Bump Log4j from 2.25.3 to 2.25.4

[TerryEbdon]

Fixes #100

[Copilot]

Copilot wasn't able to review any files in this pull request.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 3 package(s) with unknown licenses.

See the Details below.

License Issues

settings.gradle

Package	Version	License	Issue Type
org.apache.logging.log4j:log4j-api	2.25.4	Null	Unknown License
org.apache.logging.log4j:log4j-core	2.25.4	Null	Unknown License
org.apache.logging.log4j:log4j-jcl	2.25.4	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
maven/org.apache.logging.log4j:log4j-api	2.25.4	🟢 8.3	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 4 4 out of 9 merged PRs checked by a CI test -- score normalized to 4 CII-Best-Practices ⚠️ 2 badge detected: in_progress Code-Review ⚠️ 1 found 20 unreviewed changesets out of 23 -- score normalized to 1 Contributors 🟢 10 46 different organizations found -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) out of 30 and 17 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 no published package detected Pinned-Dependencies 🟢 10 all dependencies are pinned SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 no vulnerabilities detected
maven/org.apache.logging.log4j:log4j-core	2.25.4	🟢 8.3	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 4 4 out of 9 merged PRs checked by a CI test -- score normalized to 4 CII-Best-Practices ⚠️ 2 badge detected: in_progress Code-Review ⚠️ 1 found 20 unreviewed changesets out of 23 -- score normalized to 1 Contributors 🟢 10 46 different organizations found -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) out of 30 and 17 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 no published package detected Pinned-Dependencies 🟢 10 all dependencies are pinned SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 no vulnerabilities detected
maven/org.apache.logging.log4j:log4j-jcl	2.25.4	🟢 8.3	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests 🟢 4 4 out of 9 merged PRs checked by a CI test -- score normalized to 4 CII-Best-Practices ⚠️ 2 badge detected: in_progress Code-Review ⚠️ 1 found 20 unreviewed changesets out of 23 -- score normalized to 1 Contributors 🟢 10 46 different organizations found -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 10 license file detected Maintained 🟢 10 30 commit(s) out of 30 and 17 issue activity out of 30 found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 no published package detected Pinned-Dependencies 🟢 10 all dependencies are pinned SAST ⚠️ 2 SAST tool is not run on all commits -- score normalized to 2 Security-Policy 🟢 10 security policy file detected Signed-Releases ⚠️ -1 no releases found Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities 🟢 10 no vulnerabilities detected

Scanned Files

• settings.gradle