dependabot[bot] opened a new pull request, #954: URL: https://github.com/apache/axis-axis2-java-core/pull/954
Bumps [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) from 2.24.3 to 2.25.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/logging-log4j2/releases";>org.apache.logging.log4j:log4j-bom's releases</a>.</em></p> <blockquote> <h2>2.25.0</h2> <p>This minor release introduces bug fixes, behavior improvements, and complete support for GraalVM native image generation.</p> <h2>GraalVM Reachability Metadata</h2> <p>Log4j Core and all extension modules now include embedded<br /> <a href="https://www.graalvm.org/latest/reference-manual/native-image/metadata/";>GraalVM reachability metadata</a>,<br /> enabling seamless generation of native images with GraalVM out of the box—no manual configuration required.<br /> For more information, refer to our <a href="https://github.com/apache/logging-log4j2/blob/HEAD/graalvm.adoc";>GraalVM guide</a>.</p> <blockquote> <p>[!NOTE]<br /> When building third-party Log4j plugins, using the new <code>GraalVmProcessor</code><br /> introduced in version <code>2.25.0</code> will automatically generate the required reachability metadata for GraalVM native images.<br /> However, the processor will fail the build if the required <code>log4j.graalvm.groupId</code> and <code>log4j.graalvm.artifactId</code> parameters are not provided.<br /> For detailed instructions, see <a href="https://logging.apache.org/log4j/2.x/manual/plugins.adoc#plugin-registry";>Registering plugins</a>.</p> </blockquote> <h2>Exception Handling in Pattern Layout</h2> <p>Exception handling in <a href="https://logging.apache.org/log4j/2.x/manual/pattern-layout.adoc";>Pattern Layout</a> has undergone a significant rewrite.<br /> This update resolves several bugs and ensures consistent behavior across all exception converters.<br /> Key improvements include:</p> <ul> <li>Stack traces are now consistently prefixed with a newline instead of other whitespace.</li> <li>The default exception converter has changed from <a href="https://logging.apache.org/log4j/2.x/manual/pattern-layout.adoc#converter-exception-extended";>extended</a> to <a href="https://logging.apache.org/log4j/2.x/manual/pattern-layout.adoc#converter-exception";>plain</a>, offering better performance.</li> <li>Support for the <code>{ansi}</code> option in exception converters has been removed.</li> </ul> <h2>Date & Time Formatting</h2> <p>Log4j has historically provided custom date and time formatters for performance, such as <a href="https://logging.apache.org/log4j/2.x/javadoc/log4j-core/org/apache/logging/log4j/core/util/datetime/FixedDateFormat.html";><code>FixedDateFormat</code></a> and <a href="https://logging.apache.org/log4j/2.x/javadoc/log4j-core/org/apache/logging/log4j/core/util/datetime/FastDateFormat.html";><code>FastDateFormat</code></a>.<br /> These are now deprecated in favor of Java’s standard <a href="https://docs.oracle.com/javase/%7Bjava-target-version%7D/docs/api/java/time/format/DateTimeFormatter.html";><code>DateTimeFormatter</code></a>.</p> <p>If you encounter formatting issues after upgrading—particularly with <code>n</code> or <code>x</code> directives—you can temporarily revert to the legacy formatters by setting the <a href="https://logging.apache.org/log4j/2.x/manual/systemproperties.adoc#log4j2.instantFormatter";><code>log4j2.instantFormatter</code></a> property to <code>legacy</code>.<br /> Please report any issues via our <a href="https://logging.apache.org/support.html#issues";>issue tracker</a>.</p> <h2>ANSI Support on Windows</h2> <p>Modern Windows versions (10 and newer) provide native ANSI escape sequence support.<br /> As a result, dependency on the outdated JAnsi 1.x library has been removed.<br /> For details, refer to <a href="https://logging.apache.org/log4j/2.x/manual/pattern-layout.adoc#jansi";>ANSI styling on Windows</a>.</p> <h2>Jakarta JMS Appender</h2> <p>A Jakarta-compatible version of the <a href="https://logging.apache.org/log4j/2.x/manual/appenders/message-queue.adoc#JmsAppender";>JMS Appender</a> is now included in the core distribution.</p> <h2>Added</h2> <ul> <li>Add Google OSS-Fuzz integration (<a href="https://redirect.github.com/apache/logging-log4j2/issues/2949";>#2949</a>)</li> <li>Add a <code>GraalVmProcessor</code> annotation processor to generate GraalVM reachability metadata. (<a href="https://redirect.github.com/apache/logging-log4j2/issues/3053";>#3053</a>)</li> <li>Add <code>MonitorResource</code> configuration option to support the monitoring of external files in addition to the configuration file itself. (<a href="https://redirect.github.com/apache/logging-log4j2/issues/3074";>#3074</a>, <a href="https://redirect.github.com/apache/logging-log4j2/issues/3501";>#3501</a>)</li> <li>Fixed typo in "LoggerConfig.RootLogger.Builder#withtFilter(...)" method. Created new corrected 'withFilter()' method and deprecated old method. (<a href="https://redirect.github.com/apache/logging-log4j2/issues/3369";>#3369</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/logging-log4j2/commit/ea10ad3e78469e43f138853b8c9892bc51bc87ec";><code>ea10ad3</code></a> Update the <code>project.build.outputTimestamp</code> property</li> <li><a href="https://github.com/apache/logging-log4j2/commit/75061eb9d266005c871eedaeab668faa2118ce7d";><code>75061eb</code></a> fix: Javadoc and documentation problems</li> <li><a href="https://github.com/apache/logging-log4j2/commit/c9fbc53323a1222a169b5028c950d87af887962d";><code>c9fbc53</code></a> fix: use normalized form for new configuration property</li> <li><a href="https://github.com/apache/logging-log4j2/commit/62e802d6d9a127c065a4bc0fa3158729e68df455";><code>62e802d</code></a> Prepare release notes for <code>2.25.0</code></li> <li><a href="https://github.com/apache/logging-log4j2/commit/422c385dc9450d4f620a23d84abe2d6a0aa5b9fb";><code>422c385</code></a> Bump apache/logging-parent/.github/workflows/deploy-site-reusable.yaml@rel/12...</li> <li><a href="https://github.com/apache/logging-log4j2/commit/0c5b2b88d316037ba39795b7694e7c336cca9381";><code>0c5b2b8</code></a> Bump apache/logging-parent/.github/workflows/deploy-snapshot-reusable.yaml@re...</li> <li><a href="https://github.com/apache/logging-log4j2/commit/2b5c2a9f820c9cd4c6b654c16649aeb70f88a7d7";><code>2b5c2a9</code></a> Bump apache/logging-parent/.github/workflows/codeql-analysis-reusable.yaml@re...</li> <li><a href="https://github.com/apache/logging-log4j2/commit/74df3130cdb67d60500923b796cdf6e8c9639c3f";><code>74df313</code></a> Bump apache/logging-parent/.github/workflows/build-reusable.yaml@rel/12.1.0 (...</li> <li><a href="https://github.com/apache/logging-log4j2/commit/95d451b684cb893634616325ed3903d7a14ab9ec";><code>95d451b</code></a> Bump apache/logging-parent/.github/workflows/deploy-release-reusable.yaml@rel...</li> <li><a href="https://github.com/apache/logging-log4j2/commit/5655118b5eebc7eb0d972ee2a4f23d06bbcfd974";><code>5655118</code></a> Bump apache/logging-parent/.github/workflows/verify-reproducibility-reusable....</li> <li>Additional commits viewable in <a href="https://github.com/apache/logging-log4j2/compare/rel/2.24.3...rel/2.25.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: java-dev-unsubscr...@axis.apache.org For additional commands, e-mail: java-dev-h...@axis.apache.org
