Releases: qos-ch/logback
Logback 1.5.32
2026-02-16 Release of logback version 1.5.32
• In DefaultProcessor, fixed incorrect check for dependencies contained within a parent model. Previous only the direct children were scanned. This fixes logback-access/issues/34.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit e807335 associated with the tag v_1.5.32. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.
Logback 1.5.31
2026-02-14 Release of logback version 1.5.31
• Fixed missing META-INF/services directory in logback-classic.jar. This issue rendered logback-classic version 1.5.30 unusable with SLF4J.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit 168e42f associated with the tag v_1.5.31. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.
Logback 1.5.30
2026-02-14 Release of logback version 1.5.30
• In this version, logback-classic.jar was missing the META-INF/services directory, making it unusable with SLF4J. Version 1.5.31 (released later on the same day) fixes this issue.
• Fix scanning issue when an included file becomes available at a later time. This problem was reported in issues/1021 by Sergey Nazarov.
• Standardized code for version checking across modules.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit 44164f1 associated with the tag v_1.5.30. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.
Logback 1.5.29
2026-02-09 Release of logback version 1.5.29
• In response to issues/1017, appender names and appender references are once again subject to variable substitution, reverting the change introduced in version 1.5.28.
Logback 1.5.28
2026-02-06 Release of logback version 1.5.28
• Appender names or appender references are no longer subject to variable substitution.
• Fixed issue with configurations with conditionals encompassing appenders. This was reported in issues/1016 reported by Sergey Sazonov.
• The element now admits a 'scan' attribute which can be used to override the 'scan' attribute in the element.
• Fixed NullPointerException thrown by VersionUtil.checkForVersionEquality method occurring with GraalVM Native Images. This issue was reported in issues/1014.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit e7a1855 associated with the tag v_1.5.28. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.
Logback 1.5.27
2026-01-30 Release of logback version 1.5.27
• Updated license to Eclipse Public License version 2.0 from version 1.0, retaining the GPL 2.1 dual-license.
• Fixed missing MDC data transmitted by SocketAppender reported in issues/1010 by Lars Vogel.
• Removed all Receiver classes and components which were already disabled for several years.
• Refactored file scanning code for improved clarity.
• In SizeAndTimeBasedRollingPolicy modified totalSizeCap and maxFileSize comparison to taking into account file compression. This fixes issues/1007.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit 3618eb0 associated with the tag v_1.5.27. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.
Logback 1.5.26
2026-01-25 Release of logback version 1.5.26
• InsertFromJNDIModelHandler was accessing javax.naming package forcing the inclusion of the optional java.naming module. This problem was raised in issues/1003 by Marius Hanl who also provided the relevant PR.
• In applications using shadow/fat/shade jars, module or package information could be lost. Thus, in the absence of version information, logback-classic would warn about version mismatches. Logback components now ship with properties files containing version information that survive shadow/fat/shade jars. This issue was reporteed in issues/1002 by Christoph Gritschenberger.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit 33deb54 associated with the tag v_1.5.26. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.
Logback 1.5.25
2026-01-17 Release of logback version 1.5.25
• When processing configuration files, logback-core will now only instantiate components compatible with the class expected by the encapsulating class. This fixes an ACE vulnerability recorded as CVE-2026-1225.
• In configuration files, referencing a single undeclared appender would cause all referenced appenders to be skipped. This issue was discovered in issues/997.
• Added VersionUtil class to logback-core. This utility class checks for version compatibility issues and alerts the user if need be.
• Added EpochConverter to output milliseconds/seconds since epoch. This enhancement was requested by Duncan Jauncey in issues/1000 who also provided the relevant implementation PR.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit f426e00 associated with the tag v_1.5.25. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.
Logback 1.5.24
2026-01-06 Release of logback version 1.5.24
• Added ExpressionPropertyCondition a PropertyCondition that can evaluate boolean expressions similar to Java. See the relevant documentation for further details.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit 62bc5fc associated with the tag v_1.5.24. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.
Logback 1.5.23
2025-12-21 Release of logback version 1.5.23
• In response to issues/959 file name collisions are detected at configuration time by analyzing the configuration file and no longer at run time. This avoids the ConcurrentModificationException reported in the issue.
• ZIP and XZ compression now use a BufferedOutputStream when writing to the compressed file. This issue was reported in issues/988.
• A bit-wise identical binary of this version can be reproduced by building from source code at commit 0bcc3fe associated with the tag v_1.5.23. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.