Bump the all group across 2 directories with 4 updates

[dependabot]

Bumps the all group with 2 updates in the / directory: org.apache.logging.log4j:log4j-bom and org.apache.logging.log4j:log4j-core.
Bumps the all group with 3 updates in the /log4j-samples-graalvm directory: org.apache.logging.log4j:log4j-bom, org.assertj:assertj-bom and org.graalvm.buildtools:native-maven-plugin.

Updates org.apache.logging.log4j:log4j-bom from 0.0.0-SNAPSHOT to 2.25.2

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.25.2

This patch release addresses certain minor issues detailed in the changelog.

Fixed

• Fix potential memory leak involving LogBuilder in Log4j API to Logback bridge (#3819, #3824)
• Prevent unnecessary warnings in AbstractDriverManagerConnectionSource (#3828, #3831)
• Fix missing newlines in default logging configuration for log4j-core (#3835, #3851)
• Fix missing default Target value in Console Appender (#3852)
• Discard the sub-second part while obtaining the initial time (i.e., creation time) of a file in RollingFileManager (#3068, #3872)
• Fix Pattern Layout exception stack trace converters to no longer prepend newlines based on context (#3873, #3919)
• Fix the com.google.errorprone:error_prone_annotations dependency whose version property gets erased due to flattening (#3779, #3785, #3822, #3905)
• Fix detection of Throwable converters inside nested Pattern Layout patterns when applying alwaysWriteExceptions (#3920)
• Fix parsing and merging of literals in InstantPatternDynamicFormatter (#3930, #3932)

2.25.1

This patch release addresses a dozen bugs in version 2.25.0, in particular:

• Resolves a concurrency issue in the new unified datetime formatter.
• Fixes build failures affecting Gradle users.
• Restores backward compatibility with Spring Boot’s common logging configuration.
• Improves handling of edge cases in GraalVM support.

Fixed

• Fix detection of the Disruptor major version in environments with non-standard thread context classloader. (#3706)
• Downgrade spotbugs-annotations to resolve Gradle build failures. (#3754)
• Fix incorrect version resolution of jspecify and error_prone_annotations dependencies in published POM files. (#3758, #3779)
• Restore compatibility with Spring Boot by allowing reconfiguration using the LoggerContext.start method. (#3770)
• Allow omission of the -Alog4j.graalvm.groupId and -Alog4j.graalvm.artifactId arguments when building Log4j plugins. (#3771)
• Broaden the OSGi manifest's Import-Package constraints to support Jakarta Servlet API up to version 6. (#3787)
• Enable the resource: protocol for configuration files by default when running on GraalVM. (#3790)
• Fix timestamp formatting concurrency issue, when log4j2.enabledThreadlocals is true. (#3792)
• Fix GraalVM reachability metadata generation for methods with annotated array type parameters, such as @Nullable String[]. (#3796)
• Resolve PropertiesConfiguration compatibility issues with GraalVM and address additional minor reflection-related problems. (#3800)

2.25.0

This minor release introduces bug fixes, behavior improvements, and complete support for GraalVM native image generation.

GraalVM Reachability Metadata

Log4j Core and all extension modules now include embedded
GraalVM reachability metadata,
enabling seamless generation of native images with GraalVM out of the box—no manual configuration required.
For more information, refer to our GraalVM guide.

[!NOTE]
When building third-party Log4j plugins, using the new GraalVmProcessor
introduced in version 2.25.0 will automatically generate the required reachability metadata for GraalVM native images.
However, the processor will fail the build if the required log4j.graalvm.groupId and log4j.graalvm.artifactId parameters are not provided.

... (truncated)

Commits

• See full diff in compare view

Updates org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

Updates org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

Updates org.apache.logging.log4j:log4j-bom from 2.25.1 to 2.25.2

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.25.2

This patch release addresses certain minor issues detailed in the changelog.

Fixed

• Fix potential memory leak involving LogBuilder in Log4j API to Logback bridge (#3819, #3824)
• Prevent unnecessary warnings in AbstractDriverManagerConnectionSource (#3828, #3831)
• Fix missing newlines in default logging configuration for log4j-core (#3835, #3851)
• Fix missing default Target value in Console Appender (#3852)
• Discard the sub-second part while obtaining the initial time (i.e., creation time) of a file in RollingFileManager (#3068, #3872)
• Fix Pattern Layout exception stack trace converters to no longer prepend newlines based on context (#3873, #3919)
• Fix the com.google.errorprone:error_prone_annotations dependency whose version property gets erased due to flattening (#3779, #3785, #3822, #3905)
• Fix detection of Throwable converters inside nested Pattern Layout patterns when applying alwaysWriteExceptions (#3920)
• Fix parsing and merging of literals in InstantPatternDynamicFormatter (#3930, #3932)

2.25.1

This patch release addresses a dozen bugs in version 2.25.0, in particular:

• Resolves a concurrency issue in the new unified datetime formatter.
• Fixes build failures affecting Gradle users.
• Restores backward compatibility with Spring Boot’s common logging configuration.
• Improves handling of edge cases in GraalVM support.

Fixed

• Fix detection of the Disruptor major version in environments with non-standard thread context classloader. (#3706)
• Downgrade spotbugs-annotations to resolve Gradle build failures. (#3754)
• Fix incorrect version resolution of jspecify and error_prone_annotations dependencies in published POM files. (#3758, #3779)
• Restore compatibility with Spring Boot by allowing reconfiguration using the LoggerContext.start method. (#3770)
• Allow omission of the -Alog4j.graalvm.groupId and -Alog4j.graalvm.artifactId arguments when building Log4j plugins. (#3771)
• Broaden the OSGi manifest's Import-Package constraints to support Jakarta Servlet API up to version 6. (#3787)
• Enable the resource: protocol for configuration files by default when running on GraalVM. (#3790)
• Fix timestamp formatting concurrency issue, when log4j2.enabledThreadlocals is true. (#3792)
• Fix GraalVM reachability metadata generation for methods with annotated array type parameters, such as @Nullable String[]. (#3796)
• Resolve PropertiesConfiguration compatibility issues with GraalVM and address additional minor reflection-related problems. (#3800)

2.25.0

This minor release introduces bug fixes, behavior improvements, and complete support for GraalVM native image generation.

GraalVM Reachability Metadata

Log4j Core and all extension modules now include embedded
GraalVM reachability metadata,
enabling seamless generation of native images with GraalVM out of the box—no manual configuration required.
For more information, refer to our GraalVM guide.

[!NOTE]
When building third-party Log4j plugins, using the new GraalVmProcessor
introduced in version 2.25.0 will automatically generate the required reachability metadata for GraalVM native images.
However, the processor will fail the build if the required log4j.graalvm.groupId and log4j.graalvm.artifactId parameters are not provided.

... (truncated)

Commits

• See full diff in compare view

Updates org.assertj:assertj-bom from 3.27.4 to 3.27.6

Release notes

Sourced from org.assertj:assertj-bom's releases.

v3.27.6

🐛 Bug Fixes

Core

• Add missing export for org.assertj.core.annotation #3951

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​duponter

v3.27.5

⚡ Improvements

Core

• ByteBuddy in AssertJ 3.27.4 not compatible with Java 25 #3946

🔨 Dependency Upgrades

Core

• Upgrade to Byte Buddy 1.17.7 #3947
• Upgrade to JUnit BOM 5.13.4 #3947

Guava

• Upgrade to Guava 33.4.8-jre #3947

Commits

• 716b1e0 [maven-release-plugin] prepare release assertj-build-3.27.6
• e189652 Add missing export for org.assertj.core.annotation (#3951)
• 0cb489e Update Maven Central URL
• 7286309 [maven-release-plugin] prepare for next development iteration
• dd4cc1d [maven-release-plugin] prepare release assertj-build-3.27.5
• 1d0defc Add missing permission to release workflow
• 844d5d0 Add missing GitHub Actions pinning to CodeQL workflow
• bdd7106 Add CodeQL custom workflow
• a93d7e6 Remove EOL Java 24
• 26ea866 Update production dependencies (#3947)
• Additional commits viewable in compare view

Updates org.graalvm.buildtools:native-maven-plugin from 0.11.0 to 0.11.1

Commits

• 6545631 Create release 0.11.1
• 359acfb Update licenses to pass style check
• 7327427 Add changelog entries
• 73d17cc Update Reachability metadata version
• eb52764 Add new JUnit 5.14/6.0 types to initialize-at-build-time classes
• f94e6d6 Disable layered images test temporarily because of a problem on GraalVM side
• 200e23c Update docs/src/docs/asciidoc/end-to-end-gradle-guide.adoc
• 079f06d Move JUnit tests to get started
• 50d8fbb supporting jdk toolchain configuration
• 77b4cfb Add testing of Gradle 9
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.