Vladimir Dyuzhev, author of MockMotor

Vladimir Dyuzhev
MockMotor Creator

MockMotor is Not Using Log4J

MockMotor is not impacted by Log4J Security Issues

MockMotor is not using Log4J.

Because of that, MockMotor is not impacted by the Log4J remote security hole (fixed in Log4J 2.16) and subsequent remote DoS attack (fixed in Log4J 2.17). Or any future Log4J vulnerabilities.

MockMotor keeps its dependencies minimal. Using a third-party logging library when a perfectly good API exists in java.util core package seemed like overkill. And an increase of vulnerability surface, as it turned out.

The Bottom Line

You don’t need to upgrade MockMotor because of the Log4J debacle.