Bump org.apache.logging.log4j:log4j-bom from 2.25.0 to 2.25.1

[dependabot]

Bumps org.apache.logging.log4j:log4j-bom from 2.25.0 to 2.25.1.

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.25.1

This patch release addresses a dozen bugs in version 2.25.0, in particular:

• Resolves a concurrency issue in the new unified datetime formatter.
• Fixes build failures affecting Gradle users.
• Restores backward compatibility with Spring Boot’s common logging configuration.
• Improves handling of edge cases in GraalVM support.

Fixed

• Fix detection of the Disruptor major version in environments with non-standard thread context classloader. (#3706)
• Downgrade spotbugs-annotations to resolve Gradle build failures. (#3754)
• Fix incorrect version resolution of jspecify and error_prone_annotations dependencies in published POM files. (#3758, #3779)
• Restore compatibility with Spring Boot by allowing reconfiguration using the LoggerContext.start method. (#3770)
• Allow omission of the -Alog4j.graalvm.groupId and -Alog4j.graalvm.artifactId arguments when building Log4j plugins. (#3771)
• Broaden the OSGi manifest's Import-Package constraints to support Jakarta Servlet API up to version 6. (#3787)
• Enable the resource: protocol for configuration files by default when running on GraalVM. (#3790)
• Fix timestamp formatting concurrency issue, when log4j2.enabledThreadlocals is true. (#3792)
• Fix GraalVM reachability metadata generation for methods with annotated array type parameters, such as @Nullable String[]. (#3796)
• Resolve PropertiesConfiguration compatibility issues with GraalVM and address additional minor reflection-related problems. (#3800)

Commits

• bda6336 Release changelog for version 2.25.1
• 4e1bbca Update the project.build.outputTimestamp property
• 63e8932 doc: Prepare release notes for version 2.25.1
• f26e041 fix: Proof-read changelog for version 2.25.1
• 76090f8 fix: Add resource: protocol to allowed URL schemes by default (#3795)
• 21a2300 fix: Add GraalVM reachability metadata for non-plugin class instantiations (#...
• 6e2cdeb fix: Disable sharing of formatted timestamps between threads (#3802)
• 9577db6 Update com.github.luben:zstd-jni to version 1.5.7-4 (#3799)
• 28b477c Update org.junit:junit-bom to version 5.13.2 (#3782)
• acbe411 Bump com.fasterxml.jackson:jackson-bom from 2.19.0 to 2.19.1 in /log4j-parent...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)