This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2021-12-11
Channels
- # adventofcode (42)
- # asami (13)
- # babashka (40)
- # beginners (25)
- # calva (39)
- # cider (18)
- # circleci (6)
- # cljs-dev (3)
- # clojure (39)
- # clojure-europe (16)
- # clojure-norway (9)
- # clojure-uk (2)
- # clojurescript (42)
- # datalevin (4)
- # datomic (23)
- # fulcro (33)
- # jobs (1)
- # malli (26)
- # minecraft (1)
- # off-topic (88)
- # pedestal (3)
- # polylith (8)
- # re-frame (6)
- # remote-jobs (2)
- # shadow-cljs (20)
- # tools-deps (12)
- # xtdb (5)
PSA: if you're using pedestal and log4j then you are vulnerable to the recently announced log4j vulnerability, since pedestal will log the path of a GET request.
🙏 1
Based on http://slf4j.org/log4shell.html SLF4J It looks like if you use Logback you are ok. Pedestal services created through the service template use Logback.
We switched recently from logback to log4j (can't remember the reasons any more) but luckily we patched everything before the floodgates opened
👍 1
Based on http://slf4j.org/log4shell.html SLF4J It looks like if you use Logback you are ok. Pedestal services created through the service template use Logback.