This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-java.git
The following commit(s) were added to refs/heads/main by this push:
new 923a5df0d MINOR: Bump logback.version from 1.5.25 to 1.5.26 (#981)
923a5df0d is described below
commit 923a5df0d668aa90f0d322f618314118ea0399e6
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Tue Jan 27 18:26:34 2026 +0100
MINOR: Bump logback.version from 1.5.25 to 1.5.26 (#981)
Bumps `logback.version` from 1.5.25 to 1.5.26.
Updates `ch.qos.logback:logback-classic` from 1.5.25 to 1.5.26
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases";>ch.qos.logback:logback-classic's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.26</h2>
<p><strong>2026-01-25 Release of logback version 1.5.26</strong></p>
<p>• InsertFromJNDIModelHandler was accessing javax.naming package
forcing the inclusion of the optional java.naming module. This problem
was raised in <a
href="https://redirect.github.com/qos-ch/logback/issues/1003";>issues/1003</a>
by Marius Hanl who also provided the relevant PR.</p>
<p>• In applications using shadow/fat/shade jars, module or package
information could be lost. Thus, in the absence of version information,
logback-classic would warn about version mismatches. Logback components
now ship with properties files containing version information that
survive shadow/fat/shade jars. This issue was reporteed in <a
href="https://redirect.github.com/qos-ch/logback/issues/1002";>issues/1002</a>
by Christoph Gritschenberger.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
33deb54506bbfaf1ff151f26f3a5f86936011619 associated with the tag
v_1.5.26. Release built using Java "21" 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/33deb54506bbfaf1ff151f26f3a5f86936011619";><code>33deb54</code></a>
prepare release 1.5.26</li>
<li><a
href="https://github.com/qos-ch/logback/commit/d38a3e2113d11c98b2ae4dc01b5a262de4cb6388";><code>d38a3e2</code></a>
refactoring based on usage in logback-access</li>
<li><a
href="https://github.com/qos-ch/logback/commit/4368333c90125f4f9e4fd3d17946c73eb1bc97fe";><code>4368333</code></a>
move VersionUtil.getCoreVersionBySelfDeclaredProperties to
CoreVersionUtil</li>
<li><a
href="https://github.com/qos-ch/logback/commit/8bd5660bdb4b7b4d6ce67e576f16bea987e93899";><code>8bd5660</code></a>
modify VersionCheckTest to use logback-core 1.5.25</li>
<li><a
href="https://github.com/qos-ch/logback/commit/7a8f0b6e32953fc38762f7025d77c3f6d7dd39a5";><code>7a8f0b6</code></a>
version information is self declared by modules.</li>
<li><a
href="https://github.com/qos-ch/logback/commit/00d272f6aeb87708bed6fc42e9207557fa7f7d02";><code>00d272f</code></a>
Do not use javax.naming namespace in the catch block, so that Logback
can be ...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/420d67c965b0ef76a084ac37cc45c95d16ffece3";><code>420d67c</code></a>
mention country only, add missing 2016-03-29</li>
<li><a
href="https://github.com/qos-ch/logback/commit/033aba4896778c8a082833ff06240f4873766a29";><code>033aba4</code></a>
fix javadoc errors</li>
<li><a
href="https://github.com/qos-ch/logback/commit/6d52744c4c378be58c5df95aa4b4d3bc6f9c18c8";><code>6d52744</code></a>
start work on 1.5.26-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.25...v_1.5.26";>compare
view</a></li>
</ul>
</details>
<br />
Updates `ch.qos.logback:logback-core` from 1.5.25 to 1.5.26
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/qos-ch/logback/releases";>ch.qos.logback:logback-core's
releases</a>.</em></p>
<blockquote>
<h2>Logback 1.5.26</h2>
<p><strong>2026-01-25 Release of logback version 1.5.26</strong></p>
<p>• InsertFromJNDIModelHandler was accessing javax.naming package
forcing the inclusion of the optional java.naming module. This problem
was raised in <a
href="https://redirect.github.com/qos-ch/logback/issues/1003";>issues/1003</a>
by Marius Hanl who also provided the relevant PR.</p>
<p>• In applications using shadow/fat/shade jars, module or package
information could be lost. Thus, in the absence of version information,
logback-classic would warn about version mismatches. Logback components
now ship with properties files containing version information that
survive shadow/fat/shade jars. This issue was reporteed in <a
href="https://redirect.github.com/qos-ch/logback/issues/1002";>issues/1002</a>
by Christoph Gritschenberger.</p>
<p>• A bit-wise identical binary of this version can be reproduced by
building from source code at commit
33deb54506bbfaf1ff151f26f3a5f86936011619 associated with the tag
v_1.5.26. Release built using Java "21" 2023-10-17 LTS build
21.0.1.+12-LTS-29 under Linux Debian 11.6.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/qos-ch/logback/commit/33deb54506bbfaf1ff151f26f3a5f86936011619";><code>33deb54</code></a>
prepare release 1.5.26</li>
<li><a
href="https://github.com/qos-ch/logback/commit/d38a3e2113d11c98b2ae4dc01b5a262de4cb6388";><code>d38a3e2</code></a>
refactoring based on usage in logback-access</li>
<li><a
href="https://github.com/qos-ch/logback/commit/4368333c90125f4f9e4fd3d17946c73eb1bc97fe";><code>4368333</code></a>
move VersionUtil.getCoreVersionBySelfDeclaredProperties to
CoreVersionUtil</li>
<li><a
href="https://github.com/qos-ch/logback/commit/8bd5660bdb4b7b4d6ce67e576f16bea987e93899";><code>8bd5660</code></a>
modify VersionCheckTest to use logback-core 1.5.25</li>
<li><a
href="https://github.com/qos-ch/logback/commit/7a8f0b6e32953fc38762f7025d77c3f6d7dd39a5";><code>7a8f0b6</code></a>
version information is self declared by modules.</li>
<li><a
href="https://github.com/qos-ch/logback/commit/00d272f6aeb87708bed6fc42e9207557fa7f7d02";><code>00d272f</code></a>
Do not use javax.naming namespace in the catch block, so that Logback
can be ...</li>
<li><a
href="https://github.com/qos-ch/logback/commit/420d67c965b0ef76a084ac37cc45c95d16ffece3";><code>420d67c</code></a>
mention country only, add missing 2016-03-29</li>
<li><a
href="https://github.com/qos-ch/logback/commit/033aba4896778c8a082833ff06240f4873766a29";><code>033aba4</code></a>
fix javadoc errors</li>
<li><a
href="https://github.com/qos-ch/logback/commit/6d52744c4c378be58c5df95aa4b4d3bc6f9c18c8";><code>6d52744</code></a>
start work on 1.5.26-SNAPSHOT</li>
<li>See full diff in <a
href="https://github.com/qos-ch/logback/compare/v_1.5.25...v_1.5.26";>compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 51920947c..4bab9b06c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -111,7 +111,7 @@ under the License.
<checkstyle.failOnViolation>true</checkstyle.failOnViolation>
<error_prone_core.version>2.42.0</error_prone_core.version>
<checker.framework.version>3.53.0</checker.framework.version>
- <logback.version>1.5.25</logback.version>
+ <logback.version>1.5.26</logback.version>
<doclint>none</doclint>
<additionalparam>-Xdoclint:none</additionalparam>
<!-- List of add-opens arg line arguments for tests -->
