Pointless complexity causes security disaster

https://youtu.be/UhuL11JaECM
https://youtu.be/uyq8yxWO1ls

I didn't even know about this until I stumbled on the first video above today.  I stopped using Log4j years ago because of its pointless complexity and bugs, and wrote my own logger.  There is no reason for a logger to do expression evaluation, it should just log strings.  So of course my logger is perfectly safe.

Oh wow. Just watched the video holy crap