search

bcgov / jag-document-utils

Justice Sector PDF Merge Microservice integration with Adobe Experience Manager
Apache License 2.0
1 stars 1 forks source link

Bump splunk-library-javalogging from 1.8.0 to 1.11.3 in /src #89

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps splunk-library-javalogging from 1.8.0 to 1.11.3.

Release notes

Sourced from splunk-library-javalogging's releases.

Version 1.11.3

Version 1.11.3

Critical Security Update

Upgrade Log4J again v2.17.0 related to CVE-2021-45046 & CVE-2021-44228

Version 1.11.2

Version 1.11.2

Critical Security Update

  • Upgrading log4J to 2.16 per CVE-2021-45046.

Version 1.11.1

Version 1.11.1

Critical Security Update

  • Upgrading log4J per CVE-2021-44228. PR

Version 1.11.0

Minor Changes

  • Added a parameter to set await termination timeout. PR

Version 1.10.0

Bug Fixes

  • Fixed issue causing delayed time when using AsyncAppender (GitHub issue #186)
    • Now the timestamp is being recorded at the time when log event "occurs" instead of the time when log event is being "sent"

Minor Changes

  • Updated the project to use make conventions to spin up local dockerized instances.
  • Upgrade version of okhttp to 4.9.1.
  • Upgrade version of slf4j to 1.7.30.
  • Upgrade version of gson to 2.8.7.
  • Upgrade version of junit to 4.13.2.
  • Upgrade version of commons to 3.12.

Version 1.9.0

  • Resolve an issue with TcpAppender losing events when busy (@​avdv)
  • Fix an issue with middleware not delegating on completion (@​Blackbaud-MikeLueders)
  • Add EventHeaderSerializer that allows specifying HEC metadata (@​snorwin)
  • Allow specification of timeout parameters
  • Allow time to be specified by EventBodySerializer (@​avpavlov)
  • Use an Okhttp client per appender rather than a global client (@​snorwin)
  • Fix an issue with empty strings in configs (@​thomasmey)
  • Resolve an issue with sending raw events to HEC (@​tburch)
  • Allow templated metadata values to be applied to an appender (@​brunoalexandresantos)
Changelog

Sourced from splunk-library-javalogging's changelog.

Version 1.11.3

Critical Security Update

Upgrade Log4J again v2.17.0 related to CVE-2021-45046 & CVE-2021-44228

Version 1.11.2

Critical Security Update

  • Upgrading log4J to 2.16 per CVE-2021-45046.

Version 1.11.1

Critical Security Update

  • Upgrading log4J to 2.15 per CVE-2021-44228. PR

Version 1.11.0

Minor Changes

  • Added a parameter to set await termination timeout. PR

Version 1.10.0

Bug Fixes

  • Fixed issue causing delayed time when using AsyncAppender (GitHub issue #186)
    • Now the timestamp is being recorded at the time when log event "occurs" instead of the time when log event is being "sent"

Minor Changes

  • Updated the project to use make conventions to spin up local dockerized instances.
  • Upgrade version of okhttp to 4.9.1.
  • Upgrade version of slf4j to 1.7.30.
  • Upgrade version of gson to 2.8.7.
  • Upgrade version of junit to 4.13.2.
  • Upgrade version of commons to 3.12.

Version 1.9.0

  • Resolve an issue with TcpAppender losing events when busy (@​avdv)
  • Fix an issue with middleware not delegating on completion (@​Blackbaud-MikeLueders)
  • Add EventHeaderSerializer that allows specifying HEC metadata (@​snorwin)
  • Allow specification of timeout parameters
  • Allow time to be specified by EventBodySerializer (@​avpavlov)
  • Use an Okhttp client per appender rather than a global client (@​snorwin)
  • Fix an issue with empty strings in configs (@​thomasmey)
  • Resolve an issue with sending raw events to HEC (@​tburch)
  • Allow templated metadata values to be applied to an appender (@​brunoalexandresantos)
Commits
  • 267475b Merge pull request #232 from ranma2913/main
  • d265b28 Update version in readme to match pom.xml
  • 6ad0e57 Upgrade Log4J again v2.17.0 related to CVE-2021-45046 & CVE-2021-44228
  • 01cc589 Merge pull request #229 from splunk/log4j-2.16-CVE-2021-45046
  • 7a7882e Update log4j-core to 2.16 per CVE-2021-45046.
  • b717716 Merge pull request #226 from splunk/dependabot/maven/org.apache.logging.log4j...
  • 84171f8 Bump log4j-api from 2.15.0 to 2.16.0
  • 873187d Update CHANGELOG.md
  • f62497c Merge pull request #222 from manchicken/main
  • af151b2 Upgrading log4J per CVE-2021-44228
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 years ago

Superseded by #93.