Bump org.apache.logging.log4j:log4j-bom from 2.23.1 to 2.24.0

[dependabot]

Bumps org.apache.logging.log4j:log4j-bom from 2.23.1 to 2.24.0.

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.24.0

The 2.24.0 version of Log4j API has been enhanced with changes from the 3.x branch and will be used by both Log4j 2 Core and Log4j 3 Core releases. The changes include:

• A faster default ThreadContextMap.
• Enhanced GraalVM support: native binaries that use Log4j API will no longer require additional GraalVM configuration.
• The configuration properties subsystem now only accepts the official pre-2.10 property names and the normalized post-2.10 names. Check your configuration for typos.

Documentation

The Apache Log4j 2 website has been almost entirely rewritten to provide improved documentation and faster access to the information you need.

Bridges

The JUL-to-Log4j API and Log4j 1-to-Log4j API will no longer be able to modify the configuration of Log4j Core by default. If such a functionality is required, it must be explicitly enabled.

Modules

The following Log4j Core additional modules have been removed:

• log4j-flume-ng The module is no longer part of the release process and will follow its own release lifecycle. Please manage your dependencies using log4j-bom to always use its latest version.

• log4j-kubernetes The module has been moved to the Fabric8.io Kubernetes project and follows the Fabric8.io release lifecycle.

• log4j-mongodb3 The module based on MongoDB Java client version 3.x has been removed. Please migrate to log4j-mongodb (client version 5.x) or log4j-mongodb4 (client version 4.x).

JMX changes

Starting in version 2.24.0, JMX support is disabled by default and can be re-enabled via the log4j2.disableJmx=false system property.

Added

• Add a faster DefaultThreadContextMap implementation. (#2330)
• Add Logback throwable-consuming semantics as an option inlog4j-slf4j-impl and log4j-slf4j2-impl. Users can enable it by setting the property log4j2.messageFactory to org.apache.logging.slf4j.message.ThrowableConsumingMessageFactory. (#2363)

• Add trace context fields to GcpLayout.json (#2498)
• Add "Plugin Reference" to the website. It is a Javadoc-on-steroids focusing on Log4j plugins. (#1954)
• Automate website deployment using the new CI infrastructure shipped with org.apache.logging:logging-parent:11.0.0

=== Changed

• Fix usage of log4j-api in GraalVM without additional reachability data. (#1539)
• Ignore exceptions thrown by PropertySources. (Spirng-33450)
• Add logging to PropertiesUtil and fix Duration parser. (#1936)

... (truncated)

Commits

• c79ae32 Release changelog for version 2.24.0
• 48e562a Update the project.build.outputTimestamp property
• 6de281d Fix token type
• aec61f4 Improve generate-email.sh script
• 749b577 Fix typo in build.yaml
• 0e22358 Disable FQDN test on misconfigured hosts
• 5250a47 Fix the documentation of the 2.24.0 release
• 0805368 Update the project.build.outputTimestamp property
• 88338a5 Release notes for version 2.24.0
• 56313a1 Improve GraalVM support of SimpleLoggerContext
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)