I need to exclude the log4j artifact from the shade plug-in to avoid the log4j vulnerability, however, the exclude tag under artifactSet does not seem to work. Any suggestion to fix this?
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<version>3.2.4</version>
~~
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
<configuration>
<artifactSet>
<excludes>
<exclude>*:log4j-core:jar</exclude>
</excludes>
</artifactSet>
~~~
I keep getting below error: Failed to execute goal org.apache.maven.plugins:maven-shade-plugin:3.2.4:shade (default) on project : Execution default of goal org.apache.maven.plugins:maven-shade-plugin:3.2.4:shade failed: Plugin org.apache.maven.plugins:maven-shade-plugin:3.2.4 or one of its dependencies could not be resolved: Could not find artifact org.apache.logging.log4j:log4j-core:jar:2.13.0