Hello, Currently we run gremlin.sh with customized schema file in groovy (contains backend config, graph name, cache size as well as property key, vertex/edge index) to initialize graph. It seems that

Hello, I came across the issue below when migrating from janusgraph-full-0.5.3 to janusgraph-full-0.6.1. When I run 'janusgraph.sh start' after downloading janusgraph-full-0.6.1. I got error of starti

Hello Marc, I am using Mac OS Monterey and Java 8 (1.8.0_251). I have been using Janusgraph 0.5.3 with no issues. Thanks Yingjie

Hello Marc, YES, You are right. ./bin/janusgraph.sh start gives no error, and ./janusgraph-full-0.6.1/bin/janusgraph.sh start does. Yingjie

Hello All, I have run janusgraph all in one 0.6.1 (janusgraph-full-0.6.1) and have embeded cassandra and elastic search. It seems that the embeded log4j has security issues and the recomended fixes as

Hello Marc, If I remove log4j-1.2.17.jar from the lib directory of janusgraph distribution, say janusgraph-full-0.6.2/lib,then the janusgraph server can not be started. Below is the error message, and

Hello Marc, Yes. Now it works! Thanks Yingjie

Hello Marc, Actually my previous testing was incomplete. After removing those two log4j related jar files from the lib directory, I can start elasticsearch, cassandra and Janusgraph server successfull

Just wondering if anybody has a fix for this? The security issue is a roadblock for us to continue using Janusgraph in our project. Thanks

Hello Boxuan, Does it mean there is no existing release version for full install with this issue being fixed? Would it be possible to have a release with the fix as the code seems available? The way w

I see. Basically we got a violation notification from the IT dept of our company when running the Janusgraph and were asked to either fix or remove the application. As this is a relatively severe secu

Hello Jan, Yes, the only issue is the log4j2 that comes with janusgraph-full-0.6.2.zip installation. If there are some configurations that can be changed to fix this issue, that's all what we need. Pl

Marc, Yes, we use Cassandra and Elasticsearch at the backend from janusgraph-full-0.6.2 . What are the steps to disable log4j? Thanks Yingjie Th

Hello Jan, Thanks for the pointers. I downloaded the last build based on the link you provided. I unzipped janusgraph-full-1.0.0-SNAPSHOT.zip and tried starting Janusgraph and gremlin.sh, both worked.

Hello Marc, For this build, in directory janusgraph-full-1.0.0-SNAPSHOT/lib, there are log4j-1.2.17.jar , log4j-api-2.18.0.jar, log4j-core-2.18.0.jar, log4j-slf4j-impl-2.18.0.jar, but no slf4j-log4j12

Hello Marc, Yes, after applying the changes you suggested, it works now. I can load data and use gremlin successfully! Thanks to all of you, Marc, Jan and Boxuan, for your help in fixing the security

Hello, I am using Janusgraph. In my graph initialization groovy script, I would like to do a simple check, if the graph already exists, exit the script, else continue with the rest of the initializati

Hello All, Is there a prebuild package containing Elastic Search 8? It seems like the latest JanusGraph 1.0.0 RC1 still contains Elasticsearch 7.17.5, which has 'License-Banned" policy violations from

Hello all, There is high security vulnerability due netty-all jars in janusgraph-full-1.0.0-rc1 that we'd like upgrade to vesion > 4.1.82.Final. For ./lib/netty-all-4.1.58.Final.jar, I have directly r

Hello Marc, Yes, they are in the ./lib directory of janusgraph-1.0.0-rc1 and they embed netty-all.4.1.77.Final.jar, whose CVEs can be found in https://mvnrepository.com/artifact/io.netty/netty-all/4.1