Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"


hadoopmarc@...
 
Edited

Hi Yingjie,

As to the short term workaround with removing the log4j jars, from the lib folder you can still use the gremlin console if you edit the ext/plugins.txt file and remove the lines with the hadoop and spark plugins.

However, you state that you use elasticsearch, which also ships with log4j in the janusgraph-full-0.6.2.zip distribution.

Best wishes,

Marc

Edited: cassandra does not ship with log4j

Join janusgraph-users@lists.lfaidata.foundation to automatically receive all group messages.