Because of the vulnerability found in the Log4j logging framework, I want to know if I use log4js version 4.2.0 on my Angular application, should I be concerned?
Asked
Active
Viewed 193 times
0
-
6`log4j` !== `log4js`. – tkausl Dec 13 '21 at 15:11
-
2[_"Although it's got a similar name to the Java library log4j, thinking that it will behave the same way will only bring you sorrow and confusion."_](https://www.npmjs.com/package/log4js) <- prophetic words from the maintainer, there. You could also look at [their issues](https://github.com/log4js-node/log4js-node/issues/1105#issuecomment-991957807). – jonrsharpe Dec 13 '21 at 15:15