Completly remove slf4j

[jonasrutishauser]

Without this change this will install an additional slf4j-api in eclipse 2023-06 and destroy the eclipse installation (many plugins no longer work).

[thahnen]

Hello @jonasrutishauser,

would you be so kind on providing some more information on why having this library is an issue and what exactly will fail or no longer work?
Using that information I'll have a discussion with my teammates on what to do next and if we go forth with your changes.

Best,
Tobias from SonarLint for Eclipse

[jonasrutishauser]

If I install sonarlint in eclipse 2023-06 it will install an additional slf4j api:

After the restart of eclipse I get many Framework Errors like the following:

org.osgi.framework.BundleException: Could not resolve module: org.eclipse.jst.server.preview.adapter [541]
  Unresolved requirement: Require-Bundle: org.eclipse.wst.server.preview; bundle-version="[1.2.0,2.0.0)"
    -> Bundle-SymbolicName: org.eclipse.wst.server.preview; bundle-version="1.2.100.v202211091907"; singleton:="true"
       org.eclipse.wst.server.preview [865]
         Unresolved requirement: Require-Bundle: org.eclipse.jetty.plus; bundle-version="[10.0.1,11.0.0)"
           -> Bundle-SymbolicName: org.eclipse.jetty.plus; bundle-version="10.0.15"
              org.eclipse.jetty.plus [442]
                Unresolved requirement: Require-Capability: osgi.extender; filter:="(osgi.extender=osgi.serviceloader.registrar)"
                  -> Provide-Capability: osgi.extender; osgi.extender="osgi.serviceloader.registrar"; version:Version="1.0.0"
                Unresolved requirement: Import-Package: javax.transaction; version="1.1.0"
                  -> Export-Package: javax.transaction; bundle-symbolic-name="jakarta.transaction-api"; bundle-version="1.3.3"; version="1.3.3"; uses:="javax.interceptor,javax.transaction.xa,javax.enterprise.util,javax.enterprise.context"
                     jakarta.transaction-api [30]
                       Unresolved requirement: Import-Package: javax.enterprise.context
                Unresolved requirement: Import-Package: org.slf4j; version="[1.7.0,3.0.0)"
                  -> Export-Package: org.slf4j; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="1.7.36"; uses:="org.slf4j.event,org.slf4j.helpers,org.slf4j.spi"
                     slf4j.api [973]
                       Unresolved requirement: Require-Capability: osgi.serviceloader; osgi.serviceloader="org.slf4j.spi.SLF4JServiceProvider"; filter:="(osgi.serviceloader=org.slf4j.spi.SLF4JServiceProvider)"
                         -> Provide-Capability: osgi.serviceloader; type="nop"; osgi.serviceloader="org.slf4j.spi.SLF4JServiceProvider"; register:="org.slf4j.nop.NOPServiceProvider"
                            slf4j.nop [974]
                              Unresolved requirement: Require-Capability: osgi.extender; filter:="(&(osgi.extender=osgi.serviceloader.registrar)(version>=1.0.0)(!(version>=2.0.0)))"
                                -> Provide-Capability: osgi.extender; osgi.extender="osgi.serviceloader.registrar"; version:Version="1.0.0"
                              Unresolved requirement: Import-Package: org.slf4j.helpers; version="[2.0.0,3.0.0)"
                                -> Export-Package: org.slf4j.helpers; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j,org.slf4j.event,org.slf4j.spi"
                              Unresolved requirement: Import-Package: org.slf4j; version="[2.0.0,3.0.0)"
                                -> Export-Package: org.slf4j; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j.event,org.slf4j.helpers,org.slf4j.spi"
                              Unresolved requirement: Import-Package: org.slf4j.spi; version="[2.0.0,3.0.0)"
                                -> Export-Package: org.slf4j.spi; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j,org.slf4j.event,org.slf4j.helpers"
                       Unresolved requirement: Require-Capability: osgi.extender; filter:="(&(osgi.extender=osgi.serviceloader.processor)(version>=1.0.0)(!(version>=2.0.0)))"
                         -> Provide-Capability: osgi.extender; osgi.extender="osgi.serviceloader.processor"; version:Version="1.0.0"
                Unresolved requirement: Import-Package: org.slf4j.helpers; version="[1.7.0,3.0.0)"
                  -> Export-Package: org.slf4j.helpers; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j,org.slf4j.event,org.slf4j.spi"
                Unresolved requirement: Import-Package: org.slf4j.event; version="[1.7.0,3.0.0)"
                  -> Export-Package: org.slf4j.event; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j,org.slf4j.helpers"
                Unresolved requirement: Import-Package: org.slf4j.spi; version="[1.7.0,3.0.0)"
                  -> Export-Package: org.slf4j.spi; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j,org.slf4j.event,org.slf4j.helpers"
                Unresolved requirement: Import-Package: org.eclipse.jetty.webapp; version="[10.0.15,11.0.0)"
                  -> Export-Package: org.eclipse.jetty.webapp; bundle-symbolic-name="org.eclipse.jetty.webapp"; bundle-version="10.0.15"; version="10.0.15"; uses:="javax.servlet,org.eclipse.jetty.security,org.eclipse.jetty.server,org.eclipse.jetty.server.handler,org.eclipse.jetty.server.session,org.eclipse.jetty.servlet,org.eclipse.jetty.util,org.eclipse.jetty.util.annotation,org.eclipse.jetty.util.component,org.eclipse.jetty.util.resource,org.eclipse.jetty.xml"
                     org.eclipse.jetty.webapp [448]
                       Unresolved requirement: Require-Capability: osgi.extender; filter:="(osgi.extender=osgi.serviceloader.processor)"
                         -> Provide-Capability: osgi.extender; osgi.extender="osgi.serviceloader.processor"; version:Version="1.0.0"
                       Unresolved requirement: Import-Package: org.slf4j; version="[1.7.0,3.0.0)"
                         -> Export-Package: org.slf4j; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="1.7.36"; uses:="org.slf4j.event,org.slf4j.helpers,org.slf4j.spi"
                       Unresolved requirement: Import-Package: org.slf4j.spi; version="[1.7.0,3.0.0)"
                         -> Export-Package: org.slf4j.spi; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j,org.slf4j.event,org.slf4j.helpers"
                       Unresolved requirement: Import-Package: org.slf4j.helpers; version="[1.7.0,3.0.0)"
                         -> Export-Package: org.slf4j.helpers; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j,org.slf4j.event,org.slf4j.spi"
                       Unresolved requirement: Import-Package: org.slf4j.event; version="[1.7.0,3.0.0)"
                         -> Export-Package: org.slf4j.event; bundle-symbolic-name="slf4j.api"; bundle-version="2.0.7"; version="2.0.7"; uses:="org.slf4j,org.slf4j.helpers"
                       Unresolved requirement: Require-Capability: osgi.extender; filter:="(osgi.extender=osgi.serviceloader.registrar)"
                         -> Provide-Capability: osgi.extender; osgi.extender="osgi.serviceloader.registrar"; version:Version="1.0.0"
                       Unresolved requirement: Require-Capability: osgi.serviceloader; filter:="(osgi.serviceloader=org.eclipse.jetty.webapp.Configuration)"; cardinality:="multiple"
                         -> Provide-Capability: osgi.serviceloader; osgi.serviceloader="org.eclipse.jetty.webapp.Configuration"
         Unresolved requirement: Require-Bundle: org.eclipse.jetty.webapp; bundle-version="[10.0.1,11.0.0)"
           -> Bundle-SymbolicName: org.eclipse.jetty.webapp; bundle-version="10.0.15"
  Unresolved requirement: Require-Bundle: slf4j.api; bundle-version="[1.7.36,3.0.0)"
    -> Bundle-SymbolicName: slf4j.api; bundle-version="2.0.7"

 

    at org.eclipse.osgi.container.Module.start(Module.java:463)
    at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel$2.run(ModuleContainer.java:1852)
    at org.eclipse.osgi.internal.framework.EquinoxContainerAdaptor$1$1.execute(EquinoxContainerAdaptor.java:136)
    at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.incStartLevel(ModuleContainer.java:1845)
    at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.incStartLevel(ModuleContainer.java:1786)
    at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.doContainerStartLevel(ModuleContainer.java:1750)
    at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.dispatchEvent(ModuleContainer.java:1672)
    at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.dispatchEvent(ModuleContainer.java:1)
    at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234)
    at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:345)

[thahnen]

Hello @jonasrutishauser,

thank you for providing this very information. From what I can see it feels like an issue connected to having now two versions of slf4j.api on the classpath with more or less the same version. We will get into it what our possibilities are and are coming back to you!

Thank you,
Tobias

[thahnen]

Hi @jonasrutishauser,

We've investigated the issue but in order to reproduce it I'd like you to provide me with the following information:

• Flavor of Eclipse (e.g. Eclipse JEE, Eclipse PHP, ...)
• List of all the other plugins installed

We are packaging the following artifact at our update site: org.slf4j.api_1.7.30.v20200204-2150.jar
This one can also be found on Maven Central etc. while the other one I could not find any information about - the other one seems to be newer and either self-compiled or hosted somewhere else.

We have plans on dropping SLF4J at some point in the future but not in the near one.

Best,
Tobias

[jonasrutishauser]

I use Eclipse JEE and it even happens when only installing sonarlint.

I think it has to do with the update to slf4j version 2 in eclipse: https://www.eclipse.org/eclipse/news/4.28/platform.php#slf4j.api-version-2

In any case, the slf4j api should be provided by eclipse itself.

[henryju]

In any case, the slf4j api should be provided by eclipse itself.

Our concern is about older Eclipse versions, not providing slf4j.

[joeshannon]

We have started to encounter issues provisioning an Eclipse installation (with Oomph) when including the SonarLint plugin to be installed.

There is a hash mismatch for the org.slf4j.api plugin.
Downloading the jar (https://binaries.sonarsource.com/SonarLint-for-Eclipse/releases/8.0.0.80157/plugins/org.slf4j.api_1.7.30.v20200204-2150.jar) reveals:

$ md5sum org.slf4j.api_1.7.30.v20200204-2150.jar
240d891cb46d92568d634d4753816366  org.slf4j.api_1.7.30.v20200204-2150.jar

However during installation this is compared with the hash in the p2's artifacts.xml (accessed via https://binaries.sonarsource.com/SonarLint-for-Eclipse/releases/8.0.0.80157/artifacts.jar) which contains the following entry for this plugin:

<artifact classifier="osgi.bundle" id="org.slf4j.api" version="1.7.30.v20200204-2150">
<properties size="10">
<property name="artifact.size" value="63334"/>
<property name="download.size" value="63334"/>
<property name="maven-groupId" value="org.eclipse.orbit.bundles"/>
<property name="maven-artifactId" value="org.slf4j.api"/>
<property name="maven-version" value="1.7.30-SNAPSHOT"/>
<property name="download.md5" value="5bb2c4b4ca372fe1d13d34b16fc14501"/>
<property name="download.checksum.md5" value="5bb2c4b4ca372fe1d13d34b16fc14501"/>
<property name="download.checksum.sha-256" value="64586c4abdd61e69d4b0bc91d2fe83b07301e95f71e42c8aca3d424e7db8c0ba"/>
<property name="download.checksum.sha-512" value="01496aede1c91951c72eeaff854251e121939f3fa81c46da98adb3ed78d9c36bb3c43861ac1a48c84f3c25227bbe2f8ac8afe71bb8a1e3135199e33599d01848"/>
<property name="download.checksum.sha-1" value="9deed1d71f41ec6404d9d21e683a78c466048703"/>
</properties>
</artifact>

Interestingly the sha256 hash is correct.

Has something changed with repository generation or build configuration?
Do you think it would be possible to fix this?

[henryju]

@joeshannon I have reported the issue to Tycho developers: eclipse-tycho/tycho#2875

In the meantime, I think we can try to fix that on our side: https://sonarsource.atlassian.net/browse/SLE-738

[henryju]

@joeshannon any chance you could test to install using this update site, and see if you still have checksum mismatches? https://repox.jfrog.io/repox/sonarsource/org/sonarsource/sonarlint/eclipse/org.sonarlint.eclipse.site/8.1.0.80199/org.sonarlint.eclipse.site-8.1.0.80199.zip

[joeshannon]

Thank you for your response - yes that update site looks good and works.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[thahnen]

Hi @joeshannon,

I wanted to get back to you to inform you that with the upcoming release of SonarLint for Eclipse (scheduled for this) week, we are no longer packaging SLF4J with SonarLint.
I'll therefore close this pull request 😃