search

apache / eventmesh

EventMesh is a new generation serverless event middleware for building distributed event-driven applications.
https://eventmesh.apache.org/
Apache License 2.0
1.56k stars 618 forks source link

Bump log4jVersion from 2.22.1 to 2.23.1 #4885

Closed dependabot[bot] closed 2 weeks ago

dependabot[bot] commented 2 weeks ago

Bumps log4jVersion from 2.22.1 to 2.23.1. Updates org.apache.logging.log4j:log4j-api from 2.22.1 to 2.23.1

Updates org.apache.logging.log4j:log4j-core from 2.22.1 to 2.23.1

Updates org.apache.logging.log4j:log4j-slf4j2-impl from 2.22.1 to 2.23.1

Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | org.apache.logging.log4j:log4j-api | [>= 2.20.a, < 2.21] |

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Pil0tXia commented 2 weeks ago

@dependabot unignore

dependabot[bot] commented 2 weeks ago

Sorry, the command you entered is not valid. Valid commands: @dependabot unignore <dependency name> <ignore condition> @dependabot unignore <dependency name> dependency

Pil0tXia commented 2 weeks ago

@dependabot unignore org.apache.logging.log4j:log4j-api dependency

dependabot[bot] commented 2 weeks ago

OK, I will stop ignoring the org.apache.logging.log4j:log4j-api dependency.

codecov[bot] commented 2 weeks ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 16.45%. Comparing base (8bf44d8) to head (4f5f923). Report is 1 commits behind head on master.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #4885 +/- ## ========================================= Coverage 16.45% 16.45% Complexity 1818 1818 ========================================= Files 910 910 Lines 32358 32358 Branches 2782 2782 ========================================= Hits 5325 5325 Misses 26518 26518 Partials 515 515 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.