search

SolaceProducts / solace-spring-cloud

An umbrella project containing all Solace projects for Spring Cloud
Apache License 2.0
20 stars 14 forks source link

Bump org.apache.logging.log4j:log4j-bom from 2.21.1 to 2.23.1 #272

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 5 months ago

Bumps org.apache.logging.log4j:log4j-bom from 2.21.1 to 2.23.1.

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.23.1

This release contains several small fixes and some dependency updates.

Changed

  • Improve performance of CloseableThreadContext#closeMap() (#2296)

Fixed

  • Fix handling of LoggerContextAware lookups (#2309)
  • Fix NPE in PatternProcessor for a UNIX_MILLIS pattern (#2346)
  • Fix that parameterized message formatting doesn't throw an exception when there are insufficient number of parameters (#2343)
  • Fix StatusLogger log level filtering when debug mode is enabled (#2337)
  • Add log4j2.StatusLogger.dateFormatZone system property to set the time-zone StatusLogger uses to format java.time.Instant. Without this, formatting patterns accessing to time-zone-specific fields (e.g., year-of-era) cause failures. (#2322)
  • Fix StatusLogger to correctly read log4j2.StatusLogger.properties resource (#2354)
  • Fix stack overflow in StatusLogger (#2322)

Updated

  • Update jakarta.activation:jakarta.activation-api to version 2.1.3 (#2335)
  • Update jakarta.mail:jakarta.mail-api to version 2.1.3 (#2348)
  • Update org.apache.commons:commons-compress to version 1.26.0 (#2304)
  • Update org.apache.commons:commons-dbcp2 to version 2.12.0 (#2344)
  • Update org.apache.kafka:kafka-clients to version 3.7.0 (#2326)
  • Update org.eclipse.angus:angus-activation to version 2.0.2 (#2336)
  • Update org.eclipse.angus:jakarta.mail to version 2.0.3 (#2349)

2.23.0

This release adds support for LMAX Disruptor 4.x and several performance and bug fixes.

In order to maintain compatibility with JRE 8, support for LMAX Disruptor 3.x is maintained.

Added

  • Added support for LMAX Disruptor 4.x (#1821)

Changed

  • Simplify BND configuration after upgrade from version 6.4.1 to 7.0.0

Deprecated

  • Deprecate the configuration attribute verbose (i.e., <Configuration verbose="...") and StatusConsoleListener filters (#2226)
  • Deprecated the RingBufferLogEventHandler class for removal from the public API in 3.x

Fixed

  • Fix regression in JdkMapAdapterStringMap performance. (#2238)
  • Fix the behavior of Logger#setLevel and Logger#getLevel in the Log4j 1.2 bridge. (#2282)
  • Fix the behavior of CoreLogger#getLevel and CoreLogger#setLevel in the log4j-jul module. (#2282)

... (truncated)

Commits
  • fea2a71 Update the project.build.outputTimestamp property
  • a0e24d1 Update release notes
  • 07ab0ce Release changelog
  • d48454c Arrange changelog entries
  • 989ce78 Set version to 2.23.1
  • a4a8e99 Fix StatusLogger to correctly read log4j2.StatusLogger.properties (#2354)
  • 054a4f7 Fix NPE in PatternProcessor for the UNIX pattern
  • 0eb232f Don't fail on insufficient parameters in ParameterFormatter (#2337, #2343)
  • 32075af Update org.eclipse.angus:jakarta.mail to version 2.0.3 (#2349)
  • eb8bc2f Update jakarta.mail:jakarta.mail-api to version 2.1.3 (#2348)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 4 months ago

Looks like org.apache.logging.log4j:log4j-bom is no longer a dependency, so this is no longer needed.