This is an automated email from the ASF dual-hosted git repository.
github-bot pushed a change to branch dependabot/maven/com.h2database-h2-2.1.210
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git.
discard 3a430be Bump h2 from 1.4.200 to 2.1.210
add f777402 Specify passwords in tests because tests will fail with H2
2.x instead of 1.4.x.
add d31be58 Add mention of "CVE creation process" to the security page.
add 4450211 Mention that CVE voting takes place privately.
add 2260eb1 Merge pull request #690 from apache/CVE-creation-process
add 9475ca4 Use a default goal: clean verify
add 5475510 Avoid NPEs in edge cases for bridge clients.
add 11f6972 Fix getting the right logger context.
add 3042e80 Add Configurator.setLevel(Class, Level).
add 07467dc LOG4J2-3365 Fix JNDI typo in docs.
add e98c202 Bump plexus-utils from 3.4.0 to 3.4.1 (#728)
add 78c6847 Fixes StringIndexOutOfBoundsException in PropertiesUtilTest.
(#729)
add d53b137 Remove redundant interface definitions.
add d4491eb Fix typos in configuration manual page
add cb05c27 [LOG4J2-3341] Support logger level and appender refs shorthand
add fdbdc44 Add docs for LOG4J2-3341
add 5bef5c6 Add changelog entry for LOG4J2-3341
add a2ad280 Merge pull request #733 from apache/LOG4J2-3341
add 3ccfad6 Use latest security patches in readme
add 7c344df Add GitHub action status badge
add d2e3251 Add CodeQL analysis workflow
add 0aee498 Port build logic to codeql scan
add 84e73a4 Use https url for repository
add a4590f7 Remove CSRF disabling in sample code
add b96f600 Only run the release-2.x workflow on said branch
add 909051e Bump h2 from 1.4.200 to 2.1.210
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (3a430be)
\
N -- N -- N
refs/heads/dependabot/maven/com.h2database-h2-2.1.210 (909051e)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
No new revisions were added by this update.
Summary of changes:
.github/workflows/build.yml | 4 +-
.github/workflows/codeql-analysis.yml | 90 ++++++++++++++++++++++
README.md | 10 +--
.../org/apache/log4j/PropertyConfigurator.java | 30 ++++----
.../apache/logging/log4j/util/PropertiesUtil.java | 6 +-
.../logging/log4j/util/PropertiesUtilTest.java | 3 +-
.../test/resources/PropertiesUtilTest.properties | 3 +
.../logging/log4j/core/config/Configurator.java | 31 ++++++--
.../properties/PropertiesConfigurationBuilder.java | 40 ++++++++--
.../logging/log4j/core/layout/PatternLayout.java | 6 +-
.../org/apache/logging/log4j/core/LoggerTest.java | 17 +++-
.../properties/PropertiesConfigurationTest.java | 24 ++++++
.../resources/LoggerLevelAppenderTest.properties | 14 ++--
.../RootLoggerLevelAppenderTest.properties | 6 +-
.../core/appender/db/jpa/JpaH2AppenderTest.java | 2 +-
.../appender/db/jpa/JpaHsqldbAppenderTest.java | 2 +-
.../src/test/resources/META-INF/persistence.xml | 4 +-
.../pom.xml | 2 +-
.../service/config/SecurityConfiguration.java | 1 -
pom.xml | 3 +-
src/changes/changes.xml | 5 +-
src/site/markdown/security.md | 19 ++---
src/site/xdoc/manual/configuration.xml.vm | 82 +++++++++++++++-----
src/site/xdoc/manual/lookups.xml | 2 +-
24 files changed, 315 insertions(+), 91 deletions(-)
create mode 100644 .github/workflows/codeql-analysis.yml
copy
log4j-web/src/main/resources/META-INF/services/javax.servlet.ServletContainerInitializer
=> log4j-core/src/test/resources/LoggerLevelAppenderTest.properties (73%)
copy
log4j-appserver/src/main/resources/META-INF/services/org.apache.juli.logging.Log
=> log4j-core/src/test/resources/RootLoggerLevelAppenderTest.properties (89%)
