Re: Janusgraph-full-0.6.1: how to fix "WARNING: Critical severity vulnerabilities were found with Log4j!"


Hi Yingjie,

As to the short term workaround with removing the log4j jars, from the lib folder you can still use the gremlin console if you edit the ext/plugins.txt file and remove the lines with the hadoop and spark plugins.

However, you state that you use elasticsearch, which also ships with log4j in the distribution.

Best wishes,


Edited: cassandra does not ship with log4j

Join { to automatically receive all group messages.