Upgrade logging dependencies to latest versions

[kothar]

Summary

This pull request updates the logging framework dependencies to their latest stable versions to improve security, performance, and compatibility.

Key Changes

• slf4j-api: Updated from 1.7.32 to 1.7.36
• log4j-slf4j-impl: Updated from 2.16.0 to 2.24.3
• log4j-core: Updated from 2.17.0 to 2.24.3

Details

These updates address security vulnerabilities and bring in bug fixes and improvements from the latest releases of the SLF4J and Log4j libraries. The test-scoped dependencies are aligned to the same Log4j version (2.24.3) for consistency.

https://claude.ai/code/session_014phy5zjtiuXQdvZ3osrDW4

Summary by CodeRabbit

• Chores
  • Updated logging-related test dependencies to newer versions for maintenance and compatibility.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: db73c816-e287-4a45-babb-a797f3be84ff

📥 Commits

Reviewing files that changed from the base of the PR and between 28f7068 and 7bf01bf.

📒 Files selected for processing (1)

• pom.xml

---

📝 Walkthrough

Walkthrough

Updated test logging dependencies in pom.xml to newer versions: SLF4J API from 1.7.32 to 1.7.36, and Log4j implementation and core from 2.16.0/2.17.0 to 2.24.3 respectively, maintaining test scope.

Changes

Cohort / File(s)	Summary
Dependency Version Updates pom.xml	Updated three test-scoped logging dependencies: SLF4J API (1.7.32 → 1.7.36), Log4j SLF4J impl (2.16.0 → 2.24.3), and Log4j core (2.17.0 → 2.24.3).

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 Hops through versions with glee,
Log4j hops up to twenty-four,
SLF4J skips three steps more,
Security patches now flow free,
Dependencies updated with care! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Upgrade logging dependencies to latest versions' directly and accurately summarizes the main change: updating slf4j-api, log4j-slf4j-impl, and log4j-core to newer versions.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/update-dependencies-log4j-tl3yt

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	org.apache.logging.log4j/​log4j-core@​2.17.0 ⏵ 2.24.3		+2
	org.slf4j/​slf4j-api@​1.7.32 ⏵ 1.7.36
	org.apache.logging.log4j/​log4j-slf4j-impl@​2.16.0 ⏵ 2.24.3	+1

View full report