff --git a/pom.xml b/pom.xml
index 59ee03a..2b036a0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
net.timewalker.ffmq
ffmq4
pom
- 4.0.14
+ 4.0.15
FFMQ
FFMQ - Light-weight & Fast JMS queuer
http://timewalker74.github.io/ffmq/
@@ -100,8 +100,16 @@
-
-
+
+
+ org.apache.maven.plugins
+ maven-javadoc-plugin
+ 2.10.1
+
+ false
+
+
+
@@ -109,12 +117,12 @@
commons-logging
commons-logging
- 1.1
+ 1.3.5
- log4j
- log4j
- 1.2.17
+ org.apache.logging.log4j
+ log4j-core
+ 2.25.2
com.sun.jdmk
@@ -137,6 +145,7 @@
jms
+ runtime
javax.jms
@@ -146,7 +155,7 @@
junit
junit
- 4.13.1
+ 4.13.2
diff --git a/server/pom.xml b/server/pom.xml
index 1f3a40e..54eb49d 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -5,7 +5,7 @@
net.timewalker.ffmq
ffmq4-server
jar
- 4.0.14
+ 4.0.15
FFMQ Server
FFMQ Server module
http://timewalker74.github.io/ffmq/
@@ -13,7 +13,7 @@
net.timewalker.ffmq
ffmq4
- 4.0.14
+ 4.0.15
@@ -89,7 +89,7 @@
net.timewalker.ffmq
ffmq4-core
- 4.0.14
+ 4.0.15
junit
diff --git a/server/src/test/java/net/timewalker/ffmq4/test/AbstractQueuerTest.java b/server/src/test/java/net/timewalker/ffmq4/test/AbstractQueuerTest.java
index 0710c57..3f4ed2f 100644
--- a/server/src/test/java/net/timewalker/ffmq4/test/AbstractQueuerTest.java
+++ b/server/src/test/java/net/timewalker/ffmq4/test/AbstractQueuerTest.java
@@ -9,6 +9,7 @@
*/
package net.timewalker.ffmq4.test;
+import java.io.File;
import java.io.FileInputStream;
import java.util.Properties;
@@ -22,8 +23,6 @@
import javax.jms.Topic;
import javax.jms.TopicConnection;
-import org.apache.log4j.PropertyConfigurator;
-
import junit.framework.TestCase;
import net.timewalker.ffmq4.FFMQConstants;
import net.timewalker.ffmq4.common.destination.QueueRef;
@@ -35,6 +34,9 @@
import net.timewalker.ffmq4.local.destination.LocalQueue;
import net.timewalker.ffmq4.local.destination.LocalTopic;
import net.timewalker.ffmq4.utils.Settings;
+import org.apache.logging.log4j.core.LoggerContext;
+
+import static org.apache.logging.log4j.core.config.Configurator.initialize;
/**
* AbstractQueuerTest
@@ -120,12 +122,18 @@ protected void setUp() throws Exception
FileInputStream in = new FileInputStream(ffmqBase+"/conf/ffmq-server.properties");
testSettings.load(in);
in.close();
-
- if (!log4jConfigured)
- {
- PropertyConfigurator.configure(testSettings);
- log4jConfigured = true;
- }
+
+ if (!log4jConfigured) {
+
+ File log4jConfigurationFile = new File(ffmqBase+"/conf/ffmqLog4j.xml");
+ String log4jConfigurationFileAbsolutePath = log4jConfigurationFile.getAbsolutePath();
+
+ if (log4jConfigurationFile.exists()) {
+ LoggerContext initialize = initialize(null, log4jConfigurationFileAbsolutePath);
+ log4jConfigured = initialize != null;
+ }
+
+ }
Settings settings = new Settings(testSettings);
diff --git a/server/src/test/java/net/timewalker/ffmq4/test/TestListenerClient.java b/server/src/test/java/net/timewalker/ffmq4/test/TestListenerClient.java
index 451ee96..26d3f75 100644
--- a/server/src/test/java/net/timewalker/ffmq4/test/TestListenerClient.java
+++ b/server/src/test/java/net/timewalker/ffmq4/test/TestListenerClient.java
@@ -32,10 +32,8 @@
import javax.jms.TextMessage;
import javax.naming.Context;
import javax.naming.InitialContext;
-
-import org.apache.log4j.spi.LoggingEvent;
-
import net.timewalker.ffmq4.FFMQConstants;
+import org.apache.logging.log4j.core.LogEvent;
/**
* TestListenerClient
@@ -85,8 +83,8 @@ public void onMessage(Message msg)
if (msg instanceof ObjectMessage)
{
Object body = ((ObjectMessage) msg).getObject();
- if (body instanceof LoggingEvent)
- System.out.println(((LoggingEvent) body).getMessage());
+ if (body instanceof LogEvent)
+ System.out.println(((LogEvent) body).getMessage());
}
}
catch (Exception e)
diff --git a/tools/pom.xml b/tools/pom.xml
index 859c311..4565481 100644
--- a/tools/pom.xml
+++ b/tools/pom.xml
@@ -5,7 +5,7 @@
net.timewalker.ffmq
ffmq4-tools
jar
- 4.0.14
+ 4.0.15
FFMQ Tools
FFMQ Tools
http://timewalker74.github.io/ffmq/
@@ -25,7 +25,7 @@
net.timewalker.ffmq
ffmq4
- 4.0.14
+ 4.0.15
@@ -101,7 +101,7 @@
net.timewalker.ffmq
ffmq4-core
- 4.0.14
+ 4.0.15
junit