search

SolaceProducts / solace-spring-boot

An umbrella project containing all Solace projects for Spring Boot
Apache License 2.0
25 stars 19 forks source link

Bump org.apache.logging.log4j:log4j-bom from 2.19.0 to 2.23.1 #125

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 5 months ago

Bumps org.apache.logging.log4j:log4j-bom from 2.19.0 to 2.23.1.

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.23.1

This release contains several small fixes and some dependency updates.

Changed

  • Improve performance of CloseableThreadContext#closeMap() (#2296)

Fixed

  • Fix handling of LoggerContextAware lookups (#2309)
  • Fix NPE in PatternProcessor for a UNIX_MILLIS pattern (#2346)
  • Fix that parameterized message formatting doesn't throw an exception when there are insufficient number of parameters (#2343)
  • Fix StatusLogger log level filtering when debug mode is enabled (#2337)
  • Add log4j2.StatusLogger.dateFormatZone system property to set the time-zone StatusLogger uses to format java.time.Instant. Without this, formatting patterns accessing to time-zone-specific fields (e.g., year-of-era) cause failures. (#2322)
  • Fix StatusLogger to correctly read log4j2.StatusLogger.properties resource (#2354)
  • Fix stack overflow in StatusLogger (#2322)

Updated

  • Update jakarta.activation:jakarta.activation-api to version 2.1.3 (#2335)
  • Update jakarta.mail:jakarta.mail-api to version 2.1.3 (#2348)
  • Update org.apache.commons:commons-compress to version 1.26.0 (#2304)
  • Update org.apache.commons:commons-dbcp2 to version 2.12.0 (#2344)
  • Update org.apache.kafka:kafka-clients to version 3.7.0 (#2326)
  • Update org.eclipse.angus:angus-activation to version 2.0.2 (#2336)
  • Update org.eclipse.angus:jakarta.mail to version 2.0.3 (#2349)

2.23.0

This release adds support for LMAX Disruptor 4.x and several performance and bug fixes.

In order to maintain compatibility with JRE 8, support for LMAX Disruptor 3.x is maintained.

Added

  • Added support for LMAX Disruptor 4.x (#1821)

Changed

  • Simplify BND configuration after upgrade from version 6.4.1 to 7.0.0

Deprecated

  • Deprecate the configuration attribute verbose (i.e., <Configuration verbose="...") and StatusConsoleListener filters (#2226)
  • Deprecated the RingBufferLogEventHandler class for removal from the public API in 3.x

Fixed

  • Fix regression in JdkMapAdapterStringMap performance. (#2238)
  • Fix the behavior of Logger#setLevel and Logger#getLevel in the Log4j 1.2 bridge. (#2282)
  • Fix the behavior of CoreLogger#getLevel and CoreLogger#setLevel in the log4j-jul module. (#2282)

... (truncated)

Commits
  • fea2a71 Update the project.build.outputTimestamp property
  • a0e24d1 Update release notes
  • 07ab0ce Release changelog
  • d48454c Arrange changelog entries
  • 989ce78 Set version to 2.23.1
  • a4a8e99 Fix StatusLogger to correctly read log4j2.StatusLogger.properties (#2354)
  • 054a4f7 Fix NPE in PatternProcessor for the UNIX pattern
  • 0eb232f Don't fail on insufficient parameters in ParameterFormatter (#2337, #2343)
  • 32075af Update org.eclipse.angus:jakarta.mail to version 2.0.3 (#2349)
  • eb8bc2f Update jakarta.mail:jakarta.mail-api to version 2.1.3 (#2348)
  • Additional commits viewable in compare view


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

mayur-solace commented 4 months ago

@dependabot recreate

dependabot[bot] commented 4 months ago

Looks like org.apache.logging.log4j:log4j-bom is no longer a dependency, so this is no longer needed.