-
Type: Improvement
-
Resolution: Won't Do
-
Priority: Unknown
-
None
-
Affects Version/s: None
-
Component/s: Build
-
None
SLF4J 2.0 was released in August 2022, and Logback 3.0+ now depends on it. By depending on slf4j-api 1.7.x, the driver creates a transitive dependency that conflicts and possibly overrides the dependency in newer Logback releases. While this is easy to work around by excluding the driver's dependency, it does create friction as more and more applications upgrade their logging provider.
We should consider upgrading our dependency to slf4j-api 2.0.x. This should be safe as all SLF4J releases are binary compatible with each other.
- is related to
-
MONGOCRYPT-602 Make slf4j-api dependency in mongodb-crypt optional
- Closed